HorizontalAutoScaler in OpenShift/k8s

 1. HorizontalAutoScaler in OpenShift/k8s, 

Declerative:

apiVersion: autoscaling/v1

  kind: HorizontalPodAutoscaler

  metadata:

   name: php-apache

   namespace: hpa-test

  spec:

   scaleTargetRef:

     apiVersion: apps/v1

     kind: Deployment

     name: php-apache

   minReplicas: 1

   maxReplicas: 10

   targetCPUUtilizationPercentage: 50

kubectl command: kubectl -n hpa-test autoscale deployment php-apache --cpu-percent=50 --min=1 --max=5

2. Ingress Controller

- An ingress controller acts as a reverse proxy and load balancer. It implements a Kubernetes Ingress. The ingress controller adds a layer of abstraction to traffic routing, accepting traffic from outside the Kubernetes platform and load balancing it to Pods running inside the platform.

- Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster

3. Private endpoint. 

- A private endpoint is a network interface that uses a private IP address from your virtual network. This network interface connects you privately and securely to a service that's powered by Azure Private Link. By enabling a private endpoint, you're bringing the service into your virtual network

CDIR:

Classless or Classless Inter-Domain Routing (CIDR) addresses use variable length subnet masking (VLSM) to alter the ratio between the network and host address bits in an IP address. A subnet mask is a set of identifiers that returns the network address’s value from the IP address by turning the host address into zeroes. 

Redhat Openshift

What are openshift operators?

Red Hat OpenShift Operators automate the creation, configuration, and management of instances of Kubernetes-native applications. Operators provide automation at every level of the stack—from managing the parts that make up the platform all the way to applications that are provided as a managed service.

What is Secret Store CSI?

CSI - Container Storage Interface

The Kubernetes Secret Store CSI is a storage driver that allows you to mount secrets from external secret management systems like HashiCorp Vault and AWS Secrets. It comes in two parts, the Secret Store CSI, and a Secret provider driver

What is configmap?

ConfigMap is similar to secrets, but designed to more conveniently support working with strings that do not contain sensitive information

The ConfigMap API object holds key-value pairs of configuration data that can be consumed in pods or used to store configuration data for system components such as controllers

How to create ConfigMap ?

oc create configmap my-key-vals --from-literal db-user=user1 db-password=db-password1

OR from yaml

------------------------------

apiVersion: v1

kind: ConfigMap

metadata:

  name: env-config

  namespace: my-project

data:

  db-user: user1

  db-password: db-password1

------------------------------

How do pods consume envs?

apiVersion: v1

kind: Pod

metadata:

  name: my-project

spec:

  containers:

    - name: test-container

      image: gcr.io/google_containers/busybox

      command: [ "/bin/sh", "-c", "env" ]

      env: 

        - name: DB-USER

          valueFrom:

            configMapKeyRef:

              name: env-config

              key: db-user

        - name: DB-PASSWORD

          valueFrom:

            configMapKeyRef:

              name: env-config

              key: db-password

  restartPolicy: Never

What is difference between Deployments and DeploymentConfig?

DeploymentConfig objects prefer consistency, whereas Deployments objects take availability over consistency. For DeploymentConfig objects, if a node running a deployer pod goes down, it will not get replaced. The process waits until the node comes back online or is manually deleted.