Ace Eldeib alexeldeib
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| creationTimestamp: null | |
| name: lister | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: Role | |
| metadata: |
alexeldeib
/ demo.sh
Last active
July 1, 2020 18:02
Kubernetes ingress <-> service <-> pod IP association example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ace@ace-vm:~/code/ocsp-demo$ kubectl -n ingress-nginx get svc | |
| NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE | |
| ingress-nginx-controller LoadBalancer 10.0.14.106 20.193.19.114 80:31377/TCP,443:32598/TCP 3m45s | |
| ingress-nginx-controller-admission ClusterIP 10.0.117.203 <none> 443/TCP 3m46s | |
| ace@ace-vm:~/code/ocsp-demo$ kubectl -n ingress-nginx get svc,pod | |
| NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE | |
| service/ingress-nginx-controller LoadBalancer 10.0.14.106 20.193.19.114 80:31377/TCP,443:32598/TCP 3m48s | |
| service/ingress-nginx-controller-admission ClusterIP 10.0.117.203 <none> 443/TCP 3m49s |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ace@ace-vm:~$ kubectl exec -it debug-864678bff9-p79kb -c ubuntu -- bash -c "nsenter -t 1 -a bash" | |
| root@aks-nodepool1-38090526-vmss000000:/# docker info | |
| Client: | |
| Debug Mode: false | |
| Server: | |
| Containers: 16 | |
| Running: 15 | |
| Paused: 0 | |
| Stopped: 1 |
alexeldeib
/ machine-deployment.yaml
Last active
September 13, 2020 06:21
CAPZ join to AKS control plane manifest
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: cluster.x-k8s.io/v1alpha3 | |
| kind: MachineDeployment | |
| metadata: | |
| name: ${CLUSTER_NAME}-md-0 | |
| namespace: default | |
| spec: | |
| clusterName: ${CLUSTER_NAME} | |
| replicas: ${WORKER_MACHINE_COUNT} | |
| selector: | |
| matchLabels: null |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "apiVersion": "vlabs", | |
| "properties": { | |
| "orchestratorProfile": { | |
| "orchestratorType": "Kubernetes", | |
| "orchestratorVersion": "1.18.8", | |
| "kubernetesConfig": { | |
| "loadBalancerSku": "Standard", | |
| "excludeMasterFromStandardLB": true, | |
| "useManagedIdentity": true, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "apiVersions": null, | |
| "capabilities": [ | |
| { | |
| "name": "MaxResourceVolumeMB", | |
| "value": "2883584" | |
| }, | |
| { | |
| "name": "OSVhdSizeMB", | |
| "value": "1047552" |
alexeldeib
/ example.sh
Last active
December 10, 2020 21:52
Enumerate non-pod processes on Kubernetes node
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| KUBEPOD_CGROUP="kubepods" | |
| # select all pids where the executable of the pid is a link to a file (this filters out kernel processes we don't care about) | |
| non_kernel_pids="$(find -L /proc/[0-9]*/exe ! -type l | cut -d / -f3 | paste -sd " ")" | |
| # filter out pods by checking that the proc is in whatever cgroup is configured for pods. | |
| non_pods=""; for pid in $non_kernel_pids; do if [ -z "$(grep "$KUBEPOD_CGROUP" /proc/$pid/cgroup)" ]; then non_pods="$non_pods $pid"; fi; done |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "apiVersion": "vlabs", | |
| "location": "westus2", | |
| "properties": { | |
| "orchestratorProfile": { | |
| "orchestratorType": "Kubernetes", | |
| "orchestratorVersion": "1.18.13", | |
| "kubernetesConfig": { | |
| "loadBalancerSku": "Standard", | |
| "excludeMasterFromStandardLB": true, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: config-map | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRole | |
| metadata: | |
| name: config-map |