Skip to content

Instantly share code, notes, and snippets.

View tuxmonteiro's full-sized avatar
🚴

Marcelo Teixeira Monteiro tuxmonteiro

🚴
44 followers · 19 following
View GitHub Profile
@tuxmonteiro
tuxmonteiro / force-delete-namespace.sh
Created January 26, 2021 17:39
force delete namespace
curl -k -H "Content-Type: application/json" -X PUT --data-binary @namespace.json \
${kubernetes API}/api/v1/namespaces/${namespace}/finalize
@tuxmonteiro
tuxmonteiro / cluster_type.tf
Created January 14, 2021 16:43
terraform using path as param
locals {
cluster_type = split("/", regex("[^/]+/[^/]+$", path.module))[0]
}
output "cluster_type" {
value = local.cluster_type
}
@tuxmonteiro
tuxmonteiro / delete_all_object_versions.sh
Created January 4, 2021 18:20 — forked from weavenet/delete_all_object_versions.sh
Delete all versions of all files in s3 versioned bucket using AWS CLI and jq.
#!/bin/bash
bucket=$1
set -e
echo "Removing all versions from $bucket"
versions=`aws s3api list-object-versions --bucket $bucket |jq '.Versions'`
markers=`aws s3api list-object-versions --bucket $bucket |jq '.DeleteMarkers'`
@tuxmonteiro
tuxmonteiro / dica-kubeconfig.md
Created November 20, 2020 17:30
gerando um kubeconfig de um cluster gerenciado pelo Rancher para não precisar passar pelo Rancher

  1. Obtenha o IP de um control-plane

  2. Execute o seguinte comando

ssh <IP control-plane> "$(docker run --rm --net=host -v $(docker inspect kubelet --format '{{ range .Mounts }}{{ if eq .Destination "/etc/kubernetes" }}{{ .Source }}{{ end }}{{ end }}')/ssl:/etc/kubernetes/ssl:ro --entrypoint bash $(docker inspect $(docker images -q --filter=label=io.cattle.agent=true) --format='{{index .RepoTags 0}}' | tail -1) -c 'kubectl --kubeconfig /etc/kubernetes/ssl/kubecfg-kube-node.yaml get configmap -n kube-system full-cluster-state -o json | jq -r .data.\"full-cluster-state\" | jq -r .' | jq -r '.currentState.certificatesBundle."kube-admin".config')" > teste-kubeconfig
@tuxmonteiro
tuxmonteiro / restore-rkestate-file.md
Created November 16, 2020 06:47 — forked from superseb/restore-rkestate-file.md
Recover cluster.rkestate file from controlplane node

Recover cluster.rkestate file from controlplane node

RKE

Run on controlplane node, uses any found hyperkube image

docker run --rm --net=host -v $(docker inspect kubelet --format '{{ range .Mounts }}{{ if eq .Destination "/etc/kubernetes" }}{{ .Source }}{{ end }}{{ end }}')/ssl:/etc/kubernetes/ssl:ro --entrypoint bash $(docker inspect $(docker images -q --filter=label=org.label-schema.vcs-url=https://github.com/rancher/hyperkube.git) --format='{{index .RepoTags 0}}' | tail -1) -c 'kubectl --kubeconfig /etc/kubernetes/ssl/kubecfg-kube-node.yaml -n kube-system get configmap full-cluster-state -o json | jq -r .data.\"full-cluster-state\" | jq -r .' > cluster.rkestate
@tuxmonteiro
tuxmonteiro / show-yumrepo-variables.sh
Last active November 16, 2020 06:45
yum repo variables
# python -c 'import yum, json; yb = yum.YumBase(); print json.dumps(yb.conf.yumvar, indent=2)' | grep -v 'Loaded' | jq .
{
"product": "core",
"target": "latest",
"basearch": "x86_64",
"awsregion": "us-east-1",
"releasever": "2",
"awsdomain": "amazonaws.com",
"arch": "ia32e",
@tuxmonteiro
tuxmonteiro / docker-registry-caching-proxy.conf
Created November 2, 2020 16:14 — forked from etuttle/docker-registry-caching-proxy.conf
NGINX config for a caching proxy that sits in front of a docker registry
upstream docker-mirror-upstream {
server upstream.example.com;
}
proxy_cache_path /var/lib/docker-mirror/cache levels=1:2 max_size=10g inactive=48h keys_zone=cache:10m;
server {
listen 80 default_server;
listen 443 ssl default_server;
@tuxmonteiro
tuxmonteiro / get-kube-admin-kubecfg-certs-from-cluster-rkestate.md
Last active November 16, 2020 06:48 — forked from superseb/get-kube-admin-kubecfg-certs-from-cluster-rkestate.md
Get kube-admin kubeconfig and certificates from cluster.rkestate

Get kube-admin kubeconfig and certificates from cluster.rkestate

See how to retrieve cluster.rkestate from controlplane node here: https://gist.github.com/tuxmonteiro/803cf4d4cd39e79d938c0a05b9b677bb

Get kube-admin kubeconfig from cluster.rkestate

cat cluster.rkestate | jq -r '.currentState.certificatesBundle."kube-admin".config' > kube-admin-kubeconfig.yml
@tuxmonteiro
tuxmonteiro / rke-cluster-cleanup.sh
Created October 29, 2019 01:59
RKE cluster clean up
for host in $nodes; do
ssh cloud@$host '
docker rm -f $(docker ps -qa)
docker rmi -f $(docker images -q)
docker volume rm $(docker volume ls -q)
for mount in $(mount | grep tmpfs | grep /var/lib/kubelet | awk "{ print \$3 }") /var/lib/kubelet /var/lib/rancher; do
sudo umount $mount
done
sudo rm -rfv /etc/{ceph,cni,kubernetes} /opt/{cni,rke} /run/{secrets/kubernetes.io,calico,flannel} /var/lib/{calico,etcd,cni,kubelet,rancher/rke/log} /var/log/{containers,pods} /var/run/calico
sudo shutdown -r 0'
@tuxmonteiro
tuxmonteiro / Remove k8s evicted pods.md
Last active August 22, 2019 20:31 
kubectl get pods --field-selector=status.phase=Failed -A -o json | kubectl delete -f -