Sysadmin Garden of Eden Docs

Version 1337.42.0

Cheat Sheet

Table of Contents

Quickly trigger Rolling Update of Deployment, StatefulSet, DaemonSet, etc

kubectl patch -n kube-system ds kube-proxy -p "{\"spec\":{\"template\":{\"metadata\":{\"annotations\":{\"date\":\"$(date +'%s')\"}}}}}"

Running kubectl replace/kubectl apply on an object which the command above was used on, will always trigger a rolling update again. This is due to the change to the annotations.

Debug Pod manifest to “escape” to the node

The Pods manifest assumes that you are allowed to run privileged Pods in your cluster. If you are using you may need to set a ServiceAccount which is allowed “all the things” (e.g. privileged, hostNetwork, and so on).

kind: Pod
apiVersion: v1
  name: debug-pod
    app: debug
  hostNetwork: true
    - key:
      effect: NoSchedule
    - key: "CriticalAddonsOnly"
      operator: "Exists"
  restartPolicy: Never
  hostIPC: true
  hostPID: true
  priorityClassName: "system-cluster-critical"
  - name: debug-pod
    image: busybox
    command: ["/bin/sleep", "36000"]
      privileged: true
      allowPrivilegeEscalation: true

Role Label for Node objects

The can take “anything” as a role. Meaning that (any value) will cause the kubectl get nodes output to display my-cool-role (and other such role labels) as the Node role.

Last updated on 7 Aug 2019
Published on 16 May 2018