Skip to content

Instantly share code, notes, and snippets.

@rafiamafia

rafiamafia/dock-your-kube-cheatsheet.md

Last active November 29, 2022 23:52
Show Gist options
  • Save rafiamafia/e8085dff748b797d7ddb5cfd5f3828d7 to your computer and use it in GitHub Desktop.
Save rafiamafia/e8085dff748b797d7ddb5cfd5f3828d7 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
dock-your-kube-cheatsheet.md

Docker:

$ docker images #list all images

$ docker ps #list running containsers

$ docker ps -al -q #list all containers

$ docker container prune ## delete all stopped containers

$ docker run --expose PORT --name=container-name image-id #run a new named container from image

$ docker rmi <image-name> # delete images

$ docker rmi $(docker images -a | grep "^<none>" | awk '{print $3}') # delete images with tag

$ docker ps -a | grep Exit | cut -d ' ' -f 1 | xargs docker rm # remove dangling containers

TCP/IP Networking on Mac:

$ docker exec <container-name-or-id> cat /etc/hosts

$ docker inspect -f '{{.State.Pid}}' <container-name-or-id>

$ docker inspect -f "{{ .NetworkSettings.IPAddress }}" <container-name-or-id>

$ docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' <container-name-or-id> # get container's IP

$ netstat -ap tcp | grep "LISTEN"

$ sysctl net.inet.ip.forwarding

$ sudo sysctl -w net.inet.ip.forwarding=1

Docker Compose

$ docker-compose rm -s -v <container-name-or-id> # stop one container

Kubernetes

$ kubectl get ns | grep -i <namespace>

$ docker inspect -f '{{.State.Pid}}' <container-name-or-id>

$ kubectl get cronjobs

$ kubectl create job --from=cronjob/<name of cronjob> <name of job>

$ kubectl describe job job-name

$ kubectl -n <namespace> get deployments

$ kubectl -n <namespace> describe pods <pod-name> -o wide

$ kubectl get rs -n <namespace> # get deployement

$ kubectl -n <namespace> get rs --output=yaml # detail

$ kubectl rollout history -n techconnect-test deployment.v1.apps/<deployment-name> # retrieve replica sets from deployment

$ kubectl config use-context <context> # switch between context

$ kubectl get pods --all-namespaces # get everything in the cluster

$ kubectl -n <namespace> t exec -it <pod-name> -- bash

$ kubectl -n <namespace> get secrets techconnect-app -o yaml

$ echo <secret> | base64 --decode

$ find deployment/manifests -name '*.yml' | xargs -I {} sh -c "./eval_file {} | kubectl delete -f -"

Display the deployed images on pods

$ kubectl --context=kube get pods -n hwcat2 -o jsonpath="{..image}" |tr -s '[[:space:]]' '\n' |sort |uniq -c

Create TLS secrets and set certs and private key

$kubectl create secret tls -n techconnect jpl-tls-techconnect.jpl.nasa.gov --key=techconnect.jpl.nasa.gov.key --cert=techconnect.jpl.nasa.gov.crt

to set secrets

$ kubectl --context=kube -n general-inventory-test create secret generic general-inventory-app --from-literal=DB_USERNAME='username' --from-literal=DB_PASSWORD='password' --from-literal=SECRET_KEY='django-app-req'

to edit existing secrets

$ kubectl --context=kube -n <namespace> edit secret <secret-name>

to set context

$ kubectl config get-contexts

$ kubectl config use-context minikube

Delete jobs in for loop

$ for i in kubectl get jobs | grep -v NAME | awk '{print $1}'; do kubectl delete job $i; done;

TLS

$ kubectl create secret tls -n techconnect jpl-tls-techconnect.jpl.nasa.gov --key=techconnect.jpl.nasa.gov.key --cert=techconnect.jpl.nasa.gov.crt

Notes TC mysql and docker app:

Ensure mysql is not running locally on PORT 3306

$ netstat -a | grep -i "LISTEN"

Create docker mysql container

$ docker run --rm -p 3307:3306 --name some-mysql -e MYSQL_ROOT_PASSWORD=my-secret-pw -d mysql:5.7.17

Connect to the database from host

$ mysql -h 127.0.0.1 -P 3307 -u root -p

Exec into to the container

$ docker run --rm --name docker-mysql -p 3307:3306 -e MYSQL_ROOT_PASSWORD=test -d rafia-test-mysql:local

Run app in the background

$ export SERVER_ENVIRONMENT=test
$ export NAMESPACE=techconnect-${SERVER_ENVIRONMENT}
$ export SECRET_KEY=`kubectl -n techconnect-test get secrets techconnect-app -o json | jq -r '.data["SECRET_KEY"]' | base64 --decode #SECRET_KEY`
$ export TAXONOMY_SERVER_PASSWORD=`kubectl -n techconnect-test get secrets techconnect-app -o json | jq -r '.data["TAXONOMY_SERVER_PASSWORD"]' | base64 --decode`
$ export KUBE_TOKEN=`kubectl -n techconnect-test get secrets techconnect-app -o json | jq -r '.data["KUBE_TOKEN"]' | base64 --decode`
$ docker run --rm --link=docker-mysql -e SERVER_ENVIRONMENT=${SERVER_ENVIRONMENT} -e DB_USERNAME=tc_jenkins -e DB_PASSWORD=tc_jenkins_pword_go_team_up -e DB_HOST=docker-mysql -e DB_PORT=3306 -e SECRET_KEY='${SECRET_KEY}' -e TAXONOMY_SERVER_PASSWORD=${TAXO
NOMY_SERVER_PASSWORD} -e KUBE_TOKEN='${KUBE_TOKEN}' -it --entrypoint=bash rafia-test-techconnect-app:local

From docker app to docker mysql

$ mysql -h techconnect-mysql -utc_jenkins -ptc_jenkins_pword_go_team_up

MY SQL debug

show status like 'Conn%'; show processlist;

Linux

sudo su -

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment