Skip to content

Instantly share code, notes, and snippets.

@NickLarsenNZ

NickLarsenNZ/KubernetesTips.md

Last active March 30, 2020 19:34
Show Gist options
  • Save NickLarsenNZ/007f6719afa1ae3a25a2319452741020 to your computer and use it in GitHub Desktop.
Save NickLarsenNZ/007f6719afa1ae3a25a2319452741020 to your computer and use it in GitHub Desktop.
Download ZIP
CLI tips
Raw
KubernetesTips.md

Kubernetes Tips

Check TLS certifiacte DNS names from a secret

kubectl get secrets local-etcd-0 -o go-template='{{index .data "tls.crt"}}' | base64 -d | openssl x509 -noout -text | grep DNS:

Mutual TLS verification

kubectl port-forward local-etcd-0 8888:2380
true | openssl s_client -CAfile ca.pem -connect localhost:8888 -cert cert.pem -key key.pem -servername localhost -state
curl --cacert ca.pem --cert cert.pem --key key.pem https://localhost:8888

Check Service type:LoadBalancer IPs

kubectl get svc -o yaml | yq -y '[.items[] | select(.spec.type == "LoadBalancer") | select(.metadata.labels.app == "my-service") | .metadata.name as $name | .status.loadBalancer.ingress[] | {name: $name, ip: .ip}]'
- name: my-service-0
  ip: 10.0.0.4
- name: my-service-1
  ip: 10.0.0.5
- name: my-service-2
  ip: 10.0.0.6
- name: my-service-3
  ip: 10.0.0.7
- name: my-service-4
  ip: 10.0.0.8
Raw
RandomCommands.md

Update bash path cache

I needed the extended version of hugo since I used a theme that requires CSS processing. This is now only available in the extended version of hugo. Hugo was installed via apt, but I wanted to use snap, did the usual:

  • sudo apt remove hugo
  • sudo snap install hugo --channel=extended

I tried checking the version, was greeted with an error: -bash: /usr/local/bin/hugo: No such file or directory.

Bash caches binaries found in the paths listed in the PATH variable. To clear this out, you can run:

hash -d hugo

Source: https://unix.stackexchange.com/a/5610

Raw
SSH Tips.md

SSH Tips

Aliases and Proxy

Host *
    User myusername
    GSSAPIAuthentication no
    StrictHostKeyChecking no
    UserKnownHostsFile /dev/null

Host bastion
    HostName bastion.example.com

Host everything10
    Host 10.*
    ProxyCommand ssh -W %h:%p bastion
  • Logging in to anything will default to user myusername
  • Automatically trust hosts (instead of having to type yes for new hosts - rightly or wrongly, no one checks fingerprints anyway)
  • Anything on 10.x.x.x will be proxied through a bastion host
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment