tips-and-tricks.adoc

Tips & Tricks

add to .vimrc

For the exam setup vi for editing

set tabstop=2
set expandtab
set autoindent

create following aliases

I used following aliases to help me, make sure you practice them

alias sshroot='ssh -l root'
alias k=kubectl
alias kapply='kubectl apply -f'
alias ksys='kubectl -n kube-system'
alias kno='kubectl get nodes'
alias kuse='kubectl config use-context'
alias kns='kubectl config set-context --current --namespace'
alias kcurr='kubectl config current-context'
alias krun='kubectl run --generator=run-pod/v1'

namespace with most resources

1. k api-resources --namespaced -o name

2. k api-resources --namespaced -o name | tr "\n" "," --without the new lines

3. RESOURCES=$(k api-resources --namespaced -o name | tr "\n" ",")

4. k get $RESOURCES --all-namespaces -o jsonpath="{range .items[*]}{.metadata.namespace} {.metadata.name}{'\n'}" | sort | grep project-c14 | wc -l

5. kubectl api-versions

6. kubectl api-resources

7. kubectl auth can-i update po --as john

status of kubernetes components

kubectl get componentstatuses --kubeconfig admin.kubeconfig

events

kubectl get events --all-namespaces --sort-by=.metadata.creationTimestamp --by default reverse sourted

networking

1. pod cidr: k describe node | less -p PodCIDR

2. kubectl expose pod nginx-resolver nginx-resolver-service --port=80 --target-port=80 --type=ClusterIP

scheduling

  nodeSelector:                           # add
    node-role.kubernetes.io/master: ""    # add
Which suffix will static pods have that run on cluster1-worker1:
-cluster1-worker1

easy search for files

find /etc/systemd/system/
find /etc/kubernetes/manifests/
k -n project-c14 create job backup-manual-run-1 --from=cronjob/holy-backup

calling api server

curl -k https://kubernetes.default/api/v1/secrets

service tokens

TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)

running shell with complex command

k run tmp --image=curlimages/curl:7.65.3 --restart=Never --dry-run -o yaml --command > 6.yaml — sh -c 'sleep 1d'

jsonpath and unix commands

• Range: jsonpath="{range .items[]} {.metadata.name}{.spec.containers[].resources}{'\n'}"

• Contexts from config: k config view -o jsonpath="{.contexts[*].name}" | tr " " "\n"

• Multiple ranges:

k get node -o jsonpath="{range .items[*]}{.metadata.name} {.spec.podCIDR}{'\n'}{end}{range .items[*]}{.status.nodeInfo.architecture}{'\n'}{end}"

_Use translate to replace_: tr " " "\n"
* search and replace: sed -e "s/text/newtext/"
* highlight: less -p text
* grep or: k describe node | grep  "Name\|CIDR"  or use egrep 'pattern1|pattern2'

Multiple containers

When there are multiple init-containers, they are initiated sequentially so the startup time will be total time to initiate them (sleep intervals will be added)

Upgrades

If there is a pod running on a node that isn’t part of replicaset, statefulset, job, daemonset, it will be lost when the node is drained To run on master it the pod needs to tolerate NoSchedule taint

scheduling

nodeSelector is the simplest recommended form of node selection constraint.

networking

service ip range ps -aux | grep kube-api > check service ip range
for cni plugin check kubelet process

coredns is a deployment coredns has a service endpoint, its ip is what should be in resolve.conf configuration is in configmap proxy mode determines iptables v/s others

netsat -ipnlp
netstat -anp | grep
ip link show <>
ip route show default