updated eks demos

JaimeSalas · JaimeSalas · commit f84c2ee187d0 · 2022-01-16T17:51:09.000+01:00
diff --git a/04-cloud/01-eks/02-launching-cluster-eks/readme.md b/04-cloud/01-eks/02-launching-cluster-eks/readme.md
@@ -2,7 +2,7 @@
 
 ## Introduction
 
-The official CLI to launch a cluster is `eksctl`, this is a tool develop by weavworks on conjuntion of AWS team. The goal of this tool is to build an `EKS cluster` much easier. If we thing the things that we have to do to build a cluster, we have to create VPC, provision subnets (multiples of them), set up routing in your VPC, then you con go to the control plane on the console and launch the cluster. All the infrastructure could be done using `CloudFormation`, but still being a lot of work.
+The official CLI to launch a cluster is `eksctl`, this is a tool develop by weavworks on conjuntion of AWS team. The goal of this tool is to build an `EKS cluster` much easier. If we thing the things that we have to do to build a cluster, we have to create VPC, provision subnets (multiples of them), set up routing in your VPC, then you can go to the control plane on the console and launch the cluster. All the infrastructure could be done using `CloudFormation`, but still being a lot of work.
 
 We can build the cluster from `EKS Cluster console`, all the choices expose there can be done with `eksctl`
 
@@ -15,13 +15,13 @@ aws sts get-caller-identity
 ## Create EC2 Key
 
 ```bash
-$ aws ec2 create-key-pair --key-name EksKeyPair --query 'KeyMaterial' --output text > EksKeyPair.pem
+aws ec2 create-key-pair --key-name EksKeyPair --query 'KeyMaterial' --output text > EksKeyPair.pem
 ```
 
 Modify permissions over the private key to avoid future warnings
 
 ```bash
-$ chmod 400 EksKeyPair.pem
+chmod 400 EksKeyPair.pem
 ``` 
 
 With this new private key we can go ahead and generate a public one, that's the key that will be upload into the node (EC2 instance). If we provide this key, and we have the private one, we can connect to the remote instance.
@@ -39,7 +39,7 @@ kind: ClusterConfig
 metadata:
   name: lc-cluster
   region: eu-west-3
-  version: "1.18"
+  version: "1.21"
 
 iam:
   withOIDC: true
@@ -58,7 +58,7 @@ managedNodeGroups:
 ```bash
 eksctl create cluster \
 --name lc-cluster \
---version 1.18 \
+--version 1.21 \
 --region eu-west-3 \
 --nodegroup-name lc-nodes \
 --node-type t2.small \
@@ -104,7 +104,7 @@ managedNodeGroups: # [5]
 2. The AZ where the cluster is going to be deplyed
 3. The Kuberntes version that we're going to use, if we let it empty, will use the last stable for `AWS`
 4. enables the IAM OIDC provider as well as IRSA for the Amazon CNI plugin
-5. `managedNodeGroups` are a way for the `eks service` to actually provision your data plane on your behalf so normally if you think about the of a container orchestrator it's jsut orchestarte containers on your compute so we're starting to see expansion of that role a little bit so now instead of you bringing your own compute and you having to manage patching it, updating it, rolling in new versions of it and all that day to day stuff, it's possible to be managed by AWS, this is what `managedNodeGroup` does. AWS provides the AMI and provisioning into your account on your behalf.
+5. [`managedNodeGroups`](https://eksctl.io/usage/eks-managed-nodes/) are a way for the `eks service` to actually provision your data plane on your behalf so normally if you think about the of a container orchestrator it's jsut orchestarte containers on your compute so we're starting to see expansion of that role a little bit so now instead of you bringing your own compute and you having to manage patching it, updating it, rolling in new versions of it and all that day to day stuff, it's possible to be managed by AWS, this is what `managedNodeGroup` does. AWS provides the AMI and provisioning into your account on your behalf.
 6. The name of the group of nodes
 7. The instance type that we're running. We're usding the free tier
 8. The number of nodes that we want to have on the node group
@@ -115,10 +115,16 @@ managedNodeGroups: # [5]
 
 ## Launching the Cluster
 
+Before launchin the cluster we can use the `dry-run` feature, this will allow us to inspect and change the instances matched by the instance selector before proceeding to creating a nodegroup. If we run `eksctl create cluster <options> --dry-run`, `eksctl` will output a ClusterConfig file containing a nodegroup representing the CLI options and the instance types set to the instances matched by the instance selector resource criteria.
+
+```bash
+eksctl create cluster -f demos.yml --dry-run
+```
+
 Now we're ready to launch the cluster
 
 ```bash
-$ eksctl create cluster -f demos.yml
+eksctl create cluster -f demos.yml
 ``` 
 
 ## Test the cluster
@@ -127,4 +133,6 @@ Now we can test that our cluster is up and running.
 
 ```bash
 $ kubectl get nodes
-```
+```
+
+> `eksctl` has edit `./kube/config` to make `kubectl` point to the new created cluster.
diff --git a/04-cloud/01-eks/04-deploy-solution/readme.md b/04-cloud/01-eks/04-deploy-solution/readme.md
@@ -117,9 +117,9 @@ spec:
 Let's start by bringing up `lc-age-service` Backend API
 
 ```bash
-$ cd lc-age-service
-$ kubectl apply -f kubernetes/deployment.yaml
-$ kubectl apply -f kubernetes/service.yaml
+cd lc-age-service
+kubectl apply -f kubernetes/deployment.yaml
+kubectl apply -f kubernetes/service.yaml
 ``` 
 
 We can check the progress by looking at the deployment status:
@@ -133,9 +133,9 @@ kubectl get deployemnt lc-age-service
 Let's continue by bringing up `lc-name-service`  Backend API
 
 ```bash
-$ cd lc-name-service
-$ kubectl apply -f kubernetes/deployment.yaml
-$ kubectl apply -f kubernetes/service.yaml
+cd lc-name-service
+kubectl apply -f kubernetes/deployment.yaml
+kubectl apply -f kubernetes/service.yaml
 ``` 
 
 We can check the progress by looking at the deployment status:
@@ -152,15 +152,15 @@ Create `lc-front/kubernetes/deployment.yaml`
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: jaimesalas/lc-front
+  name: lc-front
   labels:
-    app: jaimesalas/lc-front
+    app: lc-front
   namespace: default
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: jaimesalas/lc-front
+      app: lc-front
   strategy:
     rollingUpdate:
       maxSurge: 25%
@@ -169,12 +169,12 @@ spec:
   template:
     metadata:
       labels:
-        app: jaimesalas/lc-front
+        app: lc-front
     spec:
       containers:
         - image: jaimesalas/lc-front:latest
           imagePullPolicy: Always
-          name: jaimesalas/lc-front
+          name: lc-front
           ports:
             - containerPort: 3000
               protocol: TCP
@@ -233,7 +233,7 @@ In AWS accounts that have never created a load balancer before, it’s possible
 We can check for the role, and create it if it’s missing.
 
 ```bash
-$ aws iam get-role --role-name "AWSServiceRoleForElasticLoadBalancing" || aws iam create-service-linked-role --aws-service-name "elasticloadbalancing.amazonaws.com"
+aws iam get-role --role-name "AWSServiceRoleForElasticLoadBalancing" || aws iam create-service-linked-role --aws-service-name "elasticloadbalancing.amazonaws.com"
 ```
 
 ## Ingress different options
diff --git a/04-cloud/01-eks/06-autoscalling-our-applications/01-scale-an-application-with-HPA.md b/04-cloud/01-eks/06-autoscalling-our-applications/01-scale-an-application-with-HPA.md
@@ -75,10 +75,10 @@ $ kubectl get hpa
 **Open a new terminal**
 
 ```bash
-$ kubectl --generator=run-pod/v1 run -i --tty load-generator --image=busybox /bin/sh
-
+kubectl run -it --rm --restart=Never busybox --image=gcr.io/google-containers/busybox sh
 ```
 
+
 > Reference: https://medium.com/better-programming/kubernetes-tips-create-pods-with-imperative-commands-in-1-18-62ea6e1ceb32
 
 Execute a while loop to continue getting http://php-cache
diff --git a/04-cloud/01-eks/06-autoscalling-our-applications/02-cluster-auto-scaler/00-configure-cluster-autoscaler.md b/04-cloud/01-eks/06-autoscalling-our-applications/02-cluster-auto-scaler/00-configure-cluster-autoscaler.md
@@ -31,16 +31,20 @@ Now we increase the maximum capacity to 5 instances
 
 ```bash
 # we need the ASG name
-$ export ASG_NAME=$(aws autoscaling describe-auto-scaling-groups --query "AutoScalingGroups[? Tags[? (Key=='eks:cluster-name') && Value=='lc-cluster']].AutoScalingGroupName" --output text)
+export ASG_NAME=$(aws autoscaling describe-auto-scaling-groups --query "AutoScalingGroups[? Tags[? (Key=='eks:cluster-name') && Value=='lc-cluster']].AutoScalingGroupName" --output text)
+```
 
+```bash
 # increase max capacity up to 5
-$ aws autoscaling \
+aws autoscaling \
     update-auto-scaling-group \
     --auto-scaling-group-name ${ASG_NAME} \
     --min-size 1 \
     --desired-capacity 3 \
     --max-size 5
+```
 
+```bash
 # Check new values
 $ aws autoscaling \
     describe-auto-scaling-groups \
@@ -60,19 +64,24 @@ With IAM roles for service accounts on Amazon EKS clusters, you can associate an
 Enabling IAM roles for service accounts on your cluster
 
 ```bash
-$ eksctl utils associate-iam-oidc-provider \
+eksctl utils associate-iam-oidc-provider \
     --cluster lc-cluster \
     --approve
 
 ```
 
 Creating an IAM policy for your service account that will allow your CA pod to interact with the autoscaling groups.
 
+file://~/Documents/lemoncode/bootcamp-devops-lemoncode/04-cloud/01-eks/06-autoscalling-our-applications/02-cluster-auto-scaler/cluster-autoscaler/k8s-asg-policy.json
+
 ```bash
-$ aws iam create-policy   \
+aws iam create-policy   \
   --policy-name k8s-asg-policy \
-  --policy-document file://~/Documents/paths/kubernetes/01_eks_workshop/05_autoscalling_our_applications_and_clusters/cluster-autoscaler/k8s-asg-policy.json
+  --policy-document file://~/Documents/lemoncode/bootcamp-devops-lemoncode/04-cloud/01-eks/06-autoscalling-our-applications/02-cluster-auto-scaler/cluster-autoscaler/k8s-asg-policy.json
+```
 
+```bash
+# output
 {
     "Policy": {
         "PolicyName": "k8s-asg-policy",
@@ -94,14 +103,17 @@ Finally, create an IAM role for the cluster-autoscaler Service Account in the ku
 > Note: Grab the account id from the previous output
 
 ```bash
-$ eksctl create iamserviceaccount \
+eksctl create iamserviceaccount \
     --name cluster-autoscaler \
     --namespace kube-system \
     --cluster lc-cluster \
     --attach-policy-arn "arn:aws:iam::${ACCOUNT_ID}:policy/k8s-asg-policy" \
     --approve \
     --override-existing-serviceaccounts
+```
 
+```bash
+# output
 [ℹ]  eksctl version 0.32.0
 [ℹ]  using region eu-west-3
 [ℹ]  1 existing iamserviceaccount(s) (kube-system/aws-node) will be excluded
@@ -119,14 +131,14 @@ $ eksctl create iamserviceaccount \
 Deploy the Cluster Autoscaler to your cluster with the following command.
 
 ```bash
-$ kubectl apply -f ./05_autoscalling_our_applications_and_clusters/cluster-autoscaler/autodiscover.yaml
+kubectl apply -f ./06-autoscalling-our-applications/02-cluster-auto-scaler/cluster-autoscaler/autodiscover.yaml
 
 ```
 
 To prevent CA from removing nodes where its own pod is running, we will add the `cluster-autoscaler.kubernetes.io/safe-to-evict` annotation to its deployment with the following command
 
 ```bash
-$ kubectl -n kube-system \
+kubectl -n kube-system \
     annotate deployment.apps/cluster-autoscaler \
     cluster-autoscaler.kubernetes.io/safe-to-evict="false"
 
@@ -136,10 +148,10 @@ Finally let's update the autoscaler image
 
 ```bash
 # we need to retrieve the latest docker image available for our EKS version
-$ export K8S_VERSION=$(kubectl version --short | grep 'Server Version:' | sed 's/[^0-9.]*\([0-9.]*\).*/\1/' | cut -d. -f1,2)
-$ export AUTOSCALER_VERSION=$(curl -s "https://api.github.com/repos/kubernetes/autoscaler/releases" | grep '"tag_name":' | sed -s 's/.*-\([0-9][0-9\.]*\).*/\1/' | grep -m1 ${K8S_VERSION})
+export K8S_VERSION=$(kubectl version --short | grep 'Server Version:' | sed 's/[^0-9.]*\([0-9.]*\).*/\1/' | cut -d. -f1,2)
+export AUTOSCALER_VERSION=$(curl -s "https://api.github.com/repos/kubernetes/autoscaler/releases" | grep '"tag_name":' | sed -s 's/.*-\([0-9][0-9\.]*\).*/\1/' | grep -m1 ${K8S_VERSION})
 
-$ kubectl -n kube-system \
+kubectl -n kube-system \
     set image deployment.apps/cluster-autoscaler \
     cluster-autoscaler=us.gcr.io/k8s-artifacts-prod/autoscaling/cluster-autoscaler:v${AUTOSCALER_VERSION}
 
@@ -148,7 +160,7 @@ $ kubectl -n kube-system \
 Watch the logs
 
 ```bash
-$ kubectl -n kube-system logs -f deployment/cluster-autoscaler
+kubectl -n kube-system logs -f deployment/cluster-autoscaler
 
 ```
 
diff --git a/04-cloud/01-eks/06-autoscalling-our-applications/02-cluster-auto-scaler/01-scale-cluster-with-CA.md b/04-cloud/01-eks/06-autoscalling-our-applications/02-cluster-auto-scaler/01-scale-cluster-with-CA.md
@@ -38,8 +38,8 @@ spec:
 Execute
 
 ```bash
-$ kubectl apply -f  ./05_autoscalling_our_applications_and_clusters/sample-app/nginx.yaml
-$ kubectl get deployment/nginx-to-scaleout
+kubectl apply -f  ./06-autoscalling-our-applications/02-cluster-auto-scaler/sample-app/nginx.yaml
+kubectl get deployment/nginx-to-scaleout
 
 NAME                READY   UP-TO-DATE   AVAILABLE   AGE
 nginx-to-scaleout   1/1     1            1           45s
@@ -50,15 +50,14 @@ nginx-to-scaleout   1/1     1            1           45s
 Let's scale out the replpicaset to 10
 
 ```bash
-$ kubectl scale --replicas=10 deployment/nginx-to-scaleout
+kubectl scale --replicas=10 deployment/nginx-to-scaleout
 
 ```
 
 Some pods will be in the `Pending` state, which triggers the cluster-autoscaler to scale out the EC2 fleet.
 
 ```bash
-$ kubectl get pods -l app=nginx -o wide --watch
-
+kubectl get pods -l app=nginx -o wide --watch
 ```
 
 View the cluster-autoscaler logs
@@ -83,41 +82,41 @@ ip-192-168-72-123.eu-west-3.compute.internal   Ready    <none>   100s   v1.18.9-
 ## Cleanup Scaling
 
 ```bash
-$ kubectl delete -f ./05_autoscalling_our_applications_and_clusters/sample-app/nginx.yaml
+kubectl delete -f ./06-autoscalling-our-applications/02-cluster-auto-scaler/sample-app/nginx.yaml
 
-$ kubectl delete -f ./05_autoscalling_our_applications_and_clusters/cluster-autoscaler/autodiscover.yaml
+kubectl delete -f ./06-autoscalling-our-applications/02-cluster-auto-scaler/cluster-autoscaler/autodiscover.yaml
 
-$ eksctl delete iamserviceaccount \
+eksctl delete iamserviceaccount \
   --name cluster-autoscaler \
   --namespace kube-system \
   --cluster lc-cluster \
   --wait
 
-$ aws iam delete-policy \
+aws iam delete-policy \
   --policy-arn arn:aws:iam::${ACCOUNT_ID}:policy/k8s-asg-policy
 
-$ export ASG_NAME=$(aws autoscaling describe-auto-scaling-groups --query "AutoScalingGroups[? Tags[? (Key=='eks:cluster-name') && Value=='lc-cluster']].AutoScalingGroupName" --output text)
+export ASG_NAME=$(aws autoscaling describe-auto-scaling-groups --query "AutoScalingGroups[? Tags[? (Key=='eks:cluster-name') && Value=='lc-cluster']].AutoScalingGroupName" --output text)
 
-$ aws autoscaling \
+aws autoscaling \
   update-auto-scaling-group \
   --auto-scaling-group-name ${ASG_NAME} \
   --min-size 1 \
   --desired-capacity 3 \
   --max-size 4
 
-$ kubectl delete hpa,svc php-apache
+kubectl delete hpa,svc php-apache
 
-$ kubectl delete deployment php-apache
+kubectl delete deployment php-apache
 
-$ kubectl delete pod load-generator
+kubectl delete pod load-generator
 
-$ helm -n metrics uninstall metrics-server
+helm -n metrics uninstall metrics-server
 
-$ kubectl delete ns metrics
+kubectl delete ns metrics
 
-$ helm uninstall kube-ops-view
+helm uninstall kube-ops-view
 
-$ unset ASG_NAME
-$ unset AUTOSCALER_VERSION
-$ unset K8S_VERSION
+unset ASG_NAME
+unset AUTOSCALER_VERSION
+unset K8S_VERSION
 ```
diff --git a/04-cloud/01-eks/07-exposing-service/fruits.ingress.yml b/04-cloud/01-eks/07-exposing-service/fruits.ingress.yml
diff --git a/04-cloud/01-eks/07-exposing-service/readme.md b/04-cloud/01-eks/07-exposing-service/readme.md
