Gaurav Agarwal bharatmicrosystems
😀
bharatmicrosystems
/ drain-node.sh
Created
July 26, 2020 19:19
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ kubectl drain gke-cluster-1-default-pool-bf356567-mrnh --ignore-daemonsets | |
| node/gke-cluster-1-default-pool-bf356567-mrnh cordoned | |
| WARNING: ignoring DaemonSet-managed Pods: kube-system/fluentd-gke-rdm6l, kube-system/gke-metrics-agent-g57rl, kube-system/prometheus-to-sd-8d849 | |
| evicting pod kube-system/fluentd-gke-scaler-cd4d654d7-42px4 | |
| evicting pod default/nginx-5ffb5df89f-ctv4c | |
| evicting pod default/nginx-5ffb5df89f-l9n96 | |
| evicting pod kube-system/event-exporter-gke-6c9d8bd8d8-ksb59 | |
| evicting pod kube-system/kube-dns-autoscaler-645f7d66cf-h95qf | |
| evicting pod kube-system/kube-dns-56d8cd994f-g4pg7 | |
| evicting pod kube-system/l7-default-backend-678889f899-p4n8f |
bharatmicrosystems
/ deployment-status.sh
Created
July 26, 2020 19:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ kubectl get deployment nginx | |
| NAME READY UP-TO-DATE AVAILABLE AGE | |
| nginx 4/4 4 4 77s | |
| $ kubectl get pod -o wide | |
| NAME READY STATUS RESTARTS AGE IP NODE | |
| nginx-5ffb5df89f-ctv4c 1/1 Running 0 3m47s 10.60.2.14 gke-cluster-1-default-pool-bf356567-mrnh | |
| nginx-5ffb5df89f-cx65l 1/1 Running 0 72s 10.60.1.12 gke-cluster-1-default-pool-f41b1aed-5n51 | |
| nginx-5ffb5df89f-l9n96 1/1 Running 0 71s 10.60.2.17 gke-cluster-1-default-pool-bf356567-mrnh | |
| nginx-5ffb5df89f-mxw7m 1/1 Running 0 3m53s 10.60.1.11 gke-cluster-1-default-pool-f41b1aed-5n51 |
bharatmicrosystems
/ nginx-deployment.yaml
Created
July 26, 2020 19:18
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ cat <<EOF | kubectl apply -f - | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| labels: | |
| app: nginx | |
| name: nginx | |
| spec: | |
| replicas: 4 | |
| selector: |
bharatmicrosystems
/ pod-disruption.yaml
Created
July 26, 2020 19:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ cat <<EOF | kubectl apply -f - | |
| apiVersion: policy/v1beta1 | |
| kind: PodDisruptionBudget | |
| metadata: | |
| name: nginx-pdb | |
| spec: | |
| minAvailable: 3 | |
| selector: | |
| matchLabels: | |
| app: nginx |
bharatmicrosystems
/ jsonpath.sh
Created
July 19, 2020 00:04
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get ExternalIPs of all nodes | |
| kubectl get nodes -o jsonpath='{.items[*].status.addresses[?(@.type=="ExternalIP")].address}' | |
| # List Names of Pods that belong to Particular RC | |
| # "jq" command useful for transformations that are too complex for jsonpath, it can be found at https://stedolan.github.io/jq/ | |
| sel=${$(kubectl get rc my-rc --output=json | jq -j '.spec.selector | to_entries | .[] | "\(.key)=\(.value),"')%?} | |
| echo $(kubectl get pods --selector=$sel --output=jsonpath={.items..metadata.name}) | |
| # Check which nodes are ready | |
| JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}' \ | |
| && kubectl get nodes -o jsonpath="$JSONPATH" | grep "Ready=True" | |
| # List all Secrets currently in use by a pod |
bharatmicrosystems
/ kdr.yaml
Created
July 18, 2020 23:48
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ kdr run nginx --image=nginx | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| creationTimestamp: null | |
| labels: | |
| run: nginx | |
| name: nginx | |
| spec: | |
| containers: |
bharatmicrosystems
/ kubectl-explain.yaml
Created
July 18, 2020 23:42
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ k explain pod.spec.containers.resources | |
| KIND: Pod | |
| VERSION: v1 | |
| RESOURCE: resources <Object> | |
| DESCRIPTION: | |
| Compute Resources required by this container. Cannot be updated. More info: | |
| https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ | |
| ResourceRequirements describes the compute resource requirements. | |
| FIELDS: | |
| limits <map[string]string> |
bharatmicrosystems
/ kgetrs1
Created
July 7, 2020 13:33
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ kubectl get rs nginx-priv-545c8557d5 | |
| NAME DESIRED CURRENT READY AGE | |
| nginx-priv-545c8557d5 1 0 0 88s | |
| $ kubectl describe rs nginx-priv-545c8557d5|tail | |
| Conditions: | |
| Type Status Reason | |
| ---- ------ ------ | |
| ReplicaFailure True FailedCreate | |
| Events: | |
| Type Reason Age From Message |
bharatmicrosystems
/ nginx-priv.yaml
Created
July 7, 2020 13:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| kubectl create -f- <<EOF | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| creationTimestamp: null | |
| labels: | |
| app: nginx-priv | |
| name: nginx-priv | |
| spec: | |
| replicas: 1 |
bharatmicrosystems
/ disallow-privileged-pod.yaml
Created
July 7, 2020 13:31
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cat <<EOF | kubectl apply -f - | |
| apiVersion: policy/v1beta1 | |
| kind: PodSecurityPolicy | |
| metadata: | |
| name: disallow-privileged-pod | |
| spec: | |
| privileged: false #This disallows any privileged pods | |
| seLinux: | |
| rule: RunAsAny | |
| supplementalGroups: |