Get a list of pods on for each node based on node status that is unschedulable
for i in $(kubectl get nodes -o wide -L my.label/type --field-selector spec.unschedulable=true |sed 1d | awk '{print $1}'); do
kubectl get pods --all-namespaces --field-selector spec.nodeName=${i} -o wide
done
Set a cluster certificate-authority-data
kubectl config --kubeconfig full_cluster \
set clusters.${cluster_name}.certificate-authority-data ${data_base64_encoded}
Adding a taint to the master nodes
kubectl taint nodes mynode node-role.kubernetes.io/master=:NoSchedule
or remove
kubectl taint nodes mynode node-role.kubernetes.io/master:NoSchedule-
How much storage is flapping in the wind.
kubectl get pv | grep Released | awk '{print $2}' |cut -d"G" -f1 | awk '{total +=$1} END {print "Total:", total, "Gi"}'
Start a job from a cronjob. I need this when something fails and I missed the scheduled cron period.
kubectl create job --from=cronjob/my_cronjob_name my_onetime_run_job_name
Security is hard, why not make it easier. Install this awesome tool to handle querying your cluster. This works a lot better than parsing a bunch of json.
https://github.com/FairwindsOps/rbac-lookup
Test your changes as a specific user.
kubectl --as=me@abond.dev --as-group=role:admin --as-group=role:engineer get virtualservice
yet another way to test permissions
$ k auth can-i get statefulset/zk --as=system:serviceaccount:jenkins:default -n zookeeper
yes
Find those resource limits.
kubectl get po -o=jsonpath="{range .items[*]}{.metadata.namespace}:{.metadata.name}{'\n'}{range .spec.containers[*]} {.name}{'\n'} CPU|{.resources.requests.cpu}|{.resources.limits.cpu}{'\n'} MEM|{.resources.requests.memory}|{.resources.limits.memory}{'\n'}{end}{'\n'}{end}"
When you want to kill just one container
kubectl exec -it mypod -c telegraf -- /bin/kill -SIGHUP 1