Skip to content

Instantly share code, notes, and snippets.

View brianpursley's full-sized avatar

Brian Pursley brianpursley

56 followers · 16 following
View GitHub Profile
@brianpursley
brianpursley / gist:3e303b6859a7c06693ff61923997d4c7
Created February 6, 2022 22:54
Start a TCP echo pod in Kubernetes
kubectl run tcpecho --image=alpine --restart=Never -- /bin/sh -c "apk add socat && socat -v tcp-listen:8080,fork EXEC:cat"
@brianpursley
brianpursley / kubectl-echo.md
Created April 13, 2022 20:51
Create an echo server in Kubernetes

Creates a pod called echo that listens on port 8080, echoing everything it receives.

kubectl run echo --image=busybox -- nc -lk -p 8080 -e cat

To test it out, you can do this, to listen on local port 8080 and forward all connections to the echo pod:

kubectl port-forward echo 8080:8080
@brianpursley
brianpursley / Validate.md
Created May 13, 2022 19:46
Validate functions that operate on cmd and args

Most Validate functions take no parameters, and only validate against Options:

~/go/src/k8s.io/kubernetes (master) $ grep -r ./staging/src/k8s.io/kubectl -Pe 'func.*\(.*Options\).Validate\(\)'
./staging/src/k8s.io/kubectl/pkg/cmd/set/set_resources.go:func (o *SetResourcesOptions) Validate() error {
./staging/src/k8s.io/kubectl/pkg/cmd/set/set_selector.go:func (o *SetSelectorOptions) Validate() error {
./staging/src/k8s.io/kubectl/pkg/cmd/set/set_image.go:func (o *SetImageOptions) Validate() error {
./staging/src/k8s.io/kubectl/pkg/cmd/set/set_subject.go:func (o *SubjectOptions) Validate() error {
./staging/src/k8s.io/kubectl/pkg/cmd/set/set_env.go:func (o *EnvOptions) Validate() error {
./staging/src/k8s.io/kubectl/pkg/cmd/proxy/proxy.go:func (o ProxyOptions) Validate() error {
./staging/src/k8s.io/kubectl/pkg/cmd/label/label.go:func (o *LabelOptions) Validate() error {
@brianpursley
brianpursley / nginx.sh
Created June 24, 2022 20:42
Nginx pod with readiness probe using path that is 302 redirected to another path
kubectl create ns nginx-test
kubectl apply --namespace nginx-test -f - << EOF
apiVersion: v1
kind: ConfigMap
metadata:
name: nginx-config
data:
default.conf: |
server {
@brianpursley
brianpursley / postgres.sh
Created August 14, 2022 22:38
Script to start a postgres pod, forward port 5432 locally, and cleanup on exit
#!/bin/sh
kubectl run postgres --image=postgres --env=POSTGRES_PASSWORD=hunter2
kubectl wait --for=condition=Ready pod/postgres
cleanup() {
echo
kubectl delete pod postgres --now
}
@brianpursley
brianpursley / ServiceCollectionExtensions.cs
Created October 11, 2022 19:04
Use different SignUpSignIn Azure AD B2C policies, depending on the hostname, allowing you to provide SSO for specific companies, without having to provide a button for each SSO integration on the main login page
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
namespace AuthTest.Extensions;
public static class ServiceCollectionExtensions
{
// USAGE:
//
// 1. Add the following line in Program.cs, after your call to AddMicrosoftIdentityWebApp:
// builder.Services.AddAlternateSignUpSignInPolicies(builder.Configuration.GetSection("AzureAdB2C"));
@brianpursley
brianpursley / openapi-bad.json
Last active January 19, 2023 01:39
OpenAPI for testing
{
"definitions": {
"org.apache.camel.v1.Integration": {
"description": "Integration is the Schema for the integrations API",
"properties": {
"spec": {
"description": "the desired Integration specification",
"properties": {
"template": {
"description": "Pod template customization",
@brianpursley
brianpursley / Overview.md
Last active April 5, 2023 14:09
Incorrect limits displayed for multi-container pods

Incorrect limits displayed for multi-container pods

Summary

Pod resource limits are incorrectly calculated in kubectl describe node when all the following conditions are met:

  1. The pod has multiple containers (including init containers).
  2. At least one container specifies a resource limit.
  3. At least one container does not specify a resource limit for a resource type for which another container has specified a resource limit.
@brianpursley
brianpursley / remove-extended-resources.sh
Last active April 13, 2023 01:11
Remove extended resources from kubernetes nodes
kubectl patch node k8s-worker-1 --subresource=status --type=json -p='[{"op":"remove","path":"/status/capacity/example.com~1fakecpu"}]'
kubectl patch node k8s-worker-1 --subresource=status --type=json -p='[{"op":"remove","path":"/status/capacity/example.com~1fakePTSRes"}]'
kubectl patch node k8s-worker-1 --subresource=status --type=json -p='[{"op":"remove","path":"/status/capacity/scheduling.k8s.io~1foo"}]'
kubectl patch node k8s-worker-2 --subresource=status --type=json -p='[{"op":"remove","path":"/status/capacity/example.com~1fakecpu"}]'
kubectl patch node k8s-worker-2 --subresource=status --type=json -p='[{"op":"remove","path":"/status/capacity/example.com~1fakePTSRes"}]'
kubectl patch node k8s-worker-2 --subresource=status --type=json -p='[{"op":"remove","path":"/status/capacity/scheduling.k8s.io~1foo"}]'
@brianpursley
brianpursley / cgroup-resources.sh
Created April 13, 2023 02:51
Get cgroup resources using crictl
sudo crictl inspect $(sudo crictl ps --name bar -q) | jq '.info.runtimeSpec.linux.resources'
sudo crictl inspect $(sudo crictl ps --name baz -q) | jq '.info.runtimeSpec.linux.resources'