Hello, Programmers!

sudo apt update
sudo apt install -y software-properties-common
sudo add-apt-repository ppa:ondrej/php
sudo apt update

sudo apt install -y php8.3 php8.3-cli php8.3-fpm php8.3-mysql php8.3-xml php8.3-curl php8.3-mbstring php8.3-zip php8.3-bcmath php8.3-gd

sudo apt install -y php8.2 php8.2-cli php8.2-fpm php8.2-mysql php8.2-xml php8.2-curl php8.2-mbstring php8.2-zip php8.2-bcmath php8.2-gd

sudo update-alternatives --list php
sudo update-alternatives --config php
sudo update-alternatives --set php /usr/bin/php8.3
php -v

sudo a2dismod php8.2
sudo a2enmod php8.3
sudo systemctl restart apache2

sudo apt install php8.3-mysql php8.3-xml php8.3-curl php8.3-mbstring
sudo apt install php8.3-zip php8.3-bcmath php8.3-gd php8.3-intl
php -m

sudo a2enmod rewrite
sudo systemctl restart apache2

# /etc/apache2/sites-available/000-default.conf
# 
#   Options Indexes FollowSymLinks
#   AllowOverride All
#   Require all granted
# 

# location ~ \.php$ {
#   fastcgi_pass unix:/run/php/php8.3-fpm.sock;
#   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#   include fastcgi_params;
# }
sudo systemctl restart php8.3-fpm nginx

curl -sS https://getcomposer.org/installer | php
sudo mv composer.phar /usr/local/bin/composer
composer -V

composer global require laravel/installer
export PATH="$HOME/.config/composer/vendor/bin:$PATH"

composer create-project laravel/laravel crudapp
cd crudapp
composer require laravel/breeze --dev
php artisan breeze:install blade
npm install && npm run build
php artisan migrate

php artisan serve
php artisan serve --host 0.0.0.0 --port 8080

php artisan make:migration create_contacts_table --create=contacts
php artisan make:model Contact
php artisan make:controller ContactController --resource --model=Contact
php artisan make:request StoreContactRequest

protected $fillable = ['name','email'];
// Route: Route::resource('contacts', ContactController::class);

Contact::create($request->validated());
$contact->update($request->validated());
$contact->delete();
Contact::latest()->paginate(10);

php artisan migrate
php artisan migrate:rollback --step=1
php artisan migrate:refresh
$table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');
// hasMany / belongsTo

composer install
composer dump-autoload
php artisan optimize:clear
php artisan config:clear
php artisan cache:clear

mkdir dirname
mkdir -p path/to/dir
rmdir dirname
rm -rf dirname
touch file.txt
rm file.txt

cat file
less file
head -n 20 file
tail -f file
nano file
vim file

nano ~/.bashrc
source ~/.bashrc
alias ll='ls -la'
export PATH=$PATH:/new/path

sudo systemctl start apache2
sudo systemctl restart apache2
sudo systemctl status apache2
sudo systemctl enable apache2

ln -s /path/source /path/link
sudo nano /etc/hosts
# 127.0.0.1 yourdomain.com

curl -I https://example.com
wget https://example.com/file
ping host
ss -tlnp
netstat -tlnp

chmod 755 script.sh
chmod +x script.sh
chown user:group file
sudo chown -R $USER:$USER .

git init
git config --global user.name "Name"
git config --global user.email "email@example.com"
git config --list

git clone https://github.com/user/repo.git
git clone -b branch https://github.com/user/repo.git
git clone --depth 1 https://github.com/user/repo.git

git add .
git add file.txt
git status
git commit -m "message"
git commit -am "message"
git log --oneline

git branch
git checkout -b newbranch
git switch -c newbranch
git checkout main
git merge feature
git branch -d oldbranch

git remote -v
git push origin main
git pull origin main
git fetch origin
git push -u origin main

git restore file.txt
git restore --staged file.txt
git reset --soft HEAD~1
git reset --hard HEAD~1
git stash
git stash pop

sudo apt update
sudo apt install -y ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
echo "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | sudo tee /etc/apt/sources.list.d/docker.list
sudo apt update
sudo apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin

sudo usermod -aG docker $USER
newgrp docker
sudo systemctl enable docker
sudo systemctl start docker
sudo systemctl status docker
docker run hello-world

docker build -t myapp:latest .
docker build -t myapp:v1.0 -f Dockerfile.prod .
docker build --no-cache -t myapp:latest .
docker tag myapp:latest myregistry.com/myapp:1.0

docker images
docker image ls
docker image inspect myapp:latest
docker history myapp:latest

docker pull nginx:alpine
docker pull myregistry.com/myapp:1.0
docker rmi myapp:latest
docker image prune -a

docker run -d --name web -p 8080:80 nginx:alpine
docker run --rm -it -p 8080:80 -e NODE_ENV=prod myapp:latest
docker run -d --restart unless-stopped -v /data:/app/data myapp

docker ps
docker ps -a
docker logs web
docker logs -f --tail 100 web

docker exec -it web sh
docker exec -it web bash
docker exec web php artisan migrate
docker compose run --rm php artisan migrate:fresh

docker stop web
docker rm web
docker stop $(docker ps -q)
docker rm $(docker ps -a -q)

docker compose up -d
docker compose up -d --build
docker compose up --no-build
docker compose down
docker compose down -v

docker compose build
docker compose build php
docker compose build --no-cache php

docker compose ps
docker compose logs -f
docker compose exec php bash
docker compose config

docker network ls
docker network create mynet
docker network inspect mynet
docker run --network mynet -d nginx
docker network connect mynet container_name
docker network disconnect mynet container_name
docker network rm mynet

docker volume ls
docker volume create mydata
docker volume inspect mydata
docker run -v mydata:/app/data myapp
docker run -v /host/path:/container/path myapp
docker volume rm mydata
docker volume prune

docker login
docker tag myapp:latest username/myapp:1.0
docker push username/myapp:1.0
docker pull username/myapp:1.0

docker tag myapp:latest registry.example.com/myapp:1.0
docker push registry.example.com/myapp:1.0
docker login registry.example.com

# Use specific version tags, not :latest
# Run as non-root user
# Use multi-stage builds
# Set HEALTHCHECK
# Use .dockerignore
# Limit resources: --memory 512m --cpus 0.5
# Use secrets for env vars in prod

docker run -d \
  --name app \
  --restart unless-stopped \
  -p 80:8080 \
  -e NODE_ENV=production \
  --memory 512m \
  --cpus 0.5 \
  myapp:1.0

docker system prune -f
docker system prune -a
docker system prune -a --volumes
docker builder prune -a
docker container prune
docker image prune -a
docker volume prune
docker network prune

# Multi-stage production build
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci --only=production
COPY . .
RUN npm run build

FROM nginx:alpine
COPY --from=builder /app/dist /usr/share/nginx/html
EXPOSE 80
HEALTHCHECK CMD wget -q -O- http://localhost/ || exit 1
CMD ["nginx", "-g", "daemon off;"]

services:
  app:
    build: .
    image: myapp:1.0
    ports:
      - "8080:80"
    environment:
      - NODE_ENV=production
    volumes:
      - appdata:/app/data
    networks:
      - backend
    restart: unless-stopped
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost/"]
      interval: 30s
      timeout: 10s
      retries: 3

volumes:
  appdata:

networks:
  backend:
    driver: bridge

.git
.gitignore
node_modules
.env
.env.*
*.md
Dockerfile
docker-compose*.yml
.dockerignore
.vscode
.idea
*.log
coverage
dist
tmp

$conn = new mysqli("localhost","user","pass","db");
if ($conn->connect_error) die("Connection failed");
$conn->close();

try {
  $conn = new PDO("mysql:host=localhost;dbname=myDB","user","pass");
  $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch(PDOException $e) { echo $e->getMessage(); }
$conn = null;

$sql = "INSERT INTO MyGuests (firstname,lastname,email) VALUES ('John','Doe','j@ex.com')";
if ($conn->query($sql) === TRUE) echo "Created";

$sql = "INSERT INTO MyGuests (firstname,lastname,email) VALUES (?,?,?)";
$stmt = $conn->prepare($sql);
$stmt->execute(['John','Doe','j@ex.com']);

$result = $conn->query("SELECT id,firstname FROM MyGuests");
while($row = $result->fetch_assoc()) echo $row["firstname"];

$stmt = $conn->query("SELECT * FROM MyGuests");
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) print_r($row);

$sql = "UPDATE MyGuests SET lastname='Doe' WHERE id=2";
$conn->query($sql);  // MySQLi
$conn->exec($sql);   // PDO

$sql = "DELETE FROM MyGuests WHERE id=3";
$conn->query($sql);  // MySQLi
$conn->exec($sql);   // PDO

if(isset($_POST['submit'])) {
  $f = $_POST['fname']; $l = $_POST['lname']; $e = $_POST['email'];
  $sql = "INSERT INTO sign_up (fname,lname,email) VALUES ('$f','$l','$e')";
  $conn->query($sql);
}
// Use prepared statements in production!

CREATE TABLE MyGuests (
  id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
firstname VARCHAR(30) NOT NULL,
lastname VARCHAR(30) NOT NULL,
email VARCHAR(50),
  reg_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);

INSERT INTO MyGuests (firstname,lastname,email) VALUES ('John','Doe','j@ex.com');

SELECT * FROM MyGuests;
SELECT id, firstname FROM MyGuests WHERE id=1;

UPDATE MyGuests SET lastname='Doe' WHERE id=1;

DELETE FROM MyGuests WHERE id=3;

SELECT * FROM t1 INNER JOIN t2 ON t1.id = t2.t1_id;
SELECT * FROM t1 LEFT JOIN t2 ON t1.id = t2.t1_id;
SELECT * FROM t1 RIGHT JOIN t2 ON t1.id = t2.t1_id;

WHERE col1 = 'x' AND col2 > 5
WHERE col1 = 'x' OR col2 < 10
WHERE col LIKE '%pattern%'
ORDER BY col DESC
ORDER BY col ASC
LIMIT 10 OFFSET 20

mysqldump -u user -p dbname > backup.sql
DROP DATABASE dbname;
DROP TABLE tablename;
ALTER TABLE t ADD COLUMN c VARCHAR(50);

pip install django
django-admin startproject crudproject
cd crudproject
python manage.py startapp items
# settings.py: INSTALLED_APPS += ['items']
python manage.py makemigrations
python manage.py migrate
python manage.py runserver

# models.py
class Item(models.Model):
    name = models.CharField(max_length=200)
    description = models.TextField(blank=True)
    def __str__(self): return self.name

# forms.py
class ItemForm(forms.ModelForm):
    class Meta:
        model = Item
        fields = ['name','description']

# views: item_list, item_create, item_update, item_delete
# get_object_or_404(Item, pk=pk)
# form.save() / item.delete()
# urls.py: path('', views.item_list), path('create/', views.item_create)
# path('/edit/', views.item_update), path('/delete/', views.item_delete)

# item_list.html: {% for item in items %} {{ item.name }} {% endfor %}
# item_form.html: 
{% csrf_token %}{{ form.as_p }}Save
# item_confirm_delete.html: 
{% csrf_token %}Delete

# Java 17+ (required for Spring Boot 3)
sudo apt install openjdk-17-jdk   # Ubuntu
winget install Microsoft.OpenJDK.17  # Windows

# Maven
sudo apt install maven
mvn -v

# Gradle (optional): sudo apt install gradle

# Via start.spring.io: Web, JPA, H2 (or MySQL), Lombok
# Or CLI:
spring init --dependencies=web,data-jpa,h2,lombok myapp
cd myapp

# Run
./mvnw spring-boot:run
# Gradle: ./gradlew bootRun

// entity/Item.java
package com.example.myapp.entity;
import jakarta.persistence.*;
import lombok.*;

@Entity
@Table(name = "items")
@Getter @Setter @NoArgsConstructor @AllArgsConstructor
public class Item {
    @Id @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;
    @Column(nullable = false) private String name;
    private String description;
}

// repository/ItemRepository.java
package com.example.myapp.repository;
import com.example.myapp.entity.Item;
import org.springframework.data.jpa.repository.JpaRepository;

public interface ItemRepository extends JpaRepository {}

// ItemController.java
import java.util.List;
import org.springframework.web.bind.annotation.*;
@RestController
@RequestMapping("/api/items")
@RequiredArgsConstructor
public class ItemController {
    private final ItemRepository repo;

    @GetMapping
    public List list() { return repo.findAll(); }

    @GetMapping("/{id}")
    public Item get(@PathVariable Long id) {
        return repo.findById(id).orElseThrow();
    }

    @PostMapping
    public Item create(@RequestBody Item item) { return repo.save(item); }

    @PutMapping("/{id}")
    public Item update(@PathVariable Long id, @RequestBody Item item) {
        item.setId(id); return repo.save(item);
    }

    @DeleteMapping("/{id}")
    public void delete(@PathVariable Long id) { repo.deleteById(id); }
}

curl -X GET http://localhost:8080/api/items
curl -X POST -H "Content-Type: application/json" -d '{"name":"A","description":"B"}' http://localhost:8080/api/items
curl -X PUT -H "Content-Type: application/json" -d '{"name":"A2","description":"B2"}' http://localhost:8080/api/items/1
curl -X DELETE http://localhost:8080/api/items/1

# H2 (dev)
spring.datasource.url=jdbc:h2:mem:testdb
spring.h2.console.enabled=true

# MySQL (prod)
spring.datasource.url=jdbc:mysql://localhost:3306/mydb
spring.datasource.username=root
spring.datasource.password=secret
spring.jpa.hibernate.ddl-auto=update

# Build JAR
./mvnw clean package -DskipTests

# Run JAR
java -jar target/myapp-0.0.1-SNAPSHOT.jar

# systemd service
[Unit]
Description=Spring Boot App
[Service]
ExecStart=/usr/bin/java -jar /opt/myapp/app.jar
Restart=always
[Install]
WantedBy=multi-user.target

# Dockerfile
FROM eclipse-temurin:17-jre-alpine
COPY target/*.jar app.jar
ENTRYPOINT ["java","-jar","/app.jar"]

docker build -t myapp .
docker run -p 8080:8080 myapp

pip install pandas numpy scikit-learn matplotlib seaborn jupyter
# or: pip install pandas scikit-learn

import pandas as pd
df = pd.read_csv('data.csv')
df = pd.read_excel('data.xlsx')
df.head(); df.info(); df.describe()
df.isnull().sum(); df.dropna(); df.fillna(0)
df['col'] = df['col'].astype('category')
from sklearn.model_selection import train_test_split
X_train, X_test, y_train, y_test = train_test_split(X, y, test_size=0.2, random_state=42)
from sklearn.preprocessing import StandardScaler
scaler = StandardScaler(); X_train = scaler.fit_transform(X_train); X_test = scaler.transform(X_test)

from sklearn.linear_model import LogisticRegression
from sklearn.ensemble import RandomForestClassifier
model = LogisticRegression(); model.fit(X_train, y_train)
# or: model = RandomForestClassifier(); model.fit(X_train, y_train)
from sklearn.metrics import accuracy_score, classification_report, confusion_matrix
y_pred = model.predict(X_test)
accuracy_score(y_test, y_pred)
import joblib; joblib.dump(model, 'model.pkl')

model = joblib.load('model.pkl')
pred = model.predict(X_new)
pred_proba = model.predict_proba(X_new)

# Flask API
from flask import Flask, request, jsonify
import joblib
app = Flask(__name__)
model = joblib.load('model.pkl')
@app.route('/predict', methods=['POST'])
def predict():
    data = request.json; pred = model.predict([data['features']])
    return jsonify({'prediction': int(pred[0])})
if __name__ == '__main__': app.run(host='0.0.0.0', port=5000)

pip install ludwig
# full: pip install ludwig[full]
# Python 3.12+ required

input_features:
  - name: text_col
    type: text
  - name: num_col
    type: number
output_features:
  - name: target
    type: category
trainer:
  epochs: 3
  learning_rate: 0.0001

ludwig train --config model.yaml --dataset data.csv
# LLM fine-tune:
ludwig train --config model.yaml --dataset "ludwig://alpaca"

ludwig predict --model_path results/experiment_run/model --dataset test.csv
# Single prediction via Python:
from ludwig.api import LudwigModel
model = LudwigModel.load('results/...')
pred = model.predict(dataframe)

ludwig serve --model_path results/experiment_run/model
# API at http://localhost:8000

ludwig export_torchscript --model_path results/.../model
# Upload to HuggingFace: ludwig upload --model_path ... --repo_id user/model

# Create venv (recommended)
python -m venv venv
python3 -m venv .venv

# Specify Python version
python3.12 -m venv venv
py -3.12 -m venv venv

pip install virtualenv
virtualenv venv
virtualenv -p python3.12 venv

source venv/bin/activate
source .venv/bin/activate
# bash/zsh
deactivate

venv\Scripts\activate
.venv\Scripts\activate
# PowerShell
deactivate

source venv/bin/activate.fish

# Ubuntu/Debian
sudo apt install python3-pip python3-venv

# Ensure pip is latest
python -m pip install --upgrade pip

pip install -r requirements.txt
pip freeze > requirements.txt
pip install -e .

# Linux/macOS
curl -LsSf https://astral.sh/uv/install.sh | sh

# pip
pip install uv

uv venv
uv venv --python 3.12
uv pip install -r requirements.txt
uv run python script.py
uv sync

pip install pipx
pipx ensurepath

pipx install black
pipx install ruff
pipx install poetry
pipx run black .
pipx list

curl https://pyenv.run | bash
# Add to ~/.bashrc: eval "$(pyenv init -)"

pyenv install 3.12.4
pyenv install -l
pyenv global 3.12.4
pyenv local 3.12.4
pyenv version

kubectl version --client
kubectl version
kubectl cluster-info
kubectl get componentstatuses

kubectl get nodes
kubectl get nodes -o wide
kubectl describe node node-name
kubectl drain node-name --ignore-daemonsets
kubectl uncordon node-name
kubectl cordon node-name

kubectl config get-contexts
kubectl config use-context context-name
kubectl config current-context
kubectl config view
export KUBECONFIG=~/.kube/config
kubectl config set-cluster my-cluster --server=https://api.example.com

kubectl create namespace dev
kubectl get namespaces
kubectl get ns
kubectl config set-context --current --namespace=dev
kubectl delete namespace dev

kubectl run nginx --image=nginx
kubectl get pods
kubectl get pods -A
kubectl get pods -o wide
kubectl get pods -w
kubectl get pods --field-selector=status.phase=Running

kubectl describe pod pod-name
kubectl logs pod-name
kubectl logs -f pod-name
kubectl logs pod-name -c container-name
kubectl logs pod-name --previous
kubectl logs -l app=nginx --tail=100

kubectl exec -it pod-name -- /bin/bash
kubectl exec pod-name -- env
kubectl delete pod pod-name
kubectl delete pod pod-name --grace-period=0 --force
kubectl delete pods -l app=nginx

kubectl create deployment nginx --image=nginx
kubectl get deployments
kubectl get deploy
kubectl describe deployment nginx
kubectl scale deployment nginx --replicas=5
kubectl set image deployment/nginx nginx=nginx:1.21
kubectl edit deployment nginx
kubectl patch deployment nginx -p '{"spec":{"replicas":3}}'

kubectl rollout status deployment nginx
kubectl rollout restart deployment nginx
kubectl rollout undo deployment nginx
kubectl rollout history deployment nginx
kubectl rollout undo deployment nginx --to-revision=2
kubectl rollout pause deployment nginx
kubectl rollout resume deployment nginx

kubectl expose deployment nginx --port=80 --type=ClusterIP
kubectl expose deployment nginx --port=80 --type=NodePort
kubectl expose deployment nginx --port=80 --type=LoadBalancer
kubectl get services
kubectl get svc
kubectl describe svc nginx
kubectl delete svc nginx
kubectl get endpoints

kubectl create configmap app-config --from-literal=key=value
kubectl create configmap app-config --from-file=config.properties
kubectl get configmaps
kubectl describe configmap app-config
kubectl create configmap app-config --from-env-file=env.file

kubectl create secret generic db-secret --from-literal=password=mypass
kubectl create secret docker-registry regcred --docker-server=registry.io --docker-username=user --docker-password=pass
kubectl get secrets
kubectl describe secret db-secret
kubectl create secret tls tls-secret --cert=path.crt --key=path.key

kubectl get pv
kubectl get pvc
kubectl describe pvc my-claim
kubectl delete pvc my-claim
kubectl get storageclass
kubectl get sc

kubectl get ingress
kubectl get ing
kubectl describe ingress my-ingress
kubectl apply -f ingress.yaml
kubectl delete ingress my-ingress

kubectl get statefulsets
kubectl get sts
kubectl scale statefulset web --replicas=5
kubectl rollout status statefulset web

kubectl get daemonsets
kubectl get ds
kubectl rollout restart daemonset fluentd

kubectl create job my-job --image=busybox -- echo "hello"
kubectl get jobs
kubectl delete job my-job
kubectl logs job/my-job

kubectl get cronjobs
kubectl get cj
kubectl create cronjob backup --image=busybox --schedule="0 0 * * *" -- echo "backup"
kubectl delete cronjob backup

kubectl apply -f deployment.yaml
kubectl apply -f ./
kubectl apply -f deployment.yaml -n dev
kubectl apply -f deployment.yaml --dry-run=client -o yaml
kubectl apply -f deployment.yaml --server-side
kubectl delete -f deployment.yaml
kubectl delete -f . --recursive
kubectl replace -f deployment.yaml --force

kubectl port-forward pod/pod-name 8080:80
kubectl port-forward svc/nginx 8080:80
kubectl port-forward deployment/nginx 8080:80
kubectl proxy

kubectl cp pod-name:/path/file ./local-file
kubectl cp ./local-file pod-name:/path/
kubectl run debug --rm -it --image=busybox -- sh
kubectl debug pod/pod-name -it --image=busybox
kubectl get networkpolicies
kubectl get netpol

kubectl get roles
kubectl get rolebindings
kubectl get clusterroles
kubectl get clusterrolebindings
kubectl auth can-i create pods --as=user
kubectl auth reconcile -f rbac.yaml
kubectl create serviceaccount my-sa

kubectl get resourcequotas
kubectl get limitranges
kubectl describe resourcequota -n dev

kubectl autoscale deployment nginx --min=2 --max=10 --cpu-percent=80
kubectl get hpa
kubectl describe hpa nginx
kubectl delete hpa nginx
kubectl autoscale deployment nginx --min=2 --max=10 --cpu-percent=80 --memory-percent=80

kubectl get pdb
kubectl describe pdb my-pdb

kubectl get events
kubectl get events -A --sort-by='.lastTimestamp'
kubectl get events -w
kubectl get events --field-selector type=Warning

# deployment.yaml - liveness + readiness + resources + strategy
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
spec:
  replicas: 3
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.21
        ports:
        - containerPort: 80
        resources:
          requests:
            memory: "128Mi"
            cpu: "100m"
          limits:
            memory: "256Mi"
            cpu: "500m"
        livenessProbe:
          httpGet:
            path: /
            port: 80
          initialDelaySeconds: 15
          periodSeconds: 20
        readinessProbe:
          httpGet:
            path: /
            port: 80
          initialDelaySeconds: 5
          periodSeconds: 10

# service.yaml
apiVersion: v1
kind: Service
metadata:
  name: nginx
spec:
  selector:
    app: nginx
  ports:
  - port: 80
    targetPort: 80
  type: ClusterIP
---
# ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nginx-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: app.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: nginx
            port:
              number: 80

# pdb.yaml
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
  name: nginx-pdb
spec:
  minAvailable: 2
  selector:
    matchLabels:
      app: nginx

helm install myapp ./chart
helm upgrade myapp ./chart
helm rollback myapp 1
helm uninstall myapp
helm list
helm repo add bitnami https://charts.bitnami.com/bitnami
helm install nginx bitnami/nginx
helm template myapp ./chart
helm get values myapp

minikube start
minikube stop
minikube dashboard
minikube tunnel
minikube addons enable ingress
minikube ssh
minikube delete

kind create cluster
kind create cluster --name dev
kind delete cluster
kind load docker-image myimage:tag

k9s
k9s -n dev
k9s info
k9s version

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml

kubectl apply -f admin.yaml

kubectl -n kubernetes-dashboard create token admin-user
# or long-lived (24h):
kubectl -n kubernetes-dashboard create token admin-user --duration=24h

kubectl proxy
# Then open: http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

kubectl get pods -n kubernetes-dashboard
kubectl get svc -n kubernetes-dashboard
kubectl get sa -n kubernetes-dashboard

kubectl delete -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml
kubectl delete namespace kubernetes-dashboard

k=kubectl
kgp=kubectl get pods
kgd=kubectl get deployments
kgs=kubectl get services
kga=kubectl get all
kaf=kubectl apply -f
kdf=kubectl delete -f

kubectl get pods -o yaml
kubectl get pods -o json
kubectl get pods -o wide
kubectl get pods -o name
kubectl get all -A

apiVersion: v1
kind: Namespace
metadata:
  name: dev
  labels:
    env: development

apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config
data:
  DB_HOST: "db.example.com"
  LOG_LEVEL: "info"
  config.properties: |
    key1=value1
    key2=value2

apiVersion: v1
kind: Secret
metadata:
  name: db-secret
type: Opaque
stringData:
  username: admin
  password: mypassword

apiVersion: v1
kind: PersistentVolume
metadata:
  name: my-pv
spec:
  capacity:
    storage: 10Gi
  accessModes:
    - ReadWriteOnce
  persistentVolumeReclaimPolicy: Retain
  storageClassName: manual
  hostPath:
    path: /mnt/data

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: my-pvc
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 5Gi
  storageClassName: manual

apiVersion: v1
kind: Pod
metadata:
  name: nginx-pod
  labels:
    app: nginx
spec:
  containers:
  - name: nginx
    image: nginx:1.21
    ports:
    - containerPort: 80
    env:
    - name: ENV_VAR
      value: "value"
    volumeMounts:
    - name: config
      mountPath: /etc/config
  volumes:
  - name: config
    configMap:
      name: app-config

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.21
        ports:
        - containerPort: 80
        resources:
          requests:
            memory: "128Mi"
            cpu: "100m"
          limits:
            memory: "256Mi"
            cpu: "500m"
        livenessProbe:
          httpGet:
            path: /
            port: 80
          initialDelaySeconds: 15
          periodSeconds: 20
        readinessProbe:
          httpGet:
            path: /
            port: 80
          initialDelaySeconds: 5
          periodSeconds: 10

# ClusterIP
apiVersion: v1
kind: Service
metadata:
  name: nginx
spec:
  selector:
    app: nginx
  ports:
  - port: 80
    targetPort: 80
  type: ClusterIP
---
# NodePort
apiVersion: v1
kind: Service
metadata:
  name: nginx-np
spec:
  selector:
    app: nginx
  ports:
  - port: 80
    targetPort: 80
    nodePort: 30080
  type: NodePort
---
# LoadBalancer
apiVersion: v1
kind: Service
metadata:
  name: nginx-lb
spec:
  selector:
    app: nginx
  ports:
  - port: 80
    targetPort: 80
  type: LoadBalancer

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nginx-ingress
  annotations:
    nginx.ingress.kubernetes.io/rewrite-target: /
spec:
  rules:
  - host: app.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: nginx
            port:
              number: 80

apiVersion: batch/v1
kind: Job
metadata:
  name: my-job
spec:
  template:
    spec:
      containers:
      - name: job
        image: busybox
        command: ["echo", "hello"]
      restartPolicy: Never
  backoffLimit: 4

apiVersion: batch/v1
kind: CronJob
metadata:
  name: backup
spec:
  schedule: "0 0 * * *"
  jobTemplate:
    spec:
      template:
        spec:
          containers:
          - name: backup
            image: busybox
            command: ["echo", "backup"]
          restartPolicy: OnFailure

apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: web
spec:
  serviceName: web
  replicas: 3
  selector:
    matchLabels:
      app: web
  template:
    metadata:
      labels:
        app: web
    spec:
      containers:
      - name: nginx
        image: nginx
        ports:
        - containerPort: 80
        volumeMounts:
        - name: data
          mountPath: /usr/share/nginx/html
  volumeClaimTemplates:
  - metadata:
      name: data
    spec:
      accessModes: ["ReadWriteOnce"]
      resources:
        requests:
          storage: 1Gi

apiVersion: apps/v1
kind: DaemonSet
metadata:
  name: fluentd
spec:
  selector:
    matchLabels:
      app: fluentd
  template:
    metadata:
      labels:
        app: fluentd
    spec:
      containers:
      - name: fluentd
        image: fluentd
      tolerations:
      - operator: Exists

apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: nginx-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: nginx
  minReplicas: 2
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 80

apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
  name: nginx-pdb
spec:
  minAvailable: 2
  selector:
    matchLabels:
      app: nginx

apiVersion: v1
kind: ResourceQuota
metadata:
  name: dev-quota
  namespace: dev
spec:
  hard:
    requests.cpu: "2"
    requests.memory: 4Gi
    limits.cpu: "4"
    limits.memory: 8Gi
    pods: "10"

apiVersion: v1
kind: LimitRange
metadata:
  name: dev-limits
  namespace: dev
spec:
  limits:
  - default:
      memory: 256Mi
      cpu: 200m
    defaultRequest:
      memory: 128Mi
      cpu: 100m
    type: Container

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: deny-all
  namespace: dev
spec:
  podSelector: {}
  policyTypes:
  - Ingress
  - Egress
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: allow-same-ns
spec:
  podSelector:
    matchLabels:
      app: nginx
  policyTypes:
  - Ingress
  ingress:
  - from:
    - podSelector:
        matchLabels:
          app: nginx

apiVersion: v1
kind: ServiceAccount
metadata:
  name: my-sa
  namespace: dev

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

# role.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  name: pod-reader
  namespace: dev
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["get", "list", "watch"]
---
# rolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: read-pods
  namespace: dev
subjects:
- kind: ServiceAccount
  name: my-sa
  namespace: dev
roleRef:
  kind: Role
  name: pod-reader
  apiGroup: rbac.authorization.k8s.io

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: dev
resources:
- deployment.yaml
- service.yaml
- configmap.yaml
commonLabels:
  app: myapp
images:
- name: nginx
  newTag: 1.21

FROM nginx:1.21-alpine
COPY . /usr/share/nginx/html
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]

node_modules
.git
*.md
.env
Dockerfile