11 tricks to improve your productivity and reduce your frustration with kubernetes

src: 11 tricks to improve your productivity and reduce your frustration with Kubernetes ... - Invidious

Abstract

1. Run a local cluster.
2. Running a local cluster with multiple nodes.

• Why: test taints, tolerations, node affinity, DaemonSet, node failures and failover.

$ cat << EOF > quad.yaml
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
- role: worker
- role: worker
- role: worker
EOF
$ kind create cluster --config quad.yaml

3. Waiting for that cluster to be ready.

kubectl wait nodes --for=condition=Ready --timeout=10m --all

4. Switch between namespaces or clusters: use kubectx and kubens

• You can add an alias like kns and kctx for shorter commands.
• You can use fzf for extra convenience.
• kns - switches back to the previous namespace.

5. Waiting for a Deployment to be ready.

kubectl create deployment hello --image=nginx
kubectl wait deployment hello --for=condition=Available

6. Waiting for a Service to be ready.

kubectl expose deployment --port=80
kubectl wait endpoints hello --for=jsonpath={..ip}

7. Waiting for a Loadbalancer to be ready.

• kubectl wait default timeout is 30s. Can be changed to:
  • 0: check once and report status,
  • negative value (wait 1 week).
• kubectl wait --for=delete also possible.
• We can also use kapp:
  • kapp deploy -a hello -f hello.yaml
  • kapp will apply the manifests
  • wait for resources to be “up”
  • record what it did (so we can delete/rollback later, helm-style)

kubectl expose deployment hello --port=80 --type=loadbalancer --name hello-lb
kubectl wait endpoints hello-lb --for=jsonpath={..ip}
kubectl wait service hello-lb --for=jsonpath={..ip}

8. Better kubectl--watch

kubectl get pods --watch --output-watch-events -o wide

9. Use k9s.
10. Use kubecolor.
11. Documentation right from the CLI

kubectl api-resources
kubectl explain resource
kubectl explain resource --recursive

12. kubectl patch all the things.

kubectl patch deployment hello --patch "
spec:
  template:
    spec:
      containers:
        # If not same name, then new container is created, otherwise it's replacing the container.
        - name: smaller-nginx
          image: nginx:alpine
"

13. kubectl set {image,serviceaccount,resources,env...}
14. kubectl get nodes --label-columns kubenertes.io/arch,node.kubernetes.io/instance-type
15. Check which controllers own our pod.

kubectl get pod -o custom-columns=\
NAME:.metadata.name,\
OWNER-KIND:.metadata.ownerReferences\[0\].kind,\
OWNER-NAME:.metadata.ownerReferences\[0\].name,

16. List the permissions we have.

kubectl auth can-i --list
# check someone else's, if you're an admin
kubectl auth can-i --list --as --system:kube-scheduler

17. Turn a Deployment off and on again: kubectl rollout restart deployment hello

• Useful if you want to fix some bug, so you don’t want any Pod from this Deployment, but you don’t want to re-create the Deployment afterwards.
• Also useful to turn off stuff that’s not in use to save cost.

18. Connect to a Service in a different Namespace
19. Find the JSON path of something using gron.

$ kubectl get nodes -o json | gron | grep -i pressure
json.items[0].status.conditions[0].type = "MemoryPressure";
...

20. Check cluster resource usage: kubectl view-allocations -u -r memory -r cpu -g node
21. Get an image with almost any tool you want: docker run -it nixery.dev/shell/kubectl/curl/jq
22. terminationMessagePath + terminationMessagePolicy

Reviews

2024-08-01

Why did I want to read/watch this? At my company, there’s a project to migrate to kubernetes, so I had to re-dive into kubernetes. Thus, I was quite eager to know more tips about kubernetes.

What did I get out of it? Nice tips, really useful for sysadmins. One I particularly like is using gron for making JSON grepable and nixery.dev for generating a docker image with the needed tools.