istioctl is the main tool used to interact with istio in a cluster. You can install it with brew:
brew install istioctl
Micah Huber mjhuber
- Upgrade the masters. This is done by incrementing the
google_container_cluster.min_master_versionfield to the desired version. Masters will update one by one. - Create new node pools using the new version.
- Taint the old nodes. Pods will get scheduled onto the new nodes.
$ kubectl get nodes --no-headers -l cloud.google.com/gke-nodepool=<node-pool-name> | awk '{print $1}' | xargs -I kubectl taint nodes {} legacy=true:NoExecute
- Leave the old node pools around for a couple of weeks but scale them to 0. They'll be available if we need to go back.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "reflect" | |
| "regexp" | |
| "strings" | |
| ) | |
| // Test is a test struct |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "reflect" | |
| "regexp" | |
| "strings" | |
| ) | |
| type Monitor struct { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3.1' | |
| services: | |
| mongo: | |
| image: mongo:4.0 | |
| restart: always | |
| networks: | |
| - n8n | |
| environment: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| NAMESPACE="default" | |
| DEPLOYMENTS=$(kubectl get deploy -n $NAMESPACE --no-headers | awk '{print $1}') | |
| for deploy in $DEPLOYMENTS; do | |
| echo "$deploy" | |
| resources=$(kubectl get deploy/$deploy -n $NAMESPACE -o json | jq '.spec.template.spec.containers[0].resources') | |
| mem_limit=$(echo $resources | jq '.limits.memory') | |
| mem_req=$(echo $resources | jq '.requests.memory') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Your init script | |
| # | |
| # Atom will evaluate this file each time a new window is opened. It is run | |
| # after packages are loaded/activated and after the previous editor state | |
| # has been restored. | |
| # | |
| # An example hack to log to the console when each text editor is saved. | |
| # | |
| # atom.workspace.observeTextEditors (editor) -> | |
| # editor.onDidSave -> |
- Go to https://kube-hunter.aquasec.com/ and generate a token.
- Install the chart with reckoner.
namespace: infra
repository: stable
minimum_versions:
helm: 2.10.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: v1 | |
| kind: Namespace | |
| metadata: | |
| name: helm-system | |
| --- | |
| apiVersion: v1 | |
| kind: ServiceAccount | |
| metadata: | |
| name: tiller | |
| namespace: helm-system |
Setting up an ingress involves a few steps:
- Installing an ingress controller. Nginx is the most common ingress controller. The helm chart is available here.
To identify the ingress controller, we assign it a name as an "ingress class" which can be used later to refer to it in the ingress object.
NewerOlder