Kubernetes/GCP GKE Aspects: Difference between revisions

Revision as of 22:19, 21 April 2022

Show nodes in each node pool:


gcloud container clusters list

export CLUSTERNAME=mycluster
export LOCATION=us-central1

for i in `gcloud container node-pools list --cluster ${CLUSTERNAME} --region ${LOCATION} | grep -v NAME | awk '{print $1}'`
 do
 echo $i ;
 kubectl get node -l cloud.google.com/gke-nodepool=$i
 done

cordon one node pool:

for i in `kns get no -l cloud.google.com/gke-nodepool=production-gcp-env-blue -o name`
do
 echo $i
 #kubectl node cordon $i
done

GKE Ingress Features

How do you get access to GCP Load Balancer features via kubernetes?

Via annotation and two CRDs:

FrontEndConfig
BackEndConfig

THIS IS ALWAYS CHANGING!!! :

https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features

Script to check all ingresses for tls policy

#!/bin/sh

for namespace in `kubectl get ns -o name | cut -d \/ -f 2`
do
  echo "namespace: $namespace"
  for ingress in `kubectl get ingress -n $namespace -o name`
    do
    echo "  ingress: $ingress"
    for frontendconfig in `kubectl get $ingress -n $namespace -o json | jq -r '.metadata.annotations."networking.gke.io/v1beta1.FrontendConfig"'`
      do
      echo "  frontendconfig: $frontendconfig"
      if [[ $frontendconfig != "null" ]]
        then
        policy=`kubectl get frontendconfig $frontendconfig -n $namespace -o json | jq -r '.spec.sslPolicy'`
        echo "  sslPolicy: $policy"
        fi
      done
    done
done

Kubernetes/GCP GKE Aspects: Difference between revisions

Revision as of 22:19, 21 April 2022

GKE Ingress Features

Script to check all ingresses for tls policy

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools