Skip to content

Instantly share code, notes, and snippets.

@DaddyMoe

DaddyMoe/CheatsheetsGcloudAndKubernetesCommands.md

Last active January 23, 2022 20:35
Show Gist options
  • Save DaddyMoe/f7508866ace2448370ea9fcbe576ec5d to your computer and use it in GitHub Desktop.
Save DaddyMoe/f7508866ace2448370ea9fcbe576ec5d to your computer and use it in GitHub Desktop.
Download ZIP
Cheat sheets: Gcloud and Kubernetes commands
Raw
CheatsheetsGcloudAndKubernetesCommands.md

Gcloud with Kubernetes

GCloud

gcloud help
gcloud projects list
gcloud projects create scaling-ms
gcloud projects delete my-project-1484614311039
gcloud compute zones list
gcloud config set compute/zone europe-west1-d
gcloud config get-value compute/zone
gcloud compute images list # Lists all gcloud images
gcloud compute instances list # Lists my instances
gcloud compute instances create ubuntu --image-project ubuntu-os-cloud --image ubuntu-1604-xenial-v20160420c
gcloud compute instances describe ubuntu
gcloud compute instances describe ubuntu --format=yaml
gcloud compute ssh ubuntu
gcloud compute instances delete ubuntu

Docker

List all running container processes

sudo docker ps

For use in shell scripts you might want to just get a list of container IDs (-a stands for all instances, not just running, and -q is for "quiet" - show just the numeric ID):

sudo docker ps -aq

Inspect the container

You can use either CONTAINER ID or NAMES field, from a sudo docker ps

sudo docker inspect <Container ID>
# or
sudo docker inspect <Container_name>

Connect to the nginx using the internal IP

You can also get all instance IDs and their corresponding IP addresses by doing this:

sudo docker inspect -f '{{.Name}} - {{.NetworkSettings.IPAddress }}' $(sudo docker ps -aq)

Stop an instance

sudo docker stop <cid>

or sudo docker stop $(sudo docker ps -aq)

Verify no more instances running

sudo docker ps

Remove the docker containers from the system

sudo docker rm <cid>

or sudo docker rm $(sudo docker ps -aq)

Build the app container

sudo docker build -t my_super_app:1.0.0 .
#List the my_super_app image
sudo docker images my_super_app:1.0.0

Run the "my_super_app" container and get it's IP

sudo docker run -d my_super_app:1.0.0
sudo docker inspect <container name or cid>

or

CID=$(sudo docker run -d my_super_app:1.0.0)
CIP=$(sudo docker inspect --format '{{ .NetworkSettings.IPAddress }}' ${CID})

Add your own tag

sudo docker tag my_super_app:1.0.0 mosesmansaray/my_super_app:1.0.0

# Renaming
sudo docker tag my_super_app:1.0.0 mosesmansaray/example-my_super_app:1.0.0

Login and use the docker push command

sudo docker login
sudo docker push mosesmansaray/example-my_super_app:1.0.0

Docker notes

Use alpine Docker Official Images A minimal Docker image based on Alpine Linux with a complete package index and only 5 MB in size!

Kubernetes (k8)

Official K8 Cheats: https://kubernetes.io/docs/reference/kubectl/cheatsheet/

Official Cheet sheet here

Setup a Kubernetes Cluster

bootstrapped with GKE using gcloud

gcloud container clusters create k0

Desribe

gcloud container clusters list
gcloud container clusters describe k0

You can add --format json it is yaml by default

Usage

Launch a single instance:

kubectl run nginx --image=nginx:1.1.0

Describe Pods

kubectl describe pods

Get pods

kubectl get pods
kubectl get pods -l "image=ecosystem-api" # Where image is ecosystem-api

kubectl get pods -l "app=my_super_app" 
kubectl get pods -l "app=my_super_app,secure=enabled"

via grep
kubectl get pods -n dev | grep "retail\|forecast\|ecosystem-api"

Get All application

k get all
k get all | "Filter-by-app-name"

Set Pod Labels - Dynamically

kubectl label pods secure-my_super_app "secure=enabled"
# Verify
kubectl describe pods secure-my_super_app | grep Labels

Expose nginx

kubectl expose deployment nginx --port 80 --type LoadBalancer

List services

kubectl get services

# example response
NAME         TYPE           CLUSTER-IP      EXTERNAL-IP     PORT(S)        AGE
kubernetes   ClusterIP      10.43.240.1     <none>          443/TCP        20m
nginx        LoadBalancer   10.43.242.166   35.189.85.159   80:31813/TCP   5m

Port-forwarding

kubectl port-forward my_super_app 1000:80
# Great for testing pods directly, but user service to expose pods in Production.

Deployments

kubectl create -f deployments/auth.yaml
kubectl describe deployments auth

Replicasets

 kubectl get replicasets

Logs

kubectl logs my_super_app
kubectl logs -f my_super_app

Stern to a whole level:

see: https://blog.knoldus.com/read-k8s-logs-using-stern/

stern -t --selector=env=dev
stern <match any pod containing the term "here" and all containers within it, eg, "ui-app">

# Match any pod which contain the term ui-app and only the nginx container within it.
stern ui-app -c nginx

# Show logs from 15m ago with timestamp
stern ui-app -t --since 15m

Interactive shell

ssh inside inside the my_super_app Pod to troubleshoot from within a container

kubectl exec my_super_app --stdin --tty -c my_super_app /bin/sh

Certificates

Create the "tls-certs" secret object from the TLS certificates stored under the "tls" directory:

kubectl create secret generic tls-certs --from-file=tls/
# kubectl will create a key for each file in the tls directory under the tls-certs secret bucket.

# verify
kubectl describe secrets tls-certs

Curl with cacert
curl --cacert <tls/ca.pem> https://127.0.0.1:443

Quikc quide to TLS and SSL here

Config map

kubectl create configmap nginx-proxy-conf --from-file=nginx/proxy.conf

# Verify
kubectl describe configmap nginx-proxy-conf

Misc

Use JQ to set variables

TOKEN=$(curl 127.0.0.1:8282/login -u user | jq -r '.token')

Use it

curl -H "Authorization: Bearer $TOKEN" http://127.0.0.1:10020/secure

Test connections to SSL sites without certs (-k option)

curl -k https://35.234.159.214

.

.

.

.

.

.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment