Kubernetes: Difference between revisions
From Federal Burro of Information
Jump to navigationJump to search
No edit summary |
(→Useful) |
||
Line 30: | Line 30: | ||
k get storageclass | k get storageclass | ||
'''audit''': who tried to do what? | |||
ks get pod | grep kube-apiserver-ip | |||
ks logs $podname | |||
who tried to scale unsuccessfully? | |||
ks logs $podname | grep scale | grep cloud | awk '$8!=200{print $0}' | |||
== metricss== | == metricss== |
Revision as of 18:42, 21 September 2018
Useful
alias:
alias k="kubectl" alias ks="kubectl --namespace kube-system" alias ke="kubectl get events --sort-by='{.lastTimestamp}'"
dump all :
kubectl get all --export=true -o yaml
list form:
k get pods k get rs # replica set k get rc # replication controller
what are all the things ?
kubectl api-resources
event sorted by time
kubectl get events --sort-by=.metadata.creationTimestamp
what storage classes does my cluster support?
k get storageclass
audit: who tried to do what?
ks get pod | grep kube-apiserver-ip
ks logs $podname
who tried to scale unsuccessfully?
ks logs $podname | grep scale | grep cloud | awk '$8!=200{print $0}'
metricss
wget "$(kubectl config view -o jsonpath='{range .clusters[*]}{@.cluster.server}{"\n"}{end}')"
Practices and Guidlines
- Do not use replication controllers, instead use replica sets
Cgroup / slice errors
https://github.com/kubernetes/kubernetes/issues/56850
log message:
Sep 18 21:32:37 ip-10-10-37-50 kubelet[1681]: E0918 21:32:37.901058 1681 summary.go:92] Failed to get system container stats for "/system.slice/docker.service": failed to get cgroup stats for "/system.slice/docker.service": failed to get container info for "/system.slice/docker.service": unknown container "/system.slice/docker.service"
MAAS ubuntu
https://stripe.com/blog/operating-kubernetes
https://medium.com/@adriaandejonge/moving-from-docker-to-rkt-310dc9aec938
https://coreos.com/rkt/docs/latest/rkt-vs-other-projects.html#rkt-vs-docker
Security
Todo / read:
- https://github.com/aquasecurity/kube-hunter/blob/master/README.md
- https://www.arctiq.ca/events/2018/10/5/building-a-secure-container-strategy-with-aqua-security-microsoft-azure-and-hashicorp-vault/
References and Reading
- Replica set versus Replication controller
- https://www.mirantis.com/blog/kubernetes-replication-controller-replica-set-and-deployments-understanding-replication-options/