k8s

kubernetes on azure

bash
az group create -n myGroup
az configure --defaults group=myGroup
az acr create -n myRegistry --sku basic
az acr login -n myRegistry
az aks create -n myCluster \
    --node-count 1 \
    --node-vm-size Standard_B2s \
    --load-balancer-sku basic \
    --node-osdisk-size 32 \
    --attach-acr myRegistry
az aks get-credentials --name myCluster

Because I often get the following;

Operation failed with status: ‘Bad Request’. Details: The credentials in ServicePrincipalProfile were invalid. Please see https://aka.ms/aks-sp-help for more details. (Details: adal: Refresh request failed. Status Code = ‘400’. Response body: {“error”:“unauthorized_client”,“error_description”:“AADSTS700016: Application with identifier > '' was not found in the directory ''. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.

Instead I do this;

bash
az ad sp create-for-rbac --skip-assignment -n mySP
az aks create -n tye --generate-ssh-keys --node-count 1 --node-vm-size Standard_B2s --service-principal <appId-from-previous-command> --client-secret <password-from-previous-command>

Github issue

cheat sheet

Kill pod

bash
kubectl delete pod <name-of-pod> --grace-period=0 --force

Review node resource allocation

bash
kubectl describe node

Delete all errored pods

bash
kubectl get pod | grep Error | awk '{print $1}' | xargs kubectl delete pod

Edit manifest in-place

bash
kubectl edit deployments <name-of-deployment>

kubernetes support for docker-compose

Originally kubernetes offered Kompose, which lets you quickly ramp up to Kubernetes by turning your existing docker-compose.yml file into Kubernetes resources. At the end of 2018 docker announced Compose on Kubernetes. The Kompose team state that they’ll continue to support Kompose.

browse dashboard

plaintext
kubectl create clusterrolebinding kubernetes-dashboard --clusterrole=cluster-admin --serviceaccount=kube-system:kubernetes-dashboard
az aks browse -n myCluster

Docs

installing nginx-ingress

Follow docs on cert-manager

building prometheus inside a container

Don’t install go, instead build it inside the go container;

plaintext
docker run --rm -v %CD%:/go/src/github.com/prometheus/prometheus -w /go/src/github.com/prometheus/prometheus golang:1.10 make build

Run it inside that docker container too!

plaintext
docker run --rm -v %CD%:/go/src/github.com/prometheus/prometheus -w /go/src/github.com/prometheus/prometheus -p 9090:9090 golang:1.10 ./prometheus

Note: I executed the following to have it use a test config;

plaintext
copy ./config/testdata/conf.good.yml ./prometheus.yml

run cronjob now

bash
kubectl create job --from=cronjob/postgres-backup-digital-icebreakers backup-now-$(date +"%Y-%m-%d")

edit with visual studio code (vscode)

Set the KUBE_EDITOR environment variable to code -w. Then you can do stuff like

plaintext
kubectl edit deployment -n kube-system kube-dns-v20

posts

2021-02-14 Grafana in Kubernetes
2021-02-09 Continuous Deployment to Kubernetes - Part 2
2021-02-06 Continuous Deployment to Kubernetes - Part 1
2021-02-01 Minimal Elasticsearch Resources in Kubernetes
2021-01-30 Low-Cost Kubernetes on DigitalOcean
2020-05-13 Optimising for Cost in Azure Kubernetes Service
2020-05-06 PostgreSQL in Kubernetes
2020-04-07 Service and Container Orchestration for .NET with Tye