From these resources: You will create the following Manifests (resource defilitions) : The most common Kubernetes Resources: PersistentVolumes(and PVCs): ConfigMaps: StatefulSets: Secrets: Deployments: Services: Ingress(Exposing services):

You will need to disable the firewall by running this command sudo systemctl disable firewalld --now There are 3 types on K3S installations you can do A K3S Single Node (server) Installation A K3S Master and three Worker Nodes(servers) Installation A K3S HA (High Availability Cluster) three Master and three Worker Nodes(servers) installation The K3S Single Node (server) Installation This article gives you the instructions to do that The K3S Master and three Worker Nodes(servers) Installation This is a youTube video with unique way of doing this

These are some of JAMLs we need to provide to manage the deployment of Applications in Kubernetes (K3S) For the Deployment: deployment.yaml This is used to inform kubernetes how to deploy the application and what version of the app to deploy and how many instances(replicas) of the application to deploy. For the Applications Configuration: configmap.yaml This is used to keep your applications configuration. For the provisioning of Storage: persistentvolume.yaml When we need storage for the application we would use a persistentVolume and create this yaml file to tell Kubernetes how to provision the required storage facilities.

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-using_firewalls https://www.thegeekdiary.com/5-useful-examples-of-firewall-cmd-command/ https://docs.ranchermanager.rancher.io/v2.5/getting-started/installation-and-upgrade/advanced-options/advanced-use-cases/open-ports-with-firewalld sudo firewall-cmd --state The command-line tool firewall-cmd is part of the firewalld application yum install -y firewalld dnf install -y firewalld systemctl enable firewalld systemctl restart firewalld firewall commands firewall-cmd --help firewall-cmd --list-all-zones firewall-cmd --list-services firewall-cmd --list-ports To Enable all the incoming ports for a service firewall-cmd --zone=public --add-service=http Allow traffic on an incoming port The command below will open the port 2222 effective immediately, but will not persist across reboots: firewall-cmd --add-port=[YOUR PORT]/tcp For example, to open TCP port 2222 : firewall-cmd --add-port=2222/tcp 2379 and 6443 firewall-cmd --add-port=2379/tcp firewall-cmd --add-port=6443/tcp firewall-cmd --list-ports For etcd nodes, run the following commands:

1. Install Helm Find the latest release of Helm https://github.com/helm/helm/releases This is currently the latest release: https://get.helm.sh/helm-v3.10.3-linux-amd64.tar.gz *Download this release: \ wget https://get.helm.sh/helm-v3.10.3-linux-amd64.tar.gz Extract the Helm archive: \ tar xvf helm-v3.10.3-linux-amd64.tar.gz Move the extracted file to /usr/local/bin/ \ sudo su - mv linux-amd64/helm /usr/local/bin 2. Finding a Helm Chart in the Repository You can search for Helm Charts here: https://artifacthub.io/packages/search Searching for zookeeper brings you here: https://artifacthub.io/packages/helm/bitnami/zookeeper This one uses the Bitnami Repo Maintained by (Novel) VMware

We are going to deploy the Nginx webserver in K3S Kubernetes Cluster Before we can deploy Nginx we need to create a Namespace A Namespace is a mechanism for isolating the deployment on one application in a Kubernetes Cluster from another application run this command kubectl create namespace nginx 1. Deploying a Service NGINX instances are being deployed to the cluster with the following manifest 1.1 Create Deployment YAML Create deployment yaml file

Helm is available in Github: https://github.com/helm/helm To find the letest Stable release of Helm: https://github.com/helm/helm/releases We need a later release than 3.5 https://get.helm.sh/helm-v3.11.1-linux-amd64.tar.gz 1. To install Helm on CentOS, you can use the following steps: 2.1 Download the Helm package using the following command: curl -L https://get.helm.sh/helm-v3.11.1-linux-amd64.tar.gz -o helm.tar.gz 2.2 Extract the package: tar -xvzf helm.tar.gz 2.3 Move the helm binary to the /usr/local/bin directory: sudo mv linux-amd64/helm /usr/local/bin/ 2.4 Verify the installation by checking the version of Helm: helm version 2.

Deploying Elasticsearch kubectl create deployment es-manual --image elasticsearch:7.8.0 kubectl get pods expect to get: NAME READY STATUS RESTARTS AGE es-manual-89d68bb75-5k5l5 0/1 ContainerCreating 0 # and again es-manual-89d68bb75-5k5l5 1/1 Running 1 (26s ago) 3m1s kubectl get pods kubectl describe deployment es-manual kubectl describe pod es-manual-89d68bb75-5k5l5 expect to see: Name: es-manual-89d68bb75-5k5l5 Namespace: default Priority: 0 Service Account: default Node: tiger.loseyourip.com/10.154.2.119 Start Time: Mon, 09 Jan 2023 11:28:55 +0000 Labels: app=es-manual pod-template-hash=89d68bb75 Annotations: <none> Status: Running IP: 10.

1. Add Elastic Helm repository: export KUBECONFIG=/etc/rancher/k3s/k3s.yaml helm repo add elastic https://helm.elastic.co 2. Installing Elasticsearch using a Helm Chart 2.1 Evaluate installation export KUBECONFIG=/etc/rancher/k3s/k3s.yaml helm template elasticsearch-test elastic/elasticsearch 2.2 Install Elastic by using the command: export KUBECONFIG=/etc/rancher/k3s/k3s.yaml export ES_CLUSTER_NAME=my-elastic helm install ${ES_CLUSTER_NAME} elastic/elasticsearch Expect to see: NAME: my-elastic LAST DEPLOYED: Fri Jan 6 12:10:24 2023 NAMESPACE: default STATUS: deployed REVISION: 1 NOTES: 1. Watch all cluster members come up. $ kubectl get pods --namespace=default -l app=elasticsearch-master -w 2.

1. Deploy using Kubectl commands 1.1 Create the namespace kubectl create namespace artemis01 kubectl get namespaces kubectl describe namespace artemis01 1.2 create the deployment kubectl create deployment broker-nico --image=docker.io/r/vromero/activemq-artemis/tags:latest --namespace=artemis01 --replicas=1 kubectl get all -n artemis01 1.3 creating the service kubectl create service nodeport broker-nico --tcp=8161:8161 --node-port=30000 --namespace=artemis01 1.4 viewing the service kubectl get services -n artemis01 1.5 exposing this service using NodePort kubectl expose service broker-nico --type=NodePort --name=broker-nico-np --port=8161 --target-port=8161 --namespace=artemis01 kubectl get services -n artemis01 1.