Add Kustomize exercise

exercises/16-kustomize-environments/instructions.md

@@ -0,0 +1,26 @@
+# Exercise 16
+
+<details>
+<summary><b>Quick Reference</b></summary>
+<p>
+
+* Namespace: `q71`<br>
+* Documentation: [Kustomize](https://kustomize.io/)
+
+</p>
+</details>
+
+In this exercise, you will practice the use of Kustomize to generate a Secret definition from a source file and then patch a Deployment definition to consume it as environment variables.
+
+> [!IMPORTANT]
+> You can decide to install Kustomize on your machine or simply go with the `kubectl kustomize` subcommand. The Kustomize documentation page provides detailed, OS-specific [installation instructions](https://kubectl.docs.kubernetes.io/installation/kustomize/).
+
+> [!NOTE]
+> If you do not already have a cluster, you can create one by using minikube.
+
+1. Inspect the files in the [`start`][./start] directory. You will find a [Deployment YAML manifest](`./start/deployment.yml`) and a [text file](./start/basic-auth.txt) containing username/password credentials.
+2. Create a `kustomization.yaml` file that allows for building the Deployment as a resource.
+3. Using Kustomize functionality, generate a Secret YAML manifest with the name `creds` in the namespace `q71`.
+4. Patch the Deployment definition so that its Pod template consumes the generated Secret values as environment variables.
+5. Produce the YAML output with the relevant Kustomize command from the CLI. Verify the correctness of the output.
+6. Add the generation of the `q71` namespace to the existing `kustomization.yaml` file. Run the command for generating the objects from the Kustomize setup.

exercises/16-kustomize-environments/solution/basic-auth.txt

@@ -0,0 +1,2 @@
+username=johndoe
+password=pwd987

exercises/16-kustomize-environments/solution/deployment.yaml

@@ -0,0 +1,22 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-deployment
+  namespace: q71
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:1.27.2
+        ports:
+        - name: http
+          containerPort: 80
+          protocol: TCP

exercises/16-kustomize-environments/solution/kustomization.yaml

@@ -0,0 +1,12 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+secretGenerator:
+- name: creds
+  namespace: q71
+  files:
+  - basic-auth.txt
+resources:
+- namespace.yaml
+- deployment.yaml
+patches:
+- path: secret-patch.yaml

exercises/16-kustomize-environments/solution/namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: q71

exercises/16-kustomize-environments/solution/secret-patch.yaml

@@ -0,0 +1,13 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-deployment
+  namespace: q71
+spec:
+  template:
+    spec:
+      containers:
+      - name: nginx
+        envFrom:
+        - secretRef:
+            name: creds

exercises/16-kustomize-environments/solution/solution.md

@@ -0,0 +1,124 @@
+# Solution
+
+Start by creating a new `kustomization.yaml` in the same directory as the existing files. The content of the file needs to point to the Deployment YAML manifest as resource.
+
+```yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+- deployment.yaml
+```
+
+Use the `secretGenerator` to declare that you want to generate a Secret definition. Ensure that you point to the existing text file as source for populating the Secret. Assign the proper name and namespace.
+
+```yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+secretGenerator:
+- name: creds
+  namespace: q71
+  files:
+  - basic-auth.txt
+resources:
+- deployment.yaml
+```
+
+Prepare the patch file. You can name the file anything you want. We are deciding for the name `secret-patch.yaml`. The content of the patch file needs to spell out the structure of the Deployment you are planning to patch. In this case, we want to add environment variables sourced from the generated Secret.
+
+```yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-deployment
+  namespace: q71
+spec:
+  template:
+    spec:
+      containers:
+      - name: nginx
+        envFrom:
+        - secretRef:
+            name: creds
+```
+
+Lastly, integrate the patch file into the `kustomization.yaml` file.
+
+```yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+secretGenerator:
+- name: creds
+  namespace: q71
+  files:
+  - basic-auth.txt
+resources:
+- deployment.yaml
+patches:
+- path: secret-patch.yaml
+```
+
+You can now generate the build the resources from the directory with `kustomize build .` (if you have the executable installed), or with `kubectl kustomize`.
+
+```
+$ kustomize build .
+apiVersion: v1
+data:
+  basic-auth.txt: dXNlcm5hbWU9am9obmRvZQpwYXNzd29yZD1wd2Q5ODcK
+kind: Secret
+metadata:
+  name: creds-6m8h564f92
+  namespace: q71
+type: Opaque
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-deployment
+  namespace: q71
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - envFrom:
+        - secretRef:
+            name: creds-6m8h564f92
+        image: nginx:1.27.2
+        name: nginx
+        ports:
+        - containerPort: 80
+          name: http
+          protocol: TCP
+```
+
+Create a new file named `namespace.yaml` for defining the `q71` namespace.
+
+```yaml
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: q71
+```
+
+Add the namespace file in the resources section of the `kustomization.yaml` file.
+
+```yaml
+resources:
+- namespace.yaml
+- deployment.yaml
+```
+
+Create the objects with the following command.
+
+```
+$ kubectl apply -k .
+namespace/q71 created
+secret/creds-6m8h564f92 created
+deployment.apps/nginx-deployment created
+```

exercises/16-kustomize-environments/start/basic-auth.txt

@@ -0,0 +1,2 @@
+username=johndoe
+password=pwd987

exercises/16-kustomize-environments/start/deployment.yaml

@@ -0,0 +1,22 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx-deployment
+  namespace: q71
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx
+  template:
+    metadata:
+      labels:
+        app: nginx
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:1.27.2
+        ports:
+        - name: http
+          containerPort: 80
+          protocol: TCP

exercises/16-api-deprecation/instructions.md → exercises/17-api-deprecation/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 16
+# Exercise 17
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/17-pod-probes/instructions.md → exercises/18-pod-probes/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 17
+# Exercise 18
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/18-pod-metrics/instructions.md → exercises/19-pod-metrics/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 18
+# Exercise 19
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/19-troubleshooting-pod/instructions.md → exercises/20-troubleshooting-pod/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 19
+# Exercise 20
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/20-crd/instructions.md → exercises/21-crd/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 20
+# Exercise 21
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/21-rbac-serviceaccount/instructions.md → exercises/22-rbac-serviceaccount/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 21
+# Exercise 22
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/22-resource-requests-limits/instructions.md → exercises/23-resource-requests-limits/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 22
+# Exercise 23
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/23-resourcequota/instructions.md → exercises/24-resourcequota/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 23
+# Exercise 24
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/24-limitrange/instructions.md → exercises/25-limitrange/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 24
+# Exercise 25
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/25-configmap/instructions.md → exercises/26-configmap/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 25
+# Exercise 26
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/26-secret/instructions.md → exercises/27-secret/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 26
+# Exercise 27
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/27-securitycontext/instructions.md → exercises/28-securitycontext/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 27
+# Exercise 28
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/28-service/instructions.md → exercises/29-service/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 28
+# Exercise 29
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/29-troubleshooting-service/instructions.md → exercises/30-troubleshooting-service/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 29
+# Exercise 30
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/30-ingress/instructions.md → exercises/31-ingress/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 30
+# Exercise 31
 
 <details>
 <summary><b>Quick Reference</b></summary>

exercises/31-networkpolicy/instructions.md → exercises/32-networkpolicy/instructions.md

@@ -1,4 +1,4 @@
-# Exercise 31
+# Exercise 32
 
 <details>
 <summary><b>Quick Reference</b></summary>