Daneyon Hansen danehans

## installMetalLB
#!/bin/sh

set -euo pipefail

# Setup default values
METALLB_VERSION=${METALLB_VERSION:-"v0.13.7"}

## Install MetalLB.
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/"${METALLB_VERSION}"/config/manifests/metallb-native.yaml
needCreate="$(kubectl get secret -n metallb-system memberlist --no-headers --ignore-not-found -o custom-columns=NAME:.metadata.name)"

## contour_operator.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                danehans
                / contour_operator.md
            
            
              Last active
              December 17, 2020 19:22
            
              
                contour_operator_blog_content
              
          
    Contour Operator

FEATURE STATE: Contour v1.11.0 alpha
Contour Operator provides a method for packaging,
deploying, and managing Contour. The operator extends the functionality of the Kubernetes API to create, configure, and
manage instances of Contour on behalf of users. It builds upon the basic Kubernetes resource and controller concepts, but
includes domain-specific knowledge to automate the entire lifecycle of Contour.
In Kubernetes, controllers of the control-plane implement control loops that repeatedly compare the desired state of the

  
## coredns_1.6.6_metrics_with_failed_upstream
# Verify resolution works with the configured "216.239.32.106" upstream:

sh-4.2$ nslookup resume.daneyon.com
Server:		172.30.0.10
Address:	172.30.0.10#53

resume.daneyon.com	canonical name = danehans.github.io.

# Update the Corefile to use a bogus "216.239.32.1" upstream server and verify resolution now fails:

## create_lb_svc_success.log
$ oc create -f ${MY_TEST_POD_AND_SVC}
$ oc logs ${MY_KCM_POD_NAME} -n openshift-kube-controller-manager
<SNIP>
I0716 19:11:10.508530       1 controller.go:337] Ensuring load balancer for service default/hello-openshift
I0716 19:11:10.508575       1 controller.go:800] Adding finalizer to service default/hello-openshift
I0716 19:11:10.510022       1 event.go:278] Event(v1.ObjectReference{Kind:"Service", Namespace:"default", Name:"hello-openshift", UID:"a37e6c43-43fd-45fb-8988-674e8a5119f3", APIVersion:"v1", ResourceVersion:"45997", FieldPath:""}): type: 'Normal' reason: 'EnsuringLoadBalancer' Ensuring load balancer
I0716 19:11:10.525194       1 aws.go:3605] EnsureLoadBalancer(dhansen-t9xjx, default, hello-openshift, us-west-2, , [{ TCP <nil> 80 {0 8080 } 30371}], map[])
I0716 19:11:10.712821       1 aws.go:3389] Ignoring private subnet for public ELB "subnet-06471a32c07d11ca0"
I0716 19:11:10.712842       1 aws.go:3389] Ignoring private subnet for public ELB "subnet-02624961c1db10707"
I0716 19:11:10.712848

## 00_notes.md

      
              2 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                danehans
                / 00_notes.md
            
            
              Last active
              June 19, 2020 22:09
            
          
    References:

ocp template docs
monitoring docs
network-check insights
network-check repo
Reproducer Environment Setup


## 01_curl_cmd.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                danehans
                / 01_curl_cmd.md
            
            
              Created
              May 27, 2020 02:25
            
              
                bz_1835371
              
          
Create cluster
Create test data: https://github.com/openshift/origin/blob/master/test/extended/testdata/router/router-metrics.yaml
Create execpod (needs curl with --haproxy-protocol):

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: Pod
metadata:
  name: execpod
spec:


## simple_tcproute_example.yaml
kind: TCPRoute
apiVersion: networking.x-k8s.io/v1alpha1
metadata:
  name: example
  labels:
    app: foo
spec:
  hosts:
    - hostname: example.com # this is SNI server_name to match
      rules:

## 2-cluster-example.yaml
# This example exposes service/foo from cluster1 and cluster2 so it's reachable
# by foo.example.com. DNS is used to load-balance traffic to foo.example.com
# across cluster1 and cluster2.
#
# Note that a DNSRecord is not needed to create the multi-cluster FQDN for the
# foo services in both clusters. A controller watches xRoutes and creates a DNS
# record from the xRoute's hostname.
---
# A new resource for managing multi-cluster DNS records.
apiVersion: dns.x-k8s.io/v1alpha1

## gist:0c9b2ad932f9f6b90113db0be4d5f895
                                    +----------------------------------------+
+----------------------------------------------------------------------------------------------------------+
|                                   |                                        |       CLUSTER OPERATOR      |
|    +-----------------------+      |                                        |                             |
|    |   Gateway             |      |  +----------------------------------+  |                             |
|    +-----------------------+      |  | Secret                           |  |                             |
|    |                       |      |  +----------------------------------+  |                             |
|    |  Listeners          +---------->+                                  |  |                             |
|    |    TLS              | |      |  | tls.crt                          |  |                             |
|    |      CertificateRef + |      |  |   foo.example.com

## 00_docs.md

      
              3 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                danehans
                / 00_docs.md
            
            
              Last active
              March 17, 2020 16:45
            
              
                service-apis virtual host concept explained
              
          
    Intro

Service API's provide name-based virtual hosting of objects that reside in a Kubernetes cluster.
Gateway

A Gateway host's one or more names that clients connect to. A Gateway exposes these names on one or more network endpoints called listeners. If applicable, the TLS configuration of the hosted name is used to perform a TLS handshake. The hosted name is used to match a VirtualHost.
Persona: Cluster Ops
VirtualHost

A VirtualHost is an in-cluster object, i.e. Service, exposed by a Gateway. A VirtualHost performs request manipulation (optional) and routing based on match, filter and action rules.
	#!/bin/sh

	set -euo pipefail

	# Setup default values
	METALLB_VERSION=${METALLB_VERSION:-"v0.13.7"}

	## Install MetalLB.
	kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/"${METALLB_VERSION}"/config/manifests/metallb-native.yaml
	needCreate="$(kubectl get secret -n metallb-system memberlist --no-headers --ignore-not-found -o custom-columns=NAME:.metadata.name)"
	# Verify resolution works with the configured "216.239.32.106" upstream:

	sh-4.2$ nslookup resume.daneyon.com
	Server: 172.30.0.10
	Address: 172.30.0.10#53

	resume.daneyon.com canonical name = danehans.github.io.

	# Update the Corefile to use a bogus "216.239.32.1" upstream server and verify resolution now fails:
	$ oc create -f ${MY_TEST_POD_AND_SVC}
	$ oc logs ${MY_KCM_POD_NAME} -n openshift-kube-controller-manager
	<SNIP>
	I0716 19:11:10.508530 1 controller.go:337] Ensuring load balancer for service default/hello-openshift
	I0716 19:11:10.508575 1 controller.go:800] Adding finalizer to service default/hello-openshift
	I0716 19:11:10.510022 1 event.go:278] Event(v1.ObjectReference{Kind:"Service", Namespace:"default", Name:"hello-openshift", UID:"a37e6c43-43fd-45fb-8988-674e8a5119f3", APIVersion:"v1", ResourceVersion:"45997", FieldPath:""}): type: 'Normal' reason: 'EnsuringLoadBalancer' Ensuring load balancer
	I0716 19:11:10.525194 1 aws.go:3605] EnsureLoadBalancer(dhansen-t9xjx, default, hello-openshift, us-west-2, , [{ TCP <nil> 80 {0 8080 } 30371}], map[])
	I0716 19:11:10.712821 1 aws.go:3389] Ignoring private subnet for public ELB "subnet-06471a32c07d11ca0"
	I0716 19:11:10.712842 1 aws.go:3389] Ignoring private subnet for public ELB "subnet-02624961c1db10707"
	I0716 19:11:10.712848
	kind: TCPRoute
	apiVersion: networking.x-k8s.io/v1alpha1
	metadata:
	name: example
	labels:
	app: foo
	spec:
	hosts:
	- hostname: example.com # this is SNI server_name to match
	rules:
	# This example exposes service/foo from cluster1 and cluster2 so it's reachable
	# by foo.example.com. DNS is used to load-balance traffic to foo.example.com
	# across cluster1 and cluster2.
	#
	# Note that a DNSRecord is not needed to create the multi-cluster FQDN for the
	# foo services in both clusters. A controller watches xRoutes and creates a DNS
	# record from the xRoute's hostname.
	---
	# A new resource for managing multi-cluster DNS records.
	apiVersion: dns.x-k8s.io/v1alpha1
	+----------------------------------------+
	+----------------------------------------------------------------------------------------------------------+
	\| \| \| CLUSTER OPERATOR \|
	\| +-----------------------+ \| \| \|
	\| \| Gateway \| \| +----------------------------------+ \| \|
	\| +-----------------------+ \| \| Secret \| \| \|
	\| \| \| \| +----------------------------------+ \| \|
	\| \| Listeners +---------->+ \| \| \|
	\| \| TLS \| \| \| \| tls.crt \| \| \|
	\| \| CertificateRef + \| \| \| foo.example.com