ServiceMonitor and PodMonitor:
Jeesmon Jacob jeesmon
jeesmon
/ istio-fips-distroless-build.sh
Last active
April 5, 2024 07:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash -ex | |
| # yum install -y docker git patch jq | |
| # systemctl start docker | |
| # docker info | |
| ISTIO_VERSION=${ISTIO_VERSION:-1.19.3} | |
| MAJOR_ISTIO_VERSION=$(cut -f1-2 -d. <<< ${ISTIO_VERSION}) | |
| # Need a custom build-tools-proxy image for 1.18.3+ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash -ex | |
| # yum install -y docker git patch jq | |
| # systemctl start docker | |
| # docker info | |
| ISTIO_VERSION=${ISTIO_VERSION:-1.19.3} | |
| MAJOR_ISTIO_VERSION=$(cut -f1-2 -d. <<< ${ISTIO_VERSION}) | |
| # Need a custom build-tools-proxy image for 1.18.3+ |
jeesmon
/ crd-versioning.md
Created
May 24, 2022 12:11
From: kube-object-storage/lib-bucket-provisioner#132 (comment)
The best versioning story IMO to avoid the challenges with CRD versioning is the following:
- Newer versions of the library should be backward compatible.
- Deprecated properties would be ignored
- Added properties would have defaults that work for the previous versions of the CRD and the latest library
- Properties added to the CRD would be ignored by older version of the library
If this is done, there isn't a need to change the CRD version every time a property changes.
jeesmon
/ kubectl-kube-metrics.md
Created
May 2, 2022 19:32
kubectl get --raw /metrics | prom2json | jq '.'
kubectl get --raw /metrics | prom2json | jq '
.[] | select(.name=="apiserver_requested_deprecated_apis").metrics[]
'
jeesmon
/ ocp-ingress-domain.md
Created
April 8, 2022 14:47
oc -n openshift-ingress get ingress.config.openshift.io cluster -o jsonpath='{.spec.domain}'
jeesmon
/ kubebuilder-printcolumn.md
Created
March 28, 2022 18:24
//+kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
//+kubebuilder:printcolumn:name="Ready",type="string",JSONPath=".status.conditions[?(@.type==\"Available\")].status"
jeesmon
/ unstructured-decode.go
Created
March 25, 2022 18:59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var decUnstructured = yaml.NewDecodingSerializer(unstructured.UnstructuredJSONScheme) | |
| func DecodePodSpec(spec corev1.PodSpec) (*unstructured.Unstructured, error) { | |
| pod := &corev1.Pod{ | |
| ObjectMeta: v1.ObjectMeta{ | |
| Name: "name", | |
| Namespace: "namespace", | |
| }, | |
| Spec: *spec.DeepCopy(), | |
| } |
jeesmon
/ istio-debug-cheatsheet.md
Last active
March 1, 2022 14:03
jeesmon
/ ocp-debug.md
Created
February 28, 2022 15:02
Do you know that with proper admin permissions, you can connect and debug cluster nodes in OCP (even when ssh is disabled in ROKS on Satellite)?
In OCP Web Console:
Navigate to Compute -> Nodes -> Click on a Node Name -> Terminal
On command line:
# find node names
oc get nodes
NewerOlder