Monday, December 9, 2019

How To Install and Use Docker on Ubuntu 18.04


1)
sudo apt update
 
2)
sudo apt install apt-transport-https ca-certificates curl software-properties-common
 
3)
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
 
4)
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable"
 
5)
sudo apt update
 
6)
apt-cache policy docker-ce
 
7)
sudo apt install docker-ce
 
8)
sudo systemctl status docker
 
9)
docker info
 
10)
docker run hello-world         

How to install Docker Compose on ubuntu 18.04

1)
sudo curl -L https://github.com/docker/compose/releases/download/1.21.2/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
 
2)
sudo chmod +x /usr/local/bin/docker-compose
 
3)
docker-compose --version
 
4)
mkdir dctest
cd dctest
vim docker-compose.yml
 
my-test:
 image: hello-world
 
5)
docker-compose up     

Saturday, December 7, 2019

Kubernetes Access Service located in another Namespace

sajuptpm@cloudshell:~$
sajuptpm@cloudshell:~$
sajuptpm@cloudshell:~$ kubectl get services
NAME                                 TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)          AGE
jenkins-1-jenkins-agents-connector   ClusterIP   10.15.241.134           50000/TCP        192d
jenkins-1-jenkins-ui                 NodePort    10.15.248.131           8080:32551/TCP   192d
kubernetes                           ClusterIP   10.15.240.1             443/TCP          192d
sajuptpm@cloudshell:~$
sajuptpm@cloudshell:~$
sajuptpm@cloudshell:~$
sajuptpm@cloudshell:~$ kubectl get services -n kube-system
NAME                   TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)         AGE
default-http-backend   NodePort    10.15.254.200           80:32596/TCP    192d
heapster               ClusterIP   10.15.254.154           80/TCP          192d
kube-dns               ClusterIP   10.15.240.10            53/UDP,53/TCP   192d
metrics-server         ClusterIP   10.15.249.48            443/TCP         192d
tiller-deploy          ClusterIP   10.15.247.88            44134/TCP       151d
sajuptpm@cloudshell:~$
sajuptpm@cloudshell:~$

kubectl exec -it jenkins-1-jenkins-deployment-5fc5855c54-dswcq -- /bin/sh

curl http://heapster.kube-system.svc.cluster.local

curl http://jenkins-1-jenkins-ui.default.svc.cluster.local:8080
curl http://jenkins-1-jenkins-ui:8080

How can I edit a Kubernetes Deployment without modify the file manually


kubectl edit deployment jenkins-1-jenkins-deployment

kubectl edit pod jenkins-1-jenkins-deployment-5fc5855c54-dswcq






How to find Kubernetes Pods Host IP or Node IP address

kubectl get pod --output=wide

kubectl get pod --output=json | grep hostIP

kubectl get pod --output=json | grep podIP

How to find Kubernetes Pods IP address

kubectl get pod --output=wide

kubectl get pod --output=json | grep podIP

kubectl get pod --output=json | grep hostIP

How do I edit a resource configuration with kubectl

kubectl edit pod jenkins-1-jenkins-deployment-5fc5855c54-dswcq

kubectl edit deployment jenkins-1-jenkins-deployment

Kubernetes List all resources in a namespace


kubectl api-resources -n kube-system

kubectl api-resources

Kubernetes sort pods by age or creation time

$ kubectl get pods --sort-by=.metadata.creationTimestamp -n kube-system

$ kubectl get pods --sort-by=.metadata.creationTimestamp -n kube-system --output=wide

Kubernetes gets all Pods on specific node


1)
kubectl get pods --all-namespaces -o wide --sort-by="{.spec.nodeName}"
 
2)
kubectl get pods --all-namespaces -o wide --field-selector spec.nodeName= 

Friday, December 6, 2019

How to debug OpenStack Metadata Service - neutron metadata proxy

1)
# grep shared_secret /etc/nova/nova.conf
neutron_metadata_proxy_shared_secret=xxxxxxxxxxxxxx  #default to ""

2)
import hmac
import hashlib

secret = ""
instance_id = "34361309-1873-476b-9258-b8fe2184a4d8"

hmac.new(secret, instance_id, hashlib.sha256).hexdigest()

0175b5cbd28c2d0512d3f1d3a7b5bacf6d6b6a8a4bdaebf56568a454f94bd5a6

3)
curl \
  -H 'x-instance-id: 34361309-1873-476b-9258-b8fe2184a4d8' \
  -H 'x-tenant-id: 66cbc35f0b99430987357c2526945f8b' \
  -H 'x-instance-id-signature: 0175b5cbd28c2d0512d3f1d3a7b5bacf6d6b6a8a4bdaebf56568a454f94bd5a6' \
  http://172.16.12.5:8775/latest/meta-data

ami-id
ami-launch-index
ami-manifest-path
block-device-mapping/
hostname
instance-action
instance-id
instance-type
local-hostname
local-ipv4
placement/
public-hostname
public-ipv4
reservation-id

4)
curl \
  -H 'x-instance-id: 34361309-1873-476b-9258-b8fe2184a4d8' \
  -H 'x-tenant-id: 66cbc35f0b99430987357c2526945f8b' \
  -H 'x-instance-id-signature: 0175b5cbd28c2d0512d3f1d3a7b5bacf6d6b6a8a4bdaebf56568a454f94bd5a6' \
  http://172.16.12.5:8775/latest/meta-data/local-ipv4

10.10.1.253

How to Decode or Decrypt OpenStack Keystone Token

sudo python

import keystone

from keystone.token import token_formatters

formatter = token_formatters.TokenFormatter()

t = "gAAAAABd6Wl0RnnFOcy-q6aFWlr__bDcxk-GFFrLZsDh3z38Abg0iH5yFOJP7QyOVZ1SUhlIqxgID89hsZnubsM5hsbQSsYLujhU1_Zz9hlowb0chks9mogf4Pp9f1JFkr3FVQaCv2MN-ykpARLSpoV9c3m-7EFASaUNwMgysXC734598mKmWbI"

from keystone import server
server.configure()

validated_dict = formatter.validate_token(t)

validated_dict

>>> validated_dict
('a647d82c28aa4267bcf2ea99c328cd48', ['password'], [u'd6yYRIWASaKrjKTRwoGyNA'], None, None, '66cbc35f0b99430987357c2526945f8b', None, None, None, None, None, None, '2019-12-05T21:38:53.000000Z', '2019-12-05T22:38:53.000000Z')
>>>