suhas316380

1. Create a pod and mount a secret:

apiVersion: v1
kind: Pod
metadata:
  labels:
    run: httpd
  name: httpd
spec:
 nodeName: 

suhas316380

Initial steps:

• Make sure that there are no resources within the namespace - Pods, Deployments, ReplicaSets, CRDs webhooks etc.
• Also, run kubectl get ns <your_namespace> -o json > stuck_ns.json and check the JSON to see if there are obvious indications as to what's causing it.

Approach 1 .

Right way is to find out why it's stuck in terminating state. Very common reason is there's an unavailable API service(s) which prevents cluster from finalizing namespaces.

1. kubectl get apiservice | grep False

suhas316380

#!/usr/bin/env python
# -*- coding: utf-8 -*-
# Copyright 2012 Matt Martz
# All Rights Reserved.
#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0

suhas316380

kubectl-debug create -f- <<EOF
apiVersion: v1
kind: Pod
metadata:
  name: privileged-debug
spec:
  hostNetwork: true
  containers:
    - name: privileged-debug
      image: ubuntu

suhas316380

timestamp=$(date +%d-%m-%Y_%H-%M-%S)
echo "############## ${timestamp} ##############"
declare -a ignore_namespaces=("kube-system" "kube-node-lease" "kube-public")
namespaces=($(/usr/local/bin/kubectl get ns -o name))
for ns in "${namespaces[@]}"; do
    ns=${ns##*/}
    echo -e "\nProcessing Namespace: ${ns} "
    status=$(/usr/local/bin/kubectl get ns ${ns} -o jsonpath='{.status.phase}')
    if [ "${status}" == "Active" ]; then
        if grep -q "${ns}" <<< "${ignore_namespaces[@]}"

suhas316380

[toplevel]

whoami = sts get-caller-identity

create-assume-role =
  !f() {
    aws iam create-role --role-name "${1}" \
      --assume-role-policy-document \
        "{\"Statement\":[{\
            \"Action\":\"sts:AssumeRole\",\

suhas316380

check EKS release

curl -s https://docs.aws.amazon.com/eks/latest/userguide/doc-history.rss | grep "<title>Kubernetes version"

Create EKS Cluster

eksctl create cluster --version=1.14 --name suhas-eks-test --region us-east-1 --zones us-east-1a,us-east-1b --node-type t2.medium --nodes 2 --ssh-access=true --ssh-public-key basarkod-test

Without any nodeGroup - Public

eksctl create cluster --without-nodegroup --version=1.14 --name delete-me --vpc-public-subnets=subnet-123,subnet-456

Without any nodeGroup - PRIVATE

suhas316380

Setup EKS Fargate nodes with existing EKS cluster of EC2 Launch type - mix and match

Sources:

• https://docs.aws.amazon.com/cli/latest/reference/eks/create-fargate-profile.html
• https://docs.aws.amazon.com/cli/latest/reference/eks/create-fargate-profile.html
• https://docs.aws.amazon.com/eks/latest/userguide/fargate-profile.html#w243aac17c25c19b5b1

bash script

suhas316380

I use this script to check for any throttling issues for EKS or Kubernetes running on AWS. Feel free to customize it depending on your needs.

Explaination of the script:

• Capture packets on ENIs associated with EC2 and exlcude "eth*" and "lo" interfaces. The list of interfaces can be obtained by running the command: ls -1 /sys/class/net
• If you'd like to capture packets on all interfaces, replace "[[ $i = eni* ]] && tcpdump_func $i &" with "tcpdump_func $i &"
• Iterates through all the ENIs associated with the worker nodes and captures packets for 60 seconds
• I used this as a reference to come up with this script

Bash Script

suhas316380

This outlines how to use S3 bucket as a repository for your helm charts

Sources:

1. How to create a helm-chart repository using S3
2. Hackernoon

Steps:

1. Create a S3 Bucket named "helm-charts-s3-bucket" with the following bucket polcy