[gcloud command] gcloud and kubectl command #gcloud

gcloud.md

Zone

zone: asia-southeast1-b
region: asia-southeast1

Commands

gcloud auth login
gcloud auth application-default login
gcloud auth activate-service-account --key-file credentials.json

# create cluster
gcloud container clusters create NAME --zone ZONE --machine-typ TYPE --num-nodes NODES 

# resize
gcloud container clusters resize NAME --size SIZE --zone europe-west1-b

# Container Engine context
gcloud container cluster get-credentials mycluster 

# change project
gcloud config set project abc-12345
gcloud config set compute/zone us-central1-a
gcloud config set compute/region [region]

gcloud config set container/cluster [Cluster Name]

# gsutil
gsutil cp setup.html gs://$BUCKET_NAME_1/
gsutil acl get gs://$BUCKET_NAME_1/setup.html  > acl.txt
gsutil acl set private gs://$BUCKET_NAME_1/setup.html 
gsutil acl ch -u AllUsers:R gs://$BUCKET_NAME_1/setup.html
gsutil lifecycle set life.json gs://$BUCKET_NAME_1 # set lifecyle
gsutil rsync -r ./firstlevel gs://$BUCKET_NAME_1/firstlevel # sync folder

# gateway
gcloud compute target-vpn-gateways list
gcloud compute target-vpn-gateways create vpn-2 --network vpn-network-2 --region europe-west1
gcloud compute addresses create --region us-east1 vpn-1-static-ip

gcloud compute vpn-tunnels list
gcloud compute vpn-tunnels create tunnel1to2  \
--peer-address $STATIC_IP_VPN_2 \
--region us-east1 \
--ike-version 2 \
--shared-secret gcprocks \
--target-vpn-gateway vpn-1 \
--local-traffic-selector 0.0.0.0/0 \
--remote-traffic-selector 0.0.0.0/0

gcloud compute  routes create route1to2  \
--network vpn-network-1 \
--next-hop-vpn-tunnel tunnel1to2 \
--next-hop-vpn-tunnel-region us-east1 \
--destination-range 10.1.3.0/24

Kubernetes

https://github.com/kubernetes/ingress-gce/tree/master/examples/websocket

kubectl proxy # http://localhost:8001/ui
kubectl config view
kubectl config use-context <contextname>

kubectl get po
kubectl delete po <po name>
kubectl apply -f file.yaml # update a resource


# copy files
kubectl exec rc-keycloak-1sq0x -i -t -- /bin/bash
kubectl cp  /Users/haivu/projects/ananse/helo rc-keycloak-1sq0x:/opt/jboss/keycloak/themes/helo

# forward
kubectl port-forward rc-dev-qqfjl 14888:14889

# view resources
kubectl describe nodes | grep -A 2 -e "^\\s*CPU Requests"
kubectl top node

Secret

kubectl create secret generic htmlcoin-secret --from-file=firebase-admin=/Users/haivu/projects/r3/htmlcoin-wallet-firebase-adminsdk.json

# update secret
kubectl create secret generic my-secret \
  --from-file=./secret/secret.json \
  -o yaml --dry-run | kubectl replace -f -
  
# decode
kubectl get secret mysecret -o yaml
echo 'QjdzbTRnSmI4eg==' | base64 --decode # decode base64

Deployment Manager

https://github.com/GoogleCloudPlatform/deploymentmanager-samples.git

gcloud deployment-manager types list

pvc-postgres.yaml

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: pvc-postgres
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 200Gi

rc-postgres.yaml

apiVersion: v1
kind: ReplicationController
metadata:
  name: rc-postgres
  labels:
    app: postgres
    env: prod
    role: services
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: postgres
        env: prod
        role: services
    spec:
      containers:
      - name: rc-postgres
        image: postgres:10.4-alpine
        imagePullPolicy: Always
        resources:
          requests:
            cpu: 100m
            memory: 1000Mi
          limits:
            cpu: 800m
            memory: 1500Mi
        volumeMounts:
        - name: postgres-persistent-storage
          mountPath: "/postgres"
          readOnly: false
        ports:
        - containerPort: 5432
          name: ipport
        env:
          - name: POSTGRES_PASSWORD
            valueFrom:
              secretKeyRef:
                name: postgres-secret
                key: password
          - name: PGDATA
            value: "/postgres/data"
      securityContext:
        fsGroup: 101
      volumes:
      - name: postgres-persistent-storage
        persistentVolumeClaim:
          claimName: pvc-postgres