kubectl explain
kubens/kubectx https://github.com/ahmetb/kubectx
kubecfg https://gist.github.com/caruccio/5c25ef92d7ad0f2e8d2e1b39c0271110
Kubectl aliases https://github.com/ahmetb/kubectl-aliases
Mostrar o comando completo no console
$ type k
k is aliased to `kubectl'
$ type kubectl
function kubectl ()
{
echo "$(tput setaf 6)+ kubectl $@ $(tput sgr0)" 1>&2
command kubectl "$@"
}
Crie seu próprio kubectl- https://gist.github.com/caruccio/fc182fb4e8b03257ea30682eb91db7ee
kubectl-top_node_pod https://gist.github.com/caruccio/756430d7a2de75cbd026d4dd5edd13c6
kubectl-evict (respeita PodDisruptionBudget) https://gist.github.com/caruccio/81c7c8761235c12034afcf82b3a24aa7
kubectl-count-all-objects vs namespace terminating https://gist.github.com/caruccio/7df68326ea4b7523669a1991424d2cda
kubectl-pfz https://gist.github.com/caruccio/245ecf15d35b4496d86d5c86bebe66f0
krew https://krew.sigs.k8s.io/docs/user-guide/setup/install/
kubectl krew update
kubectl krew search
kubectl krew install explore
^^^^^^^---> pluging name
kubectl explore pod
k8s prompt
_k8s_prompt()
{
local cfg=${KUBECONFIG:-~/.kube/config}
local ctx=$(yq ".current-context" < $cfg)
local kns=$(yq ".contexts[] | select(.name==\"$ctx\") | .context.namespace" < $cfg)
export PS1="[$ctx | ${ns:-default}] \$ "
}
export PROMPT_COMMAND=_k8s_prompt
Root-shell ssh localhost
remote# sudo dnf install openssh-server
remote# sudo ssh-keygen -A
remote# echo AllowAgentForwarding yes | sudo tee -a /etc/ssh/sshd_config
remote# echo PasswordAuthentication yes | sudo tee -a /etc/ssh/sshd_config
remote# sudo /usr/sbin/sshd -p 8022
local# xclip ~/.sh/id_ecdsa.pub
remote# sudo ssh-keygen -t dsa
remote# cat > authorized_keys
# Open tunnel
remote# ssh -R 2022:localhost:8022 centos@52.44.183.78
^^^^^^^^^^^^^^^^^^^---> go to local
# Access tunnel
remote# ssh -R 2022:localhost:8022 cloudshell-user@localhost -p 2022
^^^^^^^^^^^^^^^^^^^^^^^^^---> go to local
Pod root-shell https://medium.com/@mateus.caruccio/kubernetes-hack-lost-ssh-access-to-node-5dd36d35c74c
-> ssh-keygen && cat .ssh/id_rsa.pub .ssh/authorized_keys && ssh localhost
kubectl-show_secret https://gist.github.com/caruccio/6d2cf0373508323c373b86c98562a1ba
Caddy insecure proxy https://gist.github.com/caruccio/340c162c0ce52902faf605ea9780aecf
aws-assume-role https://gist.github.com/caruccio/4b017a921944378a729f3d704e319212
Watch operator
stdbuf -i0 -o0 -e0 kubectl get pod -A -w -o json | stdbuf -i0 -o0 -e0 jq -Mc | while read pod; do
name=$(echo "$pod" | jq -r '.metadata.name')
ns=$(echo "$pod" | jq -r '.metadata.namespace')
echo Found pod: $ns/$name
label=$(echo "$pod" | jq -r '.metadata.labels.devops // empty')
kubectl label pod -n $ns $name devops=praia
done
Shell operator https://github.com/flant/shell-operator
openssl [x509|rsa|req] -text
kubectl-show_tls https://gist.github.com/caruccio/4d1e88a04de22a70e5315dd3b3adfbbb
master vi+sh+sed, no ide
aprenda awk basico
jq/yq https://github.com/jqlang/jq https://github.com/mikefarah/yq
j2cli
pip install j2cli
local filters="
from ipaddress import IPv4Network
def ipaddress(network_cidr, n=0):
return IPv4Network(network_cidr, strict=False)[n]"
j2 --filters=<(echo -e "$filters"|cut -c3-) "$1" ${2:-}
extract json-only
jq -R "try (fromjson | ${1:-.}) catch empty" <<EOF
lakjsdklajsds
{"a":1}
alo
{"b":2,"c":3}
EOF
b64+gzip download/upload
rz/sz
both# dnf install lrzsz
local# zssh <host>
remote# sz file.txt
^@
local# rz
remote# exit
local# cat file.txt
pause proc https://gist.github.com/caruccio/f7f3822578f2929a1a8104e116f64f7a
bash: if [[ TEXT =~ REGEX ]]
printf "%s\n" / "%s "
use arrays
arr=( devops na praia )
$ echo ${arr}
devops
$ echo ${arr[*]}
devops na praia
$ echo ${#arr[*]}
3
$ echo ${arr[2]}
praia
$ echo ${arr[*]:1:2}
na praia
$ echo ${arr[*]//a/e}
devops ne preie
$ echo ${arr[*]^}
Devops Na Praia
$ echo ${arr[*]^^}
DEVOPS NA PRAIA
Interrompa scripts com trap
$ trap date EXIT ERR INT
$ ^Csex 10 mai 2024 12:29:33 WEST
ignore history
$ export SECRET
^--- espaço extra nao registra comando no historico
export all
$ set -a
$ source ...
$ set +a
toggle flags
$ shopt -q -o allexport && set_a=true || set_a=false
$ shopt -s -o allexport # set -a
$ source ...
$ $set_a || shopt -u