Roy Hiroyuki Osaki onelittlenightmusic

Lab Manager at Hitachi America, Software engineer, CKA, CKAD, CKS, The views and opinions expressed herein are on my own. He/him (大崎裕之 in Japanese)

onelittlenightmusic / ingress-whitelist.rego

Created February 19, 2020 08:21

	package kubernetes.admission
	import data.kubernetes.namespaces

	operations = {"CREATE", "UPDATE"}

	deny[msg] {
	input.request.kind.kind == "Ingress"
	operations[input.request.operation]
	host := input.request.object.spec.rules[_].host
	not fqdn_matches_any(host, valid_ingress_hosts)

onelittlenightmusic / main.rego

Created February 19, 2020 08:19

	package system
	import data.kubernetes.admission
	main = {
	"apiVersion": "admission.k8s.io/v1beta1",
	"kind": "AdmissionReview",
	"response": response,
	}
	default response = {"allowed": true}
	response = {
	"allowed": false,

onelittlenightmusic / kubectl.final.sh

Created February 5, 2020 04:10

	$ kubectl --kubeconfig=./capi-quickstart.kubeconfig get nodes

	NAME STATUS ROLES AGE VERSION
	capi-quickstart-capi-quickstart-controlplane-0 Ready master 3d22h v1.15.3
	capi-quickstart-capi-quickstart-worker-85cbf8fd8c-mhrlz Ready <none> 3d22h v1.15.3
	capi-quickstart-capi-quickstart-worker-85cbf8fd8c-wjk9h Ready <none> 3m8s v1.15.3

onelittlenightmusic / machinedeployment.docker.check.sh

Created February 5, 2020 04:08

	$ docker ps
	CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
	e55a1192feeb kindest/node:v1.15.3 "/usr/local/bin/entr…" About a minute ago Up About a minute capi-quickstart-capi-quickstart-worker-85cbf8fd8c-wjk9h
	e6162d760dd7 kindest/node:v1.15.3 "/usr/local/bin/entr…" 3 days ago Up 3 days capi-quickstart-capi-quickstart-worker-85cbf8fd8c-mhrlz
	f449784405e6 kindest/node:v1.15.3 "/usr/local/bin/entr…" 3 days ago Up 3 days 35547/tcp, 127.0.0.1:35547->6443/tcp capi-quickstart-capi-quickstart-controlplane-0
	38d5a9338e3d nginx:1.15.12-alpine "nginx -g 'daemon of…" 3 days ago Up 3 days 80/tcp, 40319/tcp, 0.0.0.0:40319->6443/tcp capi-quickstart-lb
	68d711500e26 kindest/node:v1.17.0 "/usr/local/bin

onelittlenightmusic / edit.kubectl.check.sh

Created February 5, 2020 04:08

	$ kubectl get machines
	NAME PROVIDERID PHASE
	capi-quickstart-controlplane-0 docker:////capi-quickstart-capi-quickstart-controlplane-0 running
	capi-quickstart-worker-85cbf8fd8c-mhrlz docker:////capi-quickstart-capi-quickstart-worker-85cbf8fd8c-mhrlz running
	capi-quickstart-worker-85cbf8fd8c-wjk9h provisioning

onelittlenightmusic / machinedeployment.diff

Created February 5, 2020 04:06

	- replica: 1
	+ replica: 2

onelittlenightmusic / edit.sh

Created February 5, 2020 04:05

$ kubectl edit machinedeployment capi-quickstart-worker

onelittlenightmusic / worker.kubectl.check.sh

Created February 5, 2020 04:02

	kubectl --kubeconfig=./capi-quickstart.kubeconfig get nodes  ✔  1656  01:13:19

	NAME STATUS ROLES AGE VERSION
	capi-quickstart-capi-quickstart-controlplane-0 Ready master 20m v1.15.3
	capi-quickstart-capi-quickstart-worker-85cbf8fd8c-mhrlz Ready <none> 6m30s v1.15.3

onelittlenightmusic / worker.docker.check.sh

Created February 5, 2020 04:02

	docker ps
	CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
	e6162d760dd7 kindest/node:v1.15.3 "/usr/local/bin/entr…" 2 minutes ago Up 2 minutes capi-quickstart-capi-quickstart-worker-85cbf8fd8c-mhrlz
	f449784405e6 kindest/node:v1.15.3 "/usr/local/bin/entr…" 16 minutes ago Up 16 minutes 35547/tcp, 127.0.0.1:35547->6443/tcp capi-quickstart-capi-quickstart-controlplane-0
	38d5a9338e3d nginx:1.15.12-alpine "nginx -g 'daemon of…" 26 minutes ago Up 26 minutes 80/tcp, 40319/tcp, 0.0.0.0:40319->6443/tcp capi-quickstart-lb
	68d711500e26 kindest/node:v1.17.0 "/usr/local/bin/entr…" 40 minutes ago Up 40 minutes 127.0.0.1:32775->6443/tcp clusterapi-control-plane

onelittlenightmusic / worker.check.sh

Created February 5, 2020 04:02

	kubectl create -f worker.yaml
	machinedeployment.cluster.x-k8s.io/capi-quickstart-worker created
	dockermachinetemplate.infrastructure.cluster.x-k8s.io/capi-quickstart-worker created
	kubeadmconfigtemplate.bootstrap.cluster.x-k8s.io/capi-quickstart-worker created