gcloud help
gcloud projects list
gcloud projects create scaling-ms
gcloud projects delete my-project-1484614311039
gcloud compute zones list
gcloud config set compute/zone europe-west1-d
gcloud config get-value compute/zone
gcloud compute images list # Lists all gcloud images
gcloud compute instances list # Lists my instances
gcloud compute instances create ubuntu --image-project ubuntu-os-cloud --image ubuntu-1604-xenial-v20160420c
gcloud compute instances describe ubuntu
gcloud compute instances describe ubuntu --format=yaml
gcloud compute ssh ubuntu
gcloud compute instances delete ubuntu
sudo docker ps
For use in shell scripts you might want to just get a list of container IDs (-a stands for all instances, not just running, and -q is for "quiet" - show just the numeric ID):
sudo docker ps -aq
You can use either CONTAINER ID or NAMES field, from a sudo docker ps
sudo docker inspect <Container ID>
# or
sudo docker inspect <Container_name>
You can also get all instance IDs and their corresponding IP addresses by doing this:
sudo docker inspect -f '{{.Name}} - {{.NetworkSettings.IPAddress }}' $(sudo docker ps -aq)
sudo docker stop <cid>
or sudo docker stop $(sudo docker ps -aq)
sudo docker ps
sudo docker rm <cid>
or sudo docker rm $(sudo docker ps -aq)
sudo docker build -t my_super_app:1.0.0 .
#List the my_super_app image
sudo docker images my_super_app:1.0.0
sudo docker run -d my_super_app:1.0.0
sudo docker inspect <container name or cid>
or
CID=$(sudo docker run -d my_super_app:1.0.0)
CIP=$(sudo docker inspect --format '{{ .NetworkSettings.IPAddress }}' ${CID})
sudo docker tag my_super_app:1.0.0 mosesmansaray/my_super_app:1.0.0
# Renaming
sudo docker tag my_super_app:1.0.0 mosesmansaray/example-my_super_app:1.0.0
sudo docker login
sudo docker push mosesmansaray/example-my_super_app:1.0.0
Use alpine Docker Official Images A minimal Docker image based on Alpine Linux with a complete package index and only 5 MB in size!
Official K8 Cheats: https://kubernetes.io/docs/reference/kubectl/cheatsheet/
Official Cheet sheet here
bootstrapped with GKE using gcloud
gcloud container clusters create k0
gcloud container clusters list
gcloud container clusters describe k0
You can add --format json
it is yaml
by default
Launch a single instance:
kubectl run nginx --image=nginx:1.1.0
Describe Pods
kubectl describe pods
Get pods
kubectl get pods
kubectl get pods -l "image=ecosystem-api" # Where image is ecosystem-api
kubectl get pods -l "app=my_super_app"
kubectl get pods -l "app=my_super_app,secure=enabled"
via grep
kubectl get pods -n dev | grep "retail\|forecast\|ecosystem-api"
Get All application
k get all
k get all | "Filter-by-app-name"
Set Pod Labels - Dynamically
kubectl label pods secure-my_super_app "secure=enabled"
# Verify
kubectl describe pods secure-my_super_app | grep Labels
Expose nginx
kubectl expose deployment nginx --port 80 --type LoadBalancer
List services
kubectl get services
# example response
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.43.240.1 <none> 443/TCP 20m
nginx LoadBalancer 10.43.242.166 35.189.85.159 80:31813/TCP 5m
Port-forwarding
kubectl port-forward my_super_app 1000:80
# Great for testing pods directly, but user service to expose pods in Production.
kubectl create -f deployments/auth.yaml
kubectl describe deployments auth
kubectl get replicasets
kubectl logs my_super_app
kubectl logs -f my_super_app
Stern to a whole level:
see: https://blog.knoldus.com/read-k8s-logs-using-stern/
stern -t --selector=env=dev
stern <match any pod containing the term "here" and all containers within it, eg, "ui-app">
# Match any pod which contain the term ui-app and only the nginx container within it.
stern ui-app -c nginx
# Show logs from 15m ago with timestamp
stern ui-app -t --since 15m
ssh inside inside the my_super_app Pod to troubleshoot from within a container
kubectl exec my_super_app --stdin --tty -c my_super_app /bin/sh
Create the "tls-certs" secret object from the TLS certificates stored under the "tls" directory:
kubectl create secret generic tls-certs --from-file=tls/
# kubectl will create a key for each file in the tls directory under the tls-certs secret bucket.
# verify
kubectl describe secrets tls-certs
Curl with cacert
curl --cacert <tls/ca.pem> https://127.0.0.1:443
Quikc quide to TLS and SSL here
kubectl create configmap nginx-proxy-conf --from-file=nginx/proxy.conf
# Verify
kubectl describe configmap nginx-proxy-conf
Use JQ to set variables
TOKEN=$(curl 127.0.0.1:8282/login -u user | jq -r '.token')
Use it
curl -H "Authorization: Bearer $TOKEN" http://127.0.0.1:10020/secure
Test connections to SSL sites without certs (-k option)
curl -k https://35.234.159.214
.
.
.
.
.
.