Skip to content

Instantly share code, notes, and snippets.

View ipedrazas's full-sized avatar

Ivan Pedrazas ipedrazas

161 followers · 58 following
View GitHub Profile
@ipedrazas
ipedrazas / gist:48e4f50913e40f064d7ddcca46505f66
Created March 11, 2020 04:49
log levels kubectl
-v=9 CURL command
-v=8 request and response body
-v=6 method and apipath
@ipedrazas
ipedrazas / gist:5b215409bbe592b33a21ae6a64f09b6c
Created March 3, 2020 14:04
storage test
gcloud beta container --project "deployments-team-01" clusters create "storage-test" \
--zone "us-central1-c" \
--no-enable-basic-auth \
--cluster-version "1.14.10-gke.17" \
--machine-type "n1-standard-2" \
--image-type "COS" \
--disk-type "pd-standard" \
--disk-size "100" \
--metadata disable-legacy-endpoints=true \
--scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append" \
@ipedrazas
ipedrazas / gist:5199d81f2a7bf0f8ed625369a8b3e777
Created February 28, 2020 18:08
Flux query to get alerts
from(bucket: "_monitoring") |>
range(start: -7d, stop: 1582912196) |>
filter(fn: (r) => r._measurement == "statuses" and r._field == "_message") |>
keep(columns: ["_time", "_value", "_check_id", "_check_name", "_level"]) |>
rename(columns: {"_time": "time", "_value": "message", "_check_id": "checkID", "_check_name": "checkName", "_level": "level"}) |>
group() |>
sort(columns: ["time"], desc: true) |>
limit(n: 100, offset: 0)
@ipedrazas
ipedrazas / secrets.md
Created February 7, 2020 18:59
List pods with secrets in volumes or envvars 
kubectl get pods -n main -o=jsonpath="{range .items[*]}{.metadata.name}{'\t'}{.status.startTime}{'\n'}{'\t'}Volumes:{'\t'}{.spec.volumes[*].secret.secretName}{'\n'}{'\t'}Envvars:{'\t'}{.spec.containers[*].env[*].valueFrom.secretKeyRef}{.name}{.key}{'\n'}{end}"

returns

gw-main-7b5789879-w85tz	2020-02-06T20:07:00Z
	Volumes:	gw-token-jrwgm istio.gateway
	Envvars:	map[key:client-id name:salesforce] map[key:redirect-url name:salesforce] map[key:public-url name:salesforce]
@ipedrazas
ipedrazas / gist:c1ff50b9e47ff8210d736f61cd3f6db9
Created August 8, 2019 10:45
Delete all helm releases
helm ls --all --short | xargs -L1 helm delete --purge
@ipedrazas
ipedrazas / app-checklist.md
Last active March 6, 2020 11:16
Kubernetes Applications checklist

Checklist: Application Readiness for Kubernetes

  • Not running latest
  • Readiness Checks
  • Liveness Checks
  • Metric/Telemetry instrumentation
  • Limits
  • Requests
  • Listen to signals (graceful shutdowns)
  • Labels
@ipedrazas
ipedrazas / gist:b375adf7e2f0bf83d229b1d8eafa0676
Created May 25, 2019 09:32
Conftest with Kubectl
kubectl get all -o json \
| jq -cj '.items[] | tostring+"\u0000"' \
| xargs -n1 -0 -I@ bash -c "echo '@' | conftest test -"
@ipedrazas
ipedrazas / gist:8823b5d116cfcca6b36c8b8b7b5eb7ca
Created May 13, 2019 10:49
git commands
# Initialise a git project
git init .
# Initialise a git repo so that we can pull/push from/to it
git init --base master.git
# Run a Git Daemon
# CentOS
git daemon --verbose --base-path=/path/to/workspace/ --base-path-relaxed --reuseaddr --informative-errors --export-all
# Cygwin
git daemon --verbose --base-path=C:/path/to/workspace/ --base-path-relaxed --reuseaddr --informative-errors --export-all
# Then we can clone our local repo (the default port is 9418)
@ipedrazas
ipedrazas / 1_kubernetes_on_macOS.md
Created May 11, 2019 21:18 — forked from kevin-smets/1_kubernetes_on_macOS.md
Local Kubernetes setup on macOS with minikube on VirtualBox and local Docker registry

Requirements

Minikube requires that VT-x/AMD-v virtualization is enabled in BIOS. To check that this is enabled on OSX / macOS run:

sysctl -a | grep machdep.cpu.features | grep VMX

If there's output, you're good!

Prerequisites

@ipedrazas
ipedrazas / gist:f049725e441b8519a0e39164057259b2
Created March 25, 2019 18:49
ingress rewrite
echo "
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
name: rewrite
namespace: default
spec:
rules: