Sysadmin's Garden of Eden Docs

Version 1337.42.0

Cheat Sheet

Quickly trigger Rolling Update of Deployment, StatefulSet, DaemonSet, etc

kubectl patch -n kube-system ds kube-proxy -p "{\"spec\":{\"template\":{\"metadata\":{\"annotations\":{\"date\":\"$(date +'%s')\"}}}}}"

Running kubectl replace/kubectl apply on an object which the command above was used on, will always trigger a rolling update again. This is due to the change to the annotations.

Debug Pod manifest to “escape” to the node

The Pods manifest assumes that you are allowed to run privileged Pods in your cluster. If you are using you may need to set a ServiceAccount which is allowed “all the things” (e.g. privileged, hostNetwork, and so on).

kind: Pod
apiVersion: v1
metadata:
  name: debug-pod
  labels:
    app: debug
spec:
  hostNetwork: true
  tolerations:
    - key: node-role.kubernetes.io/master
      effect: NoSchedule
    - key: "CriticalAddonsOnly"
      operator: "Exists"
  restartPolicy: Never
  hostIPC: true
  hostPID: true
#  nodeName: SPECIFIC_TARGET_NODE
  priorityClassName: "system-cluster-critical"
  containers:
  - name: debug-pod
    image: busybox
    command: ["/bin/sleep", "36000"]
    securityContext:
      privileged: true
      allowPrivilegeEscalation: true
Last updated on 16 May 2018 / Published on 16 May 2018