-
Get access to a container in Kubernetes cluster
With Kubernetes(K8s), there’s no need to do ssh [email protected] anymore since everything is running as containers. There are still occasions when I need shell access to a container to do some troubleshooting. With Docker I can do docker exec -ti <container_id> /bin/bash It’s quite similar in K8s kubectl exec -ti <container_id> — /bin/bash However in […]
-
Internal Service in Kubernetes Cluster
In Kubernetes(K8s) cluster, 1 or more containers form a pod and every container in the pod can access other container’s port just like apps in the same local host. For example: – pod1 – nginx1 – gunicorn1, port:8000 – pod2 – nginx2 – gunicorn2, port:8000 So nginx1 can access gunicorn1’s port using localhost:8000 and nginx2 […]
-
Kops: Add Policies for Migrated Apps
When migrating some old applications to a Kubernetes(k8s) cluster provisioned by kops, a lot of things might break and one of them is the missing policy for the node. By default, nodes of a k8s cluster have the following permissions: ec2:Describe* ecr:GetAuthorizationToken ecr:BatchCheckLayerAvailability ecr:GetDownloadUrlForLayer ecr:GetRepositoryPolicy ecr:DescribeRepositories ecr:ListImages ecr:BatchGetImage route53:ListHostedZones route53:GetChange // The following permissions are […]
-
Notes: BuildKite and Kubernetes Rolling Update
This is kind of a textbook case that container is much more efficient than VM. The CI pipeline in comparison uses AWS CloudFormation to build new VMs and drain old VMs to do a rolling update, which takes around 10 minutes for everything even if it’s just 1 line of code changed. I did a […]
-
Kubernetes Tips: ConfigMap
This is how to update a config map with 1 line: kubectl create configmap foo –from-file foo.properties -o yaml –dry-run | kubectl replace -f – I found it here: https://stackoverflow.com/questions/38216278/update-k8s-configmap-or-secret-without-deleting-the-existing-one And this is how to mount a config map created from a file as file(not super intuitive but a config map can only be mounted as […]
-
Play a bit Kubernetes with Minikube
I’ve just played a bit Kubernetes on my Arch Linux laptop, with Minikube. It’s easier than I thought. Since I’ve already installed VirtualBox from the start, I can use minikube right after I installed it with curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 && chmod +x minikube && sudo mv minikube /usr/local/bin/ The command I used to start […]