Skip to content

Instantly share code, notes, and snippets.

@caruccio
Created May 20, 2024 14:51
Show Gist options
  • Save caruccio/ae0b965b48f63eb87e96ea1687adfc9e to your computer and use it in GitHub Desktop.
Save caruccio/ae0b965b48f63eb87e96ea1687adfc9e to your computer and use it in GitHub Desktop.
Talk - Canivete suiço de gambiarras

Kubernetes

kubectl explain

kubens/kubectx https://github.com/ahmetb/kubectx

kubecfg https://gist.github.com/caruccio/5c25ef92d7ad0f2e8d2e1b39c0271110

Kubectl aliases https://github.com/ahmetb/kubectl-aliases

Mostrar o comando completo no console

$ type k
k is aliased to `kubectl'
$ type kubectl
function kubectl ()
{
  echo "$(tput setaf 6)+ kubectl $@ $(tput sgr0)" 1>&2
  command kubectl "$@"
}

Crie seu próprio kubectl- https://gist.github.com/caruccio/fc182fb4e8b03257ea30682eb91db7ee

kubectl-top_node_pod https://gist.github.com/caruccio/756430d7a2de75cbd026d4dd5edd13c6

kubectl-evict (respeita PodDisruptionBudget) https://gist.github.com/caruccio/81c7c8761235c12034afcf82b3a24aa7

kubectl-count-all-objects vs namespace terminating https://gist.github.com/caruccio/7df68326ea4b7523669a1991424d2cda

kubectl-pfz https://gist.github.com/caruccio/245ecf15d35b4496d86d5c86bebe66f0

krew https://krew.sigs.k8s.io/docs/user-guide/setup/install/

kubectl krew update
kubectl krew search
kubectl krew install explore
                     ^^^^^^^---> pluging name
kubectl explore pod

k8s prompt

_k8s_prompt()
{
  local cfg=${KUBECONFIG:-~/.kube/config}
  local ctx=$(yq ".current-context" < $cfg)
  local kns=$(yq ".contexts[] | select(.name==\"$ctx\") | .context.namespace" < $cfg)
  export PS1="[$ctx | ${ns:-default}] \$ "
}
export PROMPT_COMMAND=_k8s_prompt

Root-shell ssh localhost

remote# sudo dnf install openssh-server
remote# sudo ssh-keygen -A
remote# echo AllowAgentForwarding yes | sudo tee -a /etc/ssh/sshd_config
remote# echo PasswordAuthentication yes | sudo tee -a /etc/ssh/sshd_config
remote# sudo /usr/sbin/sshd -p 8022

local# xclip ~/.sh/id_ecdsa.pub
remote# sudo ssh-keygen -t dsa
remote# cat > authorized_keys

# Open tunnel
remote# ssh -R 2022:localhost:8022 centos@52.44.183.78
                                   ^^^^^^^^^^^^^^^^^^^---> go to local

# Access tunnel
remote# ssh -R 2022:localhost:8022 cloudshell-user@localhost -p 2022
                                   ^^^^^^^^^^^^^^^^^^^^^^^^^---> go to local

Pod root-shell https://medium.com/@mateus.caruccio/kubernetes-hack-lost-ssh-access-to-node-5dd36d35c74c

-> ssh-keygen && cat .ssh/id_rsa.pub .ssh/authorized_keys && ssh localhost

kubectl-show_secret https://gist.github.com/caruccio/6d2cf0373508323c373b86c98562a1ba

Caddy insecure proxy https://gist.github.com/caruccio/340c162c0ce52902faf605ea9780aecf

aws-assume-role https://gist.github.com/caruccio/4b017a921944378a729f3d704e319212

Watch operator

stdbuf -i0 -o0 -e0 kubectl get pod -A -w -o json | stdbuf -i0 -o0 -e0 jq -Mc | while read pod; do
  name=$(echo "$pod" | jq -r '.metadata.name')
  ns=$(echo "$pod" | jq -r '.metadata.namespace')
  echo Found pod: $ns/$name
  label=$(echo "$pod" | jq -r '.metadata.labels.devops // empty')
  kubectl label pod -n $ns $name devops=praia
done

Shell operator https://github.com/flant/shell-operator

Certificados

openssl [x509|rsa|req] -text

kubectl-show_tls https://gist.github.com/caruccio/4d1e88a04de22a70e5315dd3b3adfbbb

Ferramentas

master vi+sh+sed, no ide

aprenda awk basico

jq/yq https://github.com/jqlang/jq https://github.com/mikefarah/yq

j2cli

pip install j2cli

local filters="
from ipaddress import IPv4Network
def ipaddress(network_cidr, n=0):
    return IPv4Network(network_cidr, strict=False)[n]"

j2 --filters=<(echo -e "$filters"|cut -c3-) "$1" ${2:-}

extract json-only

jq -R "try (fromjson | ${1:-.}) catch empty" <<EOF
  lakjsdklajsds
  {"a":1}
  alo
  {"b":2,"c":3}
EOF

b64+gzip download/upload

rz/sz

both# dnf install lrzsz
local# zssh <host>
remote# sz file.txt
^@
local# rz
remote# exit
local# cat file.txt

pause proc https://gist.github.com/caruccio/f7f3822578f2929a1a8104e116f64f7a

Shell

bash: if [[ TEXT =~ REGEX ]]

printf "%s\n" / "%s "

use arrays

arr=( devops na praia )

$ echo ${arr}
devops

$ echo ${arr[*]}
devops na praia

$ echo ${#arr[*]}
3

$ echo ${arr[2]}
praia

$ echo ${arr[*]:1:2}
na praia

$ echo ${arr[*]//a/e}
devops ne preie

$ echo ${arr[*]^}
Devops Na Praia

$ echo ${arr[*]^^}
DEVOPS NA PRAIA

Interrompa scripts com trap

$ trap date EXIT ERR INT
$ ^Csex 10 mai 2024 12:29:33 WEST

ignore history

$  export SECRET
  ^--- espaço extra nao registra comando no historico

export all

$ set -a
$ source ...
$ set +a

toggle flags

$ shopt -q -o allexport && set_a=true || set_a=false
$ shopt -s -o allexport # set -a
$ source ...
$ $set_a || shopt -u
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment