atb00ker · February 12, 2020 12:49
diff --git a/devops b/devops
 alias            : commonly useful aliases
 commands         : frequently used commands
 helm             : get helm running 
 kubeadm          : commands for self managed kubernetes instance with kubeadm
 kubernetes       : helpful kubernetes commands
 docker           : docker clipboard commands
 ansible-folder   : folder structure for new ansible project
 ansible-encrypt  : encrypt folders using ansible-vault
 ansible-openwisp : setup files for ansible-openwisp2
diff --git a/devops:alias b/devops:alias
 # ALiAS for kubernetes

 alias kaf='kubectl apply -f - <<EOF'
 alias kad='kubectl delete -f - <<EOF'
 alias ka='kubectl apply -f'
 alias kd='kubectl delete -f'
 alias kga='kubectl get all'
 alias kgp='kubectl get pods'

 # ALiAS for terrform

 alias tf='terraform fmt -recursive'
 alias tv='terraform validate'
 alias tp='terraform plan'
 alias tpf='terraform plan -no-color > tp.out'
 alias ta='terraform apply'
 alias tfr='terraform refresh'
 alias td='terraform destroy'
diff --git a/devops:ansible-folder b/devops:ansible-folder
 mkdir -p $PROJECT
 cd $PROJECT
 # inventory and master playbook
 touch production staging site.yml 
 # folders
 mkdir -p group_vars host_vars library filter_plugins
 # role folders
 mkdir -p roles/common/{tasks,handlers,templates,files,vars,defaults,meta}
 touch roles/common/{tasks,handlers,templates,files,vars,defaults,meta}/main.yml
diff --git a/devops:ansible-openwisp b/devops:ansible-openwisp
 ---
 - hosts: openwisp2
  become: yes
  roles:
    - roles/stouts-postfix
    - roles/ansible-openwisp2
  vars:
    openwisp2_default_from_email: "[email protected]"
    openwisp2_network_topology: true
 ---
 [openwisp2]
 dashboard.atb00ker.tk

 [openwisp2:vars]
 ansible_python_interpreter=/usr/bin/python3
 ansible_ssh_extra_args=-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
diff --git a/devops:commands b/devops:commands
 # Ansible
 find . -type f -printf "%h/\"%f\" " | xargs ansible-vault encrypt

 # Kubernetes
 kubectl delete pvc,deployment,service,deploymentconfig,build,buildconfig,statefulsets,imagestreams,secret --all
 kubectl delete pvc,deployment,service --all

 # Docker

 ## OpenWISP testing container
 docker network create --driver bridge --subnet 192.168.56.33/27 --gateway 192.168.56.33 -o "com.docker.network.bridge.name=docker-bridge" docker-bridge
 docker run -dit --name openwisp --privileged --net docker-bridge --expose=22 --expose=80 --expose=443 --ip=192.168.56.34 atb00ker/ready-to-run:openwisp ./init

 ## Run a container with network bridge, ip address and exposes ports 22,443 and 80
 docker run -dit --name "debX.openwisp" --net docker-bridge -expose=22 --expose=80 --expose=443 --ip=192.168.56.43 atb00ker/sshable:debian10
diff --git a/devops:docker b/devops:docker
 - Stop/remove all containers
 docker stop $(docker ps -a -q)
 docker rm $(docker ps -a -q)
 docker network rm $(docker network ls -q)
 docker volume rm $(docker volume ls -q)

 - Remove all untagged images
 docker image rm $(docker image ls -a | grep "^<none>" | awk '{print $3}')
 docker rmi $(docker images -f "dangling=true" -q)

 - Nuke
 docker system prune -af --volumes
diff --git a/devops:helm b/devops:helm
 helm init

 kubectl --namespace kube-system create serviceaccount tiller

 kubectl create clusterrolebinding tiller-cluster-rule \
 --clusterrole=cluster-admin --serviceaccount=kube-system:tiller

 kubectl --namespace kube-system patch deploy tiller-deploy \
 -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'

 helm list
 helm repo add jetstack https://charts.jetstack.io
 helm repo update

 helm install
diff --git a/devops:kubeadm b/devops:kubeadm
 sudo kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=172.16.6.22 --apiserver-advertise-address=172.16.6.23 --apiserver-advertise-address=172.16.6.24
 ---
 rm -rf ~/admin.conf
 sudo cp /etc/kubernetes/admin.conf $HOME/
 sudo chown $(id -u):$(id -g) $HOME/admin.conf
 export KUBECONFIG=$HOME/admin.conf
 ---
 kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
 kubectl taint nodes --all node-role.kubernetes.io/master-
 kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
 kubectl apply -f apply.yml
 kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
 helm init
 kubectl create serviceaccount --namespace kube-system tiller
 kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
 kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
 helm install --set storageClass.name=nfs-provisioner --set nfs.server=172.16.6.24 --set nfs.path=/mnt/kubes stable/nfs-client-provisioner
 ---
 kubectl delete cm,pv,pvc,svc,sc,rc,sa,deployment --all
 kubectl delete rc --all
 kubectl delete cm,svc,rc --all
 ---
 kubectl rolling-update openwisp-dashboard --container=openwisp-dashboard --image=atb00ker/ready-to-run:openwisp-dashboard --image-pull-policy Always
 kubectl rolling-update openwisp-controller --container=openwisp-controller --image=atb00ker/ready-to-run:openwisp-controller --image-pull-policy Always
 kubectl rolling-update openwisp-radius --container=openwisp-radius --image=atb00ker/ready-to-run:openwisp-radius --image-pull-policy Always
 kubectl rolling-update openwisp-topology --container=openwisp-topology --image=atb00ker/ready-to-run:openwisp-topology --image-pull-policy Always
 kubectl rolling-update openwisp-nginx --container=openwisp-nginx --image=atb00ker/ready-to-run:openwisp-nginx --image-pull-policy Always
 ---
 kubeadm join 172.16.6.24:6443 --token y0b4g4.se1suqbxjuptsbqd \
    --discovery-token-ca-cert-hash sha256:74966d42aeee0a5a56ed89f3c83a78338f2c6933d9805570e620e7df2e8f802a
 ---
 sudo modprobe dummy
 sudo lsmod | grep dummy
 sudo ip link add dummy0 type dummy
 sudo ip link set name eth10 dev dummy0
 sudo ifconfig eth10 hw ether 00:22:22:ff:ff:ff
 sudo ip addr add 172.16.6.22/24 brd + dev eth10 label eth10:0
 sudo ip addr add 172.16.6.23/24 brd + dev eth10 label eth10:1
 sudo ip addr add 172.16.6.24/24 brd + dev eth10 label eth10:2
 ifconfig -a
 ---
 sudo ip addr del 172.16.6.22/24 brd + dev eth10 label eth10:0
 sudo ip addr del 172.16.6.23/24 brd + dev eth10 label eth10:1
 sudo ip addr del 172.16.6.24/24 brd + dev eth10 label eth10:2
 sudo ip link delete eth10 type dummy
 sudo rmmod dummy
 ---
 DELETE: /home/atb00ker/.docker/config.json
	alias : commonly useful aliases
	commands : frequently used commands
	helm : get helm running
	kubeadm : commands for self managed kubernetes instance with kubeadm
	kubernetes : helpful kubernetes commands
	docker : docker clipboard commands
	ansible-folder : folder structure for new ansible project
	ansible-encrypt : encrypt folders using ansible-vault
	ansible-openwisp : setup files for ansible-openwisp2
	# ALiAS for kubernetes

	alias kaf='kubectl apply -f - <<EOF'
	alias kad='kubectl delete -f - <<EOF'
	alias ka='kubectl apply -f'
	alias kd='kubectl delete -f'
	alias kga='kubectl get all'
	alias kgp='kubectl get pods'

	# ALiAS for terrform

	alias tf='terraform fmt -recursive'
	alias tv='terraform validate'
	alias tp='terraform plan'
	alias tpf='terraform plan -no-color > tp.out'
	alias ta='terraform apply'
	alias tfr='terraform refresh'
	alias td='terraform destroy'
	mkdir -p $PROJECT
	cd $PROJECT
	# inventory and master playbook
	touch production staging site.yml
	# folders
	mkdir -p group_vars host_vars library filter_plugins
	# role folders
	mkdir -p roles/common/{tasks,handlers,templates,files,vars,defaults,meta}
	touch roles/common/{tasks,handlers,templates,files,vars,defaults,meta}/main.yml
	---
	- hosts: openwisp2
	become: yes
	roles:
	- roles/stouts-postfix
	- roles/ansible-openwisp2
	vars:
	openwisp2_default_from_email: "[email protected]"
	openwisp2_network_topology: true
	---
	[openwisp2]
	dashboard.atb00ker.tk

	[openwisp2:vars]
	ansible_python_interpreter=/usr/bin/python3
	ansible_ssh_extra_args=-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null
	# Ansible
	find . -type f -printf "%h/\"%f\" " \| xargs ansible-vault encrypt

	# Kubernetes
	kubectl delete pvc,deployment,service,deploymentconfig,build,buildconfig,statefulsets,imagestreams,secret --all
	kubectl delete pvc,deployment,service --all

	# Docker

	## OpenWISP testing container
	docker network create --driver bridge --subnet 192.168.56.33/27 --gateway 192.168.56.33 -o "com.docker.network.bridge.name=docker-bridge" docker-bridge
	docker run -dit --name openwisp --privileged --net docker-bridge --expose=22 --expose=80 --expose=443 --ip=192.168.56.34 atb00ker/ready-to-run:openwisp ./init

	## Run a container with network bridge, ip address and exposes ports 22,443 and 80
	docker run -dit --name "debX.openwisp" --net docker-bridge -expose=22 --expose=80 --expose=443 --ip=192.168.56.43 atb00ker/sshable:debian10
	- Stop/remove all containers
	docker stop $(docker ps -a -q)
	docker rm $(docker ps -a -q)
	docker network rm $(docker network ls -q)
	docker volume rm $(docker volume ls -q)

	- Remove all untagged images
	docker image rm $(docker image ls -a \| grep "^<none>" \| awk '{print $3}')
	docker rmi $(docker images -f "dangling=true" -q)

	- Nuke
	docker system prune -af --volumes
	helm init

	kubectl --namespace kube-system create serviceaccount tiller

	kubectl create clusterrolebinding tiller-cluster-rule \
	--clusterrole=cluster-admin --serviceaccount=kube-system:tiller

	kubectl --namespace kube-system patch deploy tiller-deploy \
	-p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'

	helm list
	helm repo add jetstack https://charts.jetstack.io
	helm repo update

	helm install
	sudo kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=172.16.6.22 --apiserver-advertise-address=172.16.6.23 --apiserver-advertise-address=172.16.6.24
	---
	rm -rf ~/admin.conf
	sudo cp /etc/kubernetes/admin.conf $HOME/
	sudo chown $(id -u):$(id -g) $HOME/admin.conf
	export KUBECONFIG=$HOME/admin.conf
	---
	kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
	kubectl taint nodes --all node-role.kubernetes.io/master-
	kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
	kubectl apply -f apply.yml
	kubectl -n kube-system describe secret $(kubectl -n kube-system get secret \| grep admin-user \| awk '{print $1}')
	helm init
	kubectl create serviceaccount --namespace kube-system tiller
	kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
	kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
	helm install --set storageClass.name=nfs-provisioner --set nfs.server=172.16.6.24 --set nfs.path=/mnt/kubes stable/nfs-client-provisioner
	---
	kubectl delete cm,pv,pvc,svc,sc,rc,sa,deployment --all
	kubectl delete rc --all
	kubectl delete cm,svc,rc --all
	---
	kubectl rolling-update openwisp-dashboard --container=openwisp-dashboard --image=atb00ker/ready-to-run:openwisp-dashboard --image-pull-policy Always
	kubectl rolling-update openwisp-controller --container=openwisp-controller --image=atb00ker/ready-to-run:openwisp-controller --image-pull-policy Always
	kubectl rolling-update openwisp-radius --container=openwisp-radius --image=atb00ker/ready-to-run:openwisp-radius --image-pull-policy Always
	kubectl rolling-update openwisp-topology --container=openwisp-topology --image=atb00ker/ready-to-run:openwisp-topology --image-pull-policy Always
	kubectl rolling-update openwisp-nginx --container=openwisp-nginx --image=atb00ker/ready-to-run:openwisp-nginx --image-pull-policy Always
	---
	kubeadm join 172.16.6.24:6443 --token y0b4g4.se1suqbxjuptsbqd \
	--discovery-token-ca-cert-hash sha256:74966d42aeee0a5a56ed89f3c83a78338f2c6933d9805570e620e7df2e8f802a
	---
	sudo modprobe dummy
	sudo lsmod \| grep dummy
	sudo ip link add dummy0 type dummy
	sudo ip link set name eth10 dev dummy0
	sudo ifconfig eth10 hw ether 00:22:22:ff:ff:ff
	sudo ip addr add 172.16.6.22/24 brd + dev eth10 label eth10:0
	sudo ip addr add 172.16.6.23/24 brd + dev eth10 label eth10:1
	sudo ip addr add 172.16.6.24/24 brd + dev eth10 label eth10:2
	ifconfig -a
	---
	sudo ip addr del 172.16.6.22/24 brd + dev eth10 label eth10:0
	sudo ip addr del 172.16.6.23/24 brd + dev eth10 label eth10:1
	sudo ip addr del 172.16.6.24/24 brd + dev eth10 label eth10:2
	sudo ip link delete eth10 type dummy
	sudo rmmod dummy
	---
	DELETE: /home/atb00ker/.docker/config.json