Skip to content

Instantly share code, notes, and snippets.

Avatar

Ivan Pedrazas ipedrazas

View GitHub Profile
@ipedrazas
ipedrazas / app-checklist.md
Last active Mar 6, 2020
Kubernetes Applications checklist
View app-checklist.md

Checklist: Application Readiness for Kubernetes

  • Not running latest
  • Readiness Checks
  • Liveness Checks
  • Metric/Telemetry instrumentation
  • Limits
  • Requests
  • Listen to signals (graceful shutdowns)
  • Labels
View gist:b375adf7e2f0bf83d229b1d8eafa0676
kubectl get all -o json \
| jq -cj '.items[] | tostring+"\u0000"' \
| xargs -n1 -0 -I@ bash -c "echo '@' | conftest test -"
View gist:8823b5d116cfcca6b36c8b8b7b5eb7ca
# Initialise a git project
git init .
# Initialise a git repo so that we can pull/push from/to it
git init --base master.git
# Run a Git Daemon
# CentOS
git daemon --verbose --base-path=/path/to/workspace/ --base-path-relaxed --reuseaddr --informative-errors --export-all
# Cygwin
git daemon --verbose --base-path=C:/path/to/workspace/ --base-path-relaxed --reuseaddr --informative-errors --export-all
# Then we can clone our local repo (the default port is 9418)
@ipedrazas
ipedrazas / 1_kubernetes_on_macOS.md
Created May 11, 2019 — forked from kevin-smets/1_kubernetes_on_macOS.md
Local Kubernetes setup on macOS with minikube on VirtualBox and local Docker registry
View 1_kubernetes_on_macOS.md

Requirements

Minikube requires that VT-x/AMD-v virtualization is enabled in BIOS. To check that this is enabled on OSX / macOS run:

sysctl -a | grep machdep.cpu.features | grep VMX

If there's output, you're good!

Prerequisites

View gist:f049725e441b8519a0e39164057259b2
echo "
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /$1
name: rewrite
namespace: default
spec:
rules:
View gist:c93f255a17785a7eb7f2fd83af4c21a9

-> % svcs -n twistlock

NAME                TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)                      AGE
twistlock-console   ClusterIP   10.103.43.18   <none>        8084/TCP,8083/TCP,8081/TCP   18h

-> % k get ep -n twistlock

NAME                ENDPOINTS                                                  AGE
twistlock-console   10.103.129.17:8081,10.103.129.17:8084,10.103.129.17:8083   18h
@ipedrazas
ipedrazas / gist:6edbd57ae813e999e78c475fbd6c3fe6
Created Feb 22, 2019
Add ServiceAccount to Deploymetn/Pod
View gist:6edbd57ae813e999e78c475fbd6c3fe6
kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'
@ipedrazas
ipedrazas / gist:403df2ed30ea8682e2b709ddc1c24bcf
Created Jan 23, 2019
curl internal service kubernetes kubectl proxy
View gist:403df2ed30ea8682e2b709ddc1c24bcf
# To call from outside the cluster a service type `ClusterIP`
# We use `kubectl proxy`
kubectl proxy
# Then, the service can be accessed by calling:
curl http://localhost:8001/api/v1/namespaces/status/services/x01-kstatus-api:5000/proxy/api/jobs
# This is
# curl http://localhost:8001/api/v1/namespaces/[NAMESPACE]/services/[SERVICE:PORT]/proxy/[QUERY_STRING]
View gist:5064a211c7217bbc28dc95820a383600
livenessProbe:
exec:
command:
- /bin/sh
- -c
- |-
FATAL_ERRORS=$( echo "${LIVENESS_PROBE_FATAL_ERRORS}" | grep -q '\S' && \
grep -F "${LIVENESS_PROBE_FATAL_ERRORS}" /tmp/.liveness_probe )
cp /dev/null /tmp/.liveness_probe
if [ ! -z "${FATAL_ERRORS}" ]; then
View gist:c30b747f281d9ea59acf86dbbe37294a
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
You can’t perform that action at this time.