Forem: collabnixcommunity

Golang for Beginners

Sangam Biradar — Tue, 22 Dec 2020 10:56:55 +0000

-- TABLE OF CONTENTS --
Lets Start With First Hello world Program
Numeral Systems - Decimal
Numeral systems - binary
Numeral systems - hexadecimal
Numeral Systems Loop
Numeral Systems - UTF-8
Short variable declarations
variable with zero value
deep drive on variables
deep drive on Constants
Loop - Init, Condition, Post
Loop - Nested Loops
Loop - For Statement
Loop - Break & Continue
Generate Random number with math/crypto/rand in Go
Loop - Printing ASCII
Conditional - If Statement
Conditional - If, Else if, Else
Loop, Conditional, Modulus
Conditional - Switch Statement
Conditional - Switch Statement Documentation
Conditional Logic Operators
String Type
Bool Type
Structs
struct literal
Struct fields can be accessed through a struct pointer.
Conversion, Not Casting
Creating Your Own Type
Defer
Stacking defers
Pointers
Prefix Suffix
Conversion between array and slice
Methods
variadic function
init Function
Command Line Arguments and File I/O
interface

Support this repo by gitstart

Nitty-Gritty of AWS IAM

Sangam Biradar — Tue, 22 Dec 2020 10:48:41 +0000

Identity and Access Management (IAM)

● The key features of IAM:

Shared Access to your Account
Granular Permissions
Secure Access to AWS Resources
Identity Federation
Identity Information for Assurance
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Password Policy
Multi Factor Authentication (MFA)

● Shared access to your AWS account

Grant permission to users to access and use resources in your AWS account without sharing your password.

● Granular Permissions

Granular permissions allow different permissions to various users to manage their access to AWS, such as:

• User access to specific services

• Specific permissions for actions

• Specific access to resources

Secure Access

Securely allocate credentials that applications on EC2 instances require to access other AWS resources.

Identity Federation

● Allows users with external accounts to get temporary access to AWS resources

Identity Information

● Log, monitor, and track what users are doing with your AWS resources.

PCI DSS Compliance

● Payment Card Industry (PCI) and Data Security Standard (DSS) compliant

Multi-Factor Authentication

● Two-Factor Authorization for users and resources to ensure absolute security using MFA devices

Password Policy

● IAM allows you to define password strength and rotation policies.

IAM Policies

● A document that defines one or more permissions

● Attached to users, groups, and roles

● Written in JavaScript Object Notation (JSON)

● Selected from a pre-defined AWS list of policies, or you can create your own policy

## AWS Policies
● AWS has many predefined policies which allow you to define granular access to AWS resources.

● There are around 200 predefined policies available for you to choose from.

AdministratorAccess Policy

● AdministratorAccess policy provides full access to AWS services and resources.

AmazonEC2FullAccess Policy

● AmazonEC2FullAccess policy provides AWS Directory Service user or groups full access to the Amazon EC2 services and resources

AmazonS3ReadOnlyAccess Policy

● AmazonS3ReadOnlyAccess policy provides read-only access to all buckets using the AWS Management Console

JSON

● AWS policies are written using JavaScript Object Notation (JSON).

{
  "Version": "2012-10-17",
  "Statement": {
    "Effect": "Allow",
    "Action": "s3:listbucket",
    "Resource": "arn:aws:s3:::example_s3_bucket"
  }
}

Policy-wide information:

Version–Date this policy was created

One or more individual statements:

Effect–Allow permission

Action– 3 list bucket

Resource–Name of the S3 bucket

## IAM Users
Users are defined as the people or systems that use your AWS resources.

## Security Credentials
AWS provides numerous ways to provide secure user access to your AWS resources:

Key pairs:

• They consist of a public and private key

• A private key is used to create a digital signature

• AWS uses the corresponding public key to validate the signature

Email address and password

• They are created when you sign up to use AWS

• They are used to sign in to AWS web pages

IAM user name and password

• They allow multiple individuals or applications access to your AWS account

• Individuals use their user names and passwords to sign in

Multi-Factor Authentication (MFA)

• With AWS MFA enabled, users are prompted for a user name and password and for an authentication code from an MFA device

Access keys

• They consist of an access key and a secret access key

• They use access keys to sign programmatic requests

## IAM Groups
● AWS defines a group as a collection of users that inherit the same set of permissions.

## IAM Roles

IAM Roles are:

• Very similar to users

• Not password protected and do not require access keys

• AWS identities with permission policies that determine the access available to the identities

• Assumed by anyone who requires them

Create Individual IAM Users

• The benefits of creating individual IAM users:

• Control permissions at an individual level

• No shared accounts

• Unique credentials for everyone

• Easier to rotate credentials

• Easier to identify security breaches

Grant Least Privilege

When creating IAM policies, granting ”least privilege,” means that:

• You only grant required permissions

• It's more secure to start with minimum permissions

• It’s easier to grant permissions than revoke them

• You protect your assets

## Manage Permissions with Groups
Use permissions with groups to minimize the workload

Easy to assign new permissions

• It is easier to assign a new permission to a group than to assign it to many individual users.

Simple to reassign permissions

• It is simpler to reassign permissions if a user has a change in responsibilities.

Restrict Access with Further Conditions

• Use additional conditions such as MFA and Security Groups to ensure only the intended users get access.

## Monitor Activity in your AWS Account
AWS has several features to log user actions.

• Logs

• AWS Cloudtrail

Create a Strong Password Policy

• Ensure that all your users have strong passwords and they rotate their passwords regularly.

Use Roles for Applications that run on EC2

• IAM Roles remove the need for your developers to store or pass credentials to AWS EC2.

## Reduce or Remove Unnecessary Credentials
• To reduce the potential for misuse, run a credential report to identify users that are no longer in use and can be removed.

AWS Security Token Service (STS)

• It is a web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access Management users that you authenticate.

STS: Things To Remember

• Develop an Identity Broker to communicate with LDAP and AWS STS

• Identity Broker always authenticates with LDAP first and then AWS STS

• Application gets temporary access to AWS resources

Installing Kubernetes with on Container Linux using Kubeadm

collabnix — Tue, 22 Dec 2020 10:38:27 +0000

Installing kubeadm kubectl kubelet

Prerequisite:

Install CNI plugins (required for most pod network):

CNI_VERSION="v0.8.2"
mkdir -p /opt/cni/bin
curl -L "https://github.com/containernetworking/plugins/releases/download/${CNI_VERSION}/cni-plugins-linux-amd64-${CNI_VERSION}.tgz" | tar -C /opt/cni/bin -xz

Install crictl (required for kubeadm / Kubelet Container Runtime Interface (CRI))

CRICTL_VERSION="v1.17.0"
mkdir -p /opt/bin
curl -L "https://github.com/kubernetes-sigs/cri-tools/releases/download/${CRICTL_VERSION}/crictl-${CRICTL_VERSION}-linux-amd64.tar.gz" | tar -C /opt/bin -xz

Copy paste the below snippet one by one in your CLI terminal - This is for both Master and Worker Nodes

RELEASE="$(curl -sSL https://dl.k8s.io/release/stable.txt)"

mkdir -p /opt/bin
cd /opt/bin
curl -L --remote-name-all https://storage.googleapis.com/kubernetes-release/release/${RELEASE}/bin/linux/amd64/{kubeadm,kubelet,kubectl}
chmod +x {kubeadm,kubelet,kubectl}

RELEASE_VERSION="v0.2.7"
curl -sSL "https://raw.githubusercontent.com/kubernetes/release/${RELEASE_VERSION}/cmd/kubepkg/templates/latest/deb/kubelet/lib/systemd/system/kubelet.service" | sed "s:/usr/bin:/opt/bin:g" > /etc/systemd/system/kubelet.service
mkdir -p /etc/systemd/system/kubelet.service.d
curl -sSL "https://raw.githubusercontent.com/kubernetes/release/${RELEASE_VERSION}/cmd/kubepkg/templates/latest/deb/kubeadm/10-kubeadm.conf" | sed "s:/usr/bin:/opt/bin:g" > /etc/systemd/system/kubelet.service.d/10-kubeadm.conf

systemctl enable --now kubelet

Initializing kubeadm - This is only for Master

kubeadm init

Setting up kubeconfig - This is only for Master Node

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Copying token from kubeadmn init snippet - This you should copy from Master. This you will get from Master node only

kubeadm join <control-plane-host>:<control-plane-port> --token <token> --discovery-token-ca-cert-hash sha256:<hash>

Installing Network Plugin - This is only for Master Node

kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

Joining Worker Nodes - This is only for Worker Nodes

kubeadm join --token <token> <control-plane-host>:<control-plane-port> --discovery-token-ca-cert-hash sha256:<hash>

Note:

Please do not run Master node snippet commands on Worker Nodes.

References

Installing Kubernetes on Ubuntu 16.04+, Debian 9+ and HypriotOS v1.0.1 using Kubeadm

collabnix — Tue, 22 Dec 2020 10:34:19 +0000

Pre-requisite

Install Docker using curl -sSL https://get.docker.com/ | sh

Installing kubeadm kubectl kubelet

Copy paste the below snippet one by one in your CLI terminal - This is for both Master and Worker Nodes

sudo apt-get update && sudo apt-get install -y apt-transport-https curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
cat <<EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list
deb https://apt.kubernetes.io/ kubernetes-xenial main
EOF
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl

Initialize kubeadm - This is only for Master

kubeadm init

Setting up kubeconfig - This is only for Master Node

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Copying token from kubeadmn init snippet - This you should copy from Master. This you will get from Master node only

kubeadm join <control-plane-host>:<control-plane-port> --token <token> --discovery-token-ca-cert-hash sha256:<hash>

Installing Network Plugin - This is only for Master Node

kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

Joining Worker Nodes - This is only for Worker Nodes

kubeadm join --token <token> <control-plane-host>:<control-plane-port> --discovery-token-ca-cert-hash sha256:<hash>

Note:

Please do not run Master node snippet commands on Worker Nodes.

References

Installing Kubernetes on CentOS 7, RHEL 7 and Fedora 25+ using Kubeadm

collabnix — Tue, 22 Dec 2020 10:16:56 +0000

Installing Kubernetes with Kubeadm on CentOS 7/RHEL 7/Fedora 25+

Installing kubeadm, kubectl & kubelet

Copy paste the below snippet one by one in your CLI terminal - This is for both Master and Worker Nodes

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF

Setting up SELinux in permissive mode (effectively disabling it)

setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
systemctl enable --now kubelet

Initialize kubeadm - This is only for Master

kubeadm init

Setting up kubeconfig - This is only for Master Node

  mkdir -p $HOME/.kube
  cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  chown $(id -u):$(id -g) $HOME/.kube/config

Copy token from kubeadmn init snippet - This you should copy from Master. This you will get from Master node only

kubeadm join <control-plane-host>:<control-plane-port> --token <token> --discovery-token-ca-cert-hash sha256:<hash>

Installing Network Plugin - This is only for Master Node

kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

Join Worker Nodes - This is only for Worker Nodes

kubeadm join --token <token> <control-plane-host>:<control-plane-port> --discovery-token-ca-cert-hash sha256:<hash>

Note:

Please do not run Master node snippet commands on Worker Nodes.

References

Deploy your AWS EKS cluster with Terraform

collabnix — Tue, 22 Dec 2020 08:06:08 +0000

Amazon Elastic Kubernetes Service (Amazon EKS) is a fully managed Kubernetes service by AWS. The purpose of this tutorial is to create an EKS cluster with Terraform.

Pre-requisite:

MacOS
Get an AWS free trial account
Install Terraform v0.12.26

brew install terraform

If you’re running Terraform 0.11, I would suggest to upgrade it to 0.12 ASAP.

Install AWSCLI 2.0.17

brew install awscli

Install AWS IAM Authenticator

brew install aws-iam-authenticator

Install WGET

brew install wget

Install Kubectl

brew install kubernetes-cli

Setting up AWS IAM users for Terraform

The first thing to set up is your Terraform. We will create an AWS IAM users for Terraform.

In your AWS console, go to the IAM section and create a user named “SudoAccess”. Then add your user to a group named “SudoAccessGroup”. Attaches to this group the following rights:

AdministratorAccess
AmazonEKSClusterPolicy

After these steps, AWS will provide you a Secret Access Key and Access Key ID. Save them preciously because this will be the only time AWS gives it to you.

In your own console, create a ~/.aws/credentials file and put your credentials in it:

[default]
aws_access_key_id=***********
aws_secret_access_key=****************************

Creating Config file

cat config
[default]
region=us-east-2

Cloning the Repository

git clone https://github.com/hashicorp/learn-terraform-provision-eks-cluster

You can explore this repository by changing directories or navigating in your UI.

$ cd learn-terraform-provision-eks-cluster

In here, you will find six files used to provision a VPC, security groups and an EKS cluster. The final product should be similar to this:

vpc.tf provisions a VPC, subnets and availability zones using the AWS VPC Module. A new VPC is created for this guide so it doesn’t impact your existing cloud environment and resources.
security-groups.tf provisions the security groups used by the EKS cluster.
eks-cluster.tf provisions all the resources (AutoScaling Groups, etc…) required to set up an EKS cluster in the private subnets and bastion servers to access the cluster using the AWS EKS Module.
On line 14, the AutoScaling group configuration contains three nodes.
outputs.tf defines the output configuration.
versions.tf sets the Terraform version to at least 0.12. It also sets versions for the providers used in this sample.

Initialize Terraform workspace

[Captains-Bay]? >  terraform init
Initializing modules...
Downloading terraform-aws-modules/eks/aws 12.0.0 for eks...
- eks in .terraform/modules/eks/terraform-aws-eks-12.0.0
- eks.node_groups in .terraform/modules/eks/terraform-aws-eks-12.0.0/modules/node_groups
Downloading terraform-aws-modules/vpc/aws 2.6.0 for vpc...
- vpc in .terraform/modules/vpc/terraform-aws-vpc-2.6.0

Initializing the backend...

Initializing provider plugins...
- Checking for available provider plugins...
- Downloading plugin for provider "random" (hashicorp/random) 2.2.1...
- Downloading plugin for provider "local" (hashicorp/local) 1.4.0...
- Downloading plugin for provider "null" (hashicorp/null) 2.1.2...
- Downloading plugin for provider "kubernetes" (hashicorp/kubernetes) 1.11.3...
- Downloading plugin for provider "template" (hashicorp/template) 2.1.2...
- Downloading plugin for provider "aws" (hashicorp/aws) 2.64.0...

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
[Captains-Bay]? >
Apply complete! Resources: 51 added, 0 changed, 0 destroyed.

Outputs:

cluster_endpoint = https://83AEAE7D9A99A68DFA4162E18F4AD470.gr7.us-east-2.eks.amazonaws.com
cluster_name = training-eks-9Vir2IUu
cluster_security_group_id = sg-000e8af737c088047
kubectl_config = apiVersion: v1
preferences: {}
kind: Config

clusters:
- cluster:
    server: https://83AEAE7D9A99A68DFA4162E18F4AD470.gr7.us-east-2.eks.amazonaws.com
    certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01EVXpNVEpNWkFneVVBS1hma1pQV2d4OXBWdWFOMHkzeE02ZTdTaUtYNFpTNmhFQzcyK1hrK29Na2tsSlFlQ0J3TT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
  name: eks_training-eks-9Vir2IUu

contexts:
- context:
    cluster: eks_training-eks-9Vir2IUu
    user: eks_training-eks-9Vir2IUu
  name: eks_training-eks-9Vir2IUu

current-context: eks_training-eks-9Vir2IUu

users:
- name: eks_training-eks-9Vir2IUu
  user:
    exec:
      apiVersion: client.authentication.k8s.io/v1alpha1
      command: aws-iam-authenticator
      args:
        - "token"
        - "-i"
        - "training-eks-9Vir2IUu"
region = us-east-2

Configure kubectl

Now that you’ve provisioned your EKS cluster, you need to configure kubectl. Customize the following command with your cluster name and region, the values from Terraform’s output. It will get the access credentials for your cluster and automatically configure kubectl.

aws eks --region us-east-2 update-kubeconfig --name training-eks-9Vir2IUu
Added new context arn:aws:eks:us-east-2:125346028423:cluster/training-eks-9Vir2IUu to /Users/ajeetraina/.kube/

Troubleshooting:

If you are facing the below error message while running terraform init:

[Captains-Bay]? >  terraform validate

Error: Error parsing /Users/ajeetraina/.aws/learn-terraform-provision-eks-cluster/eks-cluster.tf: At 3:18: Unknown token: 3:18 IDENT local.cluster_name

Then to fix it , you need to update your Terraform version by running

brew upgrade terraform

MULTIPASS + MICROK8 + Grafana On MACOSX

Sangam Biradar — Tue, 19 Feb 2019 00:00:00 +0000

MULTIPASS + MICROK8 + Grafana On MACOSX

Multipass is a system that orchestrates the creation, management and maintenance of Virtual Machines and associated Ubuntu images to simplify development. MicroK8s is a local deployment of Kubernetes. Let’s skip all the technical details and just accept that Kubernetes does not run natively on MacOS or Windows. You may be thinking “I have seen Kubernetes running on a MacOS laptop, what kind of sorcery was that?” It’s simple, Kubernetes is running inside a VM. You might not see the VM or it might not even be a full blown virtual system but some level of virtualisation is there. This is exactly what we will show here.

Under this tutorial, we will setup a VM using Multipass and will showcase how to install MicroK8s. After the installation we will discuss how to build appalication stack using K8s. Let’s get started:

Download Multipass VM https://github.com/CanonicalLtd/multipass/releases

A multipass VM on MacOS

Biradars-MacBook-Air:~ sangam$ multipass launch --name microk8s-vm --mem 4G --disk 40G
Launched: microk8s-vm                                                           
Biradars-MacBook-Air:~ sangam$ multipass exec microk8s-vm -- sudo snap install microk8s --classic
multipass exec microk8s-vm -- sudo iptables -P FORWARD ACCEPT
2019-02-19T18:13:52+05:30 INFO Waiting for restart...
microk8s v1.13.2 from Canonical✓ installed

Make sure you reserve enough resources to host your deployments; above, we got 4GB of RAM and 40GB of hard disk. We also make sure packets to/from the pod network interface can be forwarded to/from the default interface.

Our VM has an IP that you can check with:

Biradars-MacBook-Air:~ sangam$ multipass list
Name State IPv4 Release
microk8s-vm RUNNING 192.168.64.3 Ubuntu 18.04 LTS

Take a note of this IP since our services will become available there. Other multipass commands you may find handy:

Get a shell inside the VM:

Biradars-MacBook-Air:~ sangam$ multipass shell microk8s-vm
Welcome to Ubuntu 18.04.2 LTS (GNU/Linux 4.15.0-45-generic x86_64)

 * Documentation: https://help.ubuntu.com
 * Management: https://landscape.canonical.com
 * Support: https://ubuntu.com/advantage

 System information disabled due to load higher than 1.0

  Get cloud support with Ubuntu Advantage Cloud Guest:
    http://www.ubuntu.com/business/services/cloud

7 packages can be updated.
7 updates are security updates.

Last login: Tue Feb 19 18:11:11 2019 from 192.168.64.1

install kubect

sudo snap install kubectl --classic

multipass@microk8s-vm:~$ kubectl version
Client Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.3", GitCommit:"721bfa751924da8d1680787490c54b9179b1fed0", GitTreeState:"clean", BuildDate:"2019-02-01T20:08:12Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.2", GitCommit:"cff46ab41ff0bb44d8584413b598ad8360ec1def", GitTreeState:"clean", BuildDate:"2019-01-10T23:28:14Z", GoVersion:"go1.11.4", Compiler:"gc", Platform:"linux/amd64"}

check k8 microk8

multipass@microk8s-vm:~$ microk8s.kubectl get nodes
NAME STATUS ROLES AGE VERSION
microk8s-vm Ready <none> 13m v1.13.2

check cluster

multipass@microk8s-vm:~$ microk8s.kubectl get services
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 15m

Enable microk8 dashboard

multipass@microk8s-vm:~$ microk8s.enable dns dashboard
Enabling DNS
Applying manifest
service/kube-dns created
serviceaccount/kube-dns created
configmap/kube-dns created
deployment.extensions/kube-dns created
Restarting kubelet
DNS is enabled
Enabling dashboard
secret/kubernetes-dashboard-certs created
serviceaccount/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/kubernetes-dashboard created
service/monitoring-grafana created
service/monitoring-influxdb created
service/heapster created
deployment.extensions/monitoring-influxdb-grafana-v4 created
serviceaccount/heapster created
configmap/heapster-config created
configmap/eventer-config created
deployment.extensions/heapster-v1.5.2 created
dashboard enabled
multipass@microk8s-vm:~$

Deployment

Deploying a nginx service is what you would expect, with the addition of the Microk8s prefix

multipass@microk8s-vm:~$ microk8s.kubectl run nginx --image nginx --replicas 3
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead.
deployment.apps/nginx created
 --selector=run=nginx --name nginxkubectl expose deployment nginx --port 80 --target-port 80 --type ClusterIP\ 
The Service "nginx" is invalid: spec.type: Unsupported value: "ClusterIP --selector=run=nginx": supported values: "ClusterIP", "ExternalName", "LoadBalancer", "NodePort"
multipass@microk8s-vm:~$

get all pod and services details

multipass@microk8s-vm:~$ microk8s.kubectl get all
NAME READY STATUS RESTARTS AGE
pod/nginx-7cdbd8cdc9-cgksg 1/1 Running 0 2m41s
pod/nginx-7cdbd8cdc9-msq5w 1/1 Running 0 2m41s
pod/nginx-7cdbd8cdc9-sbqll 1/1 Running 0 2m41s

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 22m

NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/nginx 3/3 3 3 2m41s

NAME DESIRED CURRENT READY AGE
replicaset.apps/nginx-7cdbd8cdc9 3 3 3 2m41s
multipass@microk8s-vm:~$

multipass@microk8s-vm:~$ kubectl --kubeconfig=kubeconfig get all --all-namespaces
NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 11m

You can verify that all services are up and running with the following command:

multipass@microk8s-vm:~$ microk8s.kubectl get all --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
default pod/nginx-7cdbd8cdc9-cgksg 1/1 Running 0 7m19s
default pod/nginx-7cdbd8cdc9-msq5w 1/1 Running 0 7m19s
default pod/nginx-7cdbd8cdc9-sbqll 1/1 Running 0 7m19s
kube-system pod/heapster-v1.5.2-64874f6bc6-tgx96 4/4 Running 0 7m32s
kube-system pod/kube-dns-6ccd496668-n64pw 3/3 Running 0 10m
kube-system pod/kubernetes-dashboard-654cfb4879-98h29 1/1 Running 0 10m
kube-system pod/monitoring-influxdb-grafana-v4-6679c46745-tbrbg 2/2 Running 0 10m

NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 27m
kube-system service/heapster ClusterIP 10.152.183.77 <none> 80/TCP 10m
kube-system service/kube-dns ClusterIP 10.152.183.10 <none> 53/UDP,53/TCP 10m
kube-system service/kubernetes-dashboard ClusterIP 10.152.183.171 <none> 443/TCP 10m
kube-system service/monitoring-grafana ClusterIP 10.152.183.127 <none> 80/TCP 10m
kube-system service/monitoring-influxdb ClusterIP 10.152.183.216 <none> 8083/TCP,8086/TCP 10m

NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE
default deployment.apps/nginx 3/3 3 3 7m19s
kube-system deployment.apps/heapster-v1.5.2 1/1 1 1 10m
kube-system deployment.apps/kube-dns 1/1 1 1 10m
kube-system deployment.apps/kubernetes-dashboard 1/1 1 1 10m
kube-system deployment.apps/monitoring-influxdb-grafana-v4 1/1 1 1 10m

NAMESPACE NAME DESIRED CURRENT READY AGE
default replicaset.apps/nginx-7cdbd8cdc9 3 3 3 7m19s
kube-system replicaset.apps/heapster-v1.5.2-56c546dbb8 0 0 0 7m47s
kube-system replicaset.apps/heapster-v1.5.2-64874f6bc6 1 1 1 7m32s
kube-system replicaset.apps/heapster-v1.5.2-6bc7c4965d 0 0 0 10m
kube-system replicaset.apps/kube-dns-6ccd496668 1 1 1 10m
kube-system replicaset.apps/kubernetes-dashboard-654cfb4879 1 1 1 10m
kube-system replicaset.apps/monitoring-influxdb-grafana-v4-6679c46745 1 1 1 10m

get cluster info

multipass@microk8s-vm:~$ microk8s.kubectl cluster-info
Kubernetes master is running at http://127.0.0.1:8080
Heapster is running at http://127.0.0.1:8080/api/v1/namespaces/kube-system/services/heapster/proxy
KubeDNS is running at http://127.0.0.1:8080/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Grafana is running at http://127.0.0.1:8080/api/v1/namespaces/kube-system/services/monitoring-grafana/proxy
InfluxDB is running at http://127.0.0.1:8080/api/v1/namespaces/kube-system/services/monitoring-influxdb:http/proxy

# find ip of your vm and replace with your monitoring servives
Kubernetes master is running at http://192.168.64.3:8080
Heapster is running at http://192.168.64.3:8080/api/v1/namespaces/kube-system/services/heapster/proxy
KubeDNS is running at http://192.168.64.3:8080/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Grafana is running at http://192.168.64.3:8080/api/v1/namespaces/kube-system/services/monitoring-grafana/proxy
InfluxDB is running at http://192.168.64.3:8080/api/v1/namespaces/kube-system/services/monitoring-influxdb:http/proxy