Errata

On chapter 3, figure 3-2 the kube-scheduler is missing and the kube-controller-manager was represented twice.

Note from the Author or Editor:
Thank you! We'll fix the duplicate and example output in the book text.

If you zoom in a little, you can see that the Service is forwarding its port 9999 to the Pod’s port 8888:
...
ports:
- port: 9999
protocol: TCP targetPort: 8888

The k8s/service.yaml file on Github has port 8888 instead of 9999. And actually the Github code is correct, because this is the port of the service.

Otherwise, if the port would be 9999, the command below would fail:
kubectl port-forward service/demo 9999:8888
error: Service demo does not have a service port 8888

Note from the Author or Editor:
Thanks, and sorry for the port confusion between 9999 and 8888. We'll get this cleared up in the book and make sure that the example repo matches.

> The helm install does this by creating a Kubernetes object called a Helm release.

`helm install` does not create a Kubernetes object called a Helm release. Information of Helm releases is stored in ConfigMaps (Helm v2).

See https://helm.sh/docs/architecture/#implementation.

Note from the Author or Editor:
Thanks! This may be from Helm2 VS Helm3. We'll fix the wording in the book and make sure it is accurate for Helm3 going forward.

A hard node affinity is described as:

"a Pod with this affinity will never be scheduled on a node that matches the selector expression"

Which should be:

"a Pod with this affinity will never be scheduled on a node that DOES NOT match the selector expression"

Maybe it could also be rephrased to make it clearer:

A hard affinity selects a set of nodes (with the nodeSelectorTerms field) and makes sure that the Pod is ONLY scheduled to a node in this selection, and NEVER to a node that is not in this selection.

In other words, a Pod is only scheduled to a node that DOES match any of the selector expression, and never to a node that DOES NOT match any of the selector expressions (this is the opposite of what is stated now in the book).

Note from the Author or Editor:
Thank you, and thanks for providing a more clear phrasing. We'll get this cleared up in the book.

> --rm
> This tells Kubernetes to delete the container image after it’s finished running, so
> that it doesn’t clutter up your nodes’ local storage.

`--rm` is the flag to **delete resources** created in `kubectl run` command for attached containers. Whether the container image is deleted depends on the situation, so I feels that this description is not accurate.

Note from the Author or Editor:
Thanks, you are correct, and we'll clear up this wording in the book text.

Required quotes missing from code examples:

Current state:

kubectl get pods -l environment in (staging, production)
kubectl get pods -l environment notin (production)

Should be:

kubectl get pods -l "environment in (staging, production)"
kubectl get pods -l "environment notin (production)"

In the current state, code examples cause a shell syntax error.

Note from the Author or Editor:
Thank you! We'll make sure to add the quotes in the book text.

> metadata:
> labels:
> app: demo
> tier: frontend
> environment: production
> environment: test
> version: v1.12.0
> role: primary

`environment` label keys are duplicated. I guess that it is an editorial mistake.

Note from the Author or Editor:
Thank you! I'll make sure the duplicate gets removed in the book text and that the example repo matches.

The below says "matching the tier: frontend selector":

> Here’s an example PodPreset that adds a cache volume to all Pods matching the **tier: frontend** selector:

However, actually the example PodPreset does not have "tier: frontend" match label:

```
apiVersion: settings.k8s.io/v1alpha1
kind: PodPreset
metadata:
name: add-cache
spec:
selector:
matchLabels:
role: frontend
...
```

Note from the Author or Editor:
Thank you, I think this should be "role: frontent", but will double check and make sure this gets fixed in the book text and that the example repo matches.

```
spec:
containers:
- name: demo
image: cloudnatived/demo:hello-secret-env
ports:
- containerPort: 8888
env:
- name: GREETING
valueFrom:
(...)
```

In the above manifest, `GREETING` environment variable is used, but actually `MAGIC_WORD` is the correct name.

I checked with the following steps:
```
$ docker run --rm -d -p 8000:8888 -e MAGIC_WORD=hello cloudnatived/demo:hello-secret-env
c636a16e44139884692d218e5d1dea49b1aa562a2d527cd29964f7eab65eabdf
$ curl localhost:8000
The magic word is "hello"
```

In addition to the above, the below also need to fix as follows:

> We set the environment variable GREETING exactly as we did when using a Config‐
Map,

should be:

> We set the environment variable MAGIC_WORD exactly as we did when using a Config‐
Map,

Note from the Author or Editor:
Thank you! We will work on getting this fixed in the book text and make sure the example repo is also up to date.

The examples to decode and encode base64 strings could be improved.

Encoding single line strings with base64 should not include the newline character. This is especially hard to debug when done manually with passwords.

The example decodes the string "eHl6enk=" to "xyzzy" whereas the example to encode the same string ("xyzzy") leads to a different base64 representation, which includes the newline character ("eHl6enkK").

Better would be to explain how to not include the newline char, by adding "-n" to the echo command. So the example to encode would look like:

$ echo -n xyzzy | base64
eHl6enk=

Note from the Author or Editor:
Thank you for providing the better example. We'll get this base64 issue cleared up in the book text.

> The end result will be a single Kubernetes Secret manifest named **app_secrets.yaml**,

Since the secret manfest template is the below, Kubernetes Secret manifest name is `{{ .Values.container.name }}-secrets`, not `app_secrets.yaml`. `app_secrets.yaml` is secret key name.

```
cat k8s/demo/templates/secrets.yaml
apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.container.name }}-secrets
type: Opaque
data:
{{ $environment := .Values.environment }}
app_secrets.yaml: {{ .Files.Get (nospace (cat $environment "-secrets.yaml"))
| b64enc }}
```

Note from the Author or Editor:
Thank you! We will work on getting this fixed in the book text.

> Running **kubectl get pods -a** will show you the failed Pod, allowing you to inspect the logs and see what happened.

-a (--show-all) flag was deprecated in Kubernetes 1.10, and it can show you failed Pods without the flag. In Kubernetes 1.14, the flag was removed completely.

Note from the Author or Editor:
Thank you, we'll remove the deprecated flag in the book text.

I suspect the command

kubectl run demo --image=YOUR_DOCKER_ID/myhello --port=9999 --labels app=demo

has an error. Shouldn't it say "--port=8888"? This is the port the go app running in the container listens to and therefore needs to be exposed. The subsequent port forwarding command maps localhost's port 9999 to the container's port 8888.

Strangely, both versions of the run command worked when I tested them on my Mac.

Note from the Author or Editor:
Thanks, and sorry for the port confusion between 9999 and 8888. We'll get this cleared up in the book and make sure that the example repo matches.

The hello-k8s/k8s/service.yaml file in the book's repo lists the localhost port AND the targetPort as 8888, while the book lists the localhost port as 9999. One of these is wrong.

Note from the Author or Editor:
Thank you, we'll make sure this is fixed in the example repo and in the book text.