Attempt to recreate problem the @justinsb is having with 2s interval
Create cluster
kops create cluster --zones us-east-1c --name rolling-update.aws.k8spro.com --yes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| getMasterIP() | |
| CLUSTER=$1 | |
| AZ=$2 | |
| aws ec2 describe-instances --filter Name="tag-value",Values="master-${AZ}.masters.${CLUSTER}" --filter Name="instance-state-name",Values="running" | jq -r '.Reservations[0].Instances[0].PublicIpAddress' | |
| } | |
| tailMasterLog() { | |
| IP=$(getMasterIP $1 $2) | |
| ssh admin@$IP "tail -f /var/log/daemon.log" | |
| } |
chrislovecnm
/ rolling-update-2m.md
Last active
September 5, 2017 02:15
Rolling Update test normal case 2m interval
chrislovecnm
/ kops-admin.json
Last active
October 3, 2017 15:36
Permissions Needed By a Kops Administrator - No VPC network perms included.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "ec2:AttachVolume", | |
| "ec2:AuthorizeSecurityGroupEgress", | |
| "ec2:AuthorizeSecurityGroupIngress", | |
| "ec2:CreateSecurityGroup", |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "ec2:DescribeInstances" | |
| ], | |
| "Resource": [ | |
| "*" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "ec2:AttachVolume", | |
| "ec2:AuthorizeSecurityGroupIngress", | |
| "ec2:CreateTags", | |
| "ec2:CreateVolume", |
chrislovecnm
/ kops-iam-installer.txt
Created
April 18, 2017 20:08
IAM roles for kops kubernetes installer
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //All the resource "*" we can prune down to a | |
| //"Resource": "arn:aws:iam::ACCOUNTNUMBER:role/ROLENAME" | |
| // which is tied to a VPC | |
| // This is a list of the permissions that our installer tools | |
| // use. | |
| // There are multiple modes that our installer uses, we | |
| // will not need the perms for VPC creation as we | |
| // will be using a pre installed VPC | |
| // Will need all of these |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //All the resource "*" we can prune down to a | |
| //"Resource": "arn:aws:iam::ACCOUNTNUMBER:role/ROLENAME" | |
| //which is tied to a VPC | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "ec2:Describe*" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //All the resource "*" we can prune down to a | |
| //"Resource": "arn:aws:iam::ACCOUNTNUMBER:role/ROLENAME" | |
| //which is tied to a VPC | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| // This is used by the autoscaling components | |
| { | |
| "Effect": "Allow", | |
| "Action": [ |
chrislovecnm
/ pod-antiaffinity.yaml
Created
March 15, 2017 22:34
example yaml for pod anti-affinity
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: nginx | |
| labels: | |
| nginx: yes | |
| annotations: | |
| scheduler.alpha.kubernetes.io/affinity: > | |
| { | |
| "nodeAffinity": { |