Kubernetes/GCP GKE Aspects

From Federal Burro of Information
< Kubernetes
Revision as of 22:19, 21 April 2022 by David (talk | contribs)
Jump to navigationJump to search

Show nodes in each node pool: 


gcloud container clusters list

export CLUSTERNAME=mycluster
export LOCATION=us-central1

for i in `gcloud container node-pools list --cluster ${CLUSTERNAME} --region ${LOCATION} | grep -v NAME | awk '{print $1}'`
 do
 echo $i ;
 kubectl get node -l cloud.google.com/gke-nodepool=$i
 done

cordon one node pool: 

for i in `kns get no -l cloud.google.com/gke-nodepool=production-gcp-env-blue -o name`
do
 echo $i
 #kubectl node cordon $i
done


GKE Ingress Features

How do you get access to GCP Load Balancer features via kubernetes?

Via annotation and two CRDs:

  • FrontEndConfig
  • BackEndConfig

THIS IS ALWAYS CHANGING!!!  :

https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-features


Script to check all ingresses for tls policy

#!/bin/sh

for namespace in `kubectl get ns -o name | cut -d \/ -f 2`
do
  echo "namespace: $namespace"
  for ingress in `kubectl get ingress -n $namespace -o name`
    do
    echo "  ingress: $ingress"
    for frontendconfig in `kubectl get $ingress -n $namespace -o json | jq -r '.metadata.annotations."networking.gke.io/v1beta1.FrontendConfig"'`
      do
      echo "  frontendconfig: $frontendconfig"
      if [[ $frontendconfig != "null" ]]
        then
        policy=`kubectl get frontendconfig $frontendconfig -n $namespace -o json | jq -r '.spec.sslPolicy'`
        echo "  sslPolicy: $policy"
        fi
      done
    done
done
Retrieved from "https://wiki.quadratic.net/index.php?title=Kubernetes/GCP_GKE_Aspects&oldid=5777"