In this lab, you will create and interrogate resources in namespaces and view their DNS names.
The Authentication token stored in your local KUBECONFIG file expires every 10 hours. You will want to re-authenticate to the TKG Service before starting the lab to ensure you have access to the Supervisor cluster.
Run:
kubectl vsphere login --server=[vSphere Control Plane Endpoint] --tanzu-kubernetes-cluster-namespace=poc --tanzu-kubernetes-cluster-name=alphaclusterAfter successful authentication, change your Kubernetes context to the alphacluster by running:
kubectl config use-context alphaclusterNote: See the Authenticate lab for more a more detailed refresher on the procedures.
Either use the imperative command:
kubectl create namespace tigerteamor
apply the yaml file
apiVersion: v1
kind: Namespace
metadata:
name: tigerteamVerify that the namespace was created successfully by running:
kubectl get nsUse the YAML file found here to deploy nginx pods and a service.
kubectl apply -f nginx-tigerteam.yamlVerify that the pods and services were deployed correctly.
kubectl get pods -n tigerteam
kubectl get svc -n tigerteamFrom within the default namespace deploy a busybox pod and exec into the pod to a shell.
kubectl run curlpod -it --image=curlimages/curl -- shOnce you have a shell terminal see if you can resolve the app1 service.
nslookup app1.tigerteam.svc.cluster.local
See what happens when you run nslookup without specifying the namespace.
nslookup app1Now see if you can curl the nginx service in the tigerteam namespace.
kubectl run curlpod -it --image=curlimages/curl -- sh
Exit the utility pod shell by typing:
exitDelete the tigerteam pods and services.
kubectl delete -f nginx-tigerteam.yamlDelete the tigerteam namespace
kubectl delete ns tigerteamDelete the utility pod
kubectl delete pod utilityKubernetes clusters run many of the control plane components as containers. They may be hiding in one of the other namespaces. Can you find:
- The Kubernetes API Server
- The DNS Server