k8s

[gobomb]

kubectl cluster-info dump | grep -m 1 service-cluster-ip-range
kubectl cluster-info dump | grep -m 1 cluster-cidr

https://stackoverflow.com/questions/44190607/how-do-you-find-the-cluster-service-cidr-of-a-kubernetes-cluster

[gobomb]

网络调试镜像 praqma/network-multitool

[gobomb]

国内Mirror sites

quay.io -> quay-mirror.qiniu.com

gcr.io -> gcr.azk8s.cn

[gobomb]

https://github.com/jamiehannaford/what-happens-when-k8s

[gobomb]

cient-go 是从 k8s 代码中抽出来的一个客户端工具，Informer 是 client-go 中的核心工具包，已经被 kubernetes 中众多组件所使用。所谓 Informer，其实就是一个带有本地缓存和索引机制的、可以注册 EventHandler 的 client，本地缓存被称为 Store，索引被称为 Index。使用 informer 的目的是为了减轻 apiserver 数据交互的压力而抽象出来的一个 cache 层, 客户端对 apiserver 数据的 "读取" 和 "监听" 操作都通过本地 informer 进行。Informer 实例的Lister()方法可以直接查找缓存在本地内存中的数据。

Informer 的主要功能：

• 同步数据到本地缓存

• 根据对应的事件类型，触发事先注册好的 ResourceEventHandler

https://mp.weixin.qq.com/s?__biz=MzAwNzcyMDY5Mg==&mid=2648900075&idx=1&sn=cee6ba44c26310ea68dd091df21eb8dd

[gobomb]

访问docker容器网络命名空间

pid=$(docker inspect -f '{{.State.Pid}}' ${container_id})
mkdir -p /var/run/netns/
ln -sfT /proc/$pid/ns/net /var/run/netns/[container_id]
ip netns exec [container_id] ip a

https://www.thegeekdiary.com/how-to-access-docker-containers-network-namespace-from-host/

#7 (comment)

[gobomb]

Kubernetes uses the term list to describe returning a collection of resources to distinguish from retrieving a single resource which is usually called a get.

[gobomb]

优雅关闭

https://blog.gruntwork.io/gracefully-shutting-down-pods-in-a-kubernetes-cluster-328aecec90d

[gobomb]

lever-base and edge-base

https://stackoverflow.com/questions/31041766/what-does-edge-based-and-level-based-mean

[gobomb]

https://www.cnblogs.com/gaorong/p/10925480.html

k8s 问题排查一例

[gobomb]

删除不掉ns的排查方法

https://www.ibm.com/support/knowledgecenter/SSBS6K_3.2.0/troubleshoot/ns_terminating.html

[gobomb]

LowerDir: these are the read-only layers of an overlay filesystem. For docker, these are the image layers assembled in order.

UpperDir: this is the read-write layer of an overlay filesystem. For docker, that is the equivalent of the container specific layer that contains changes made by that container.

WorkDir: this is a required directory for overlay, it needs an empty directory for internal use.

MergedDir: this is the result of the overlay filesystem. Docker effectively chroot's into this directory when running the container.

https://stackoverflow.com/questions/56550890/docker-image-merged-diff-work-lowerdir-components-of-graphdriver

[gobomb]

https://zhuanlan.zhihu.com/p/59544387

tidb operator 如何使用优雅关闭

[gobomb]

https://github.blog/2019-11-21-debugging-network-stalls-on-kubernetes/

Debugging network stalls on Kubernetes

[gobomb]

https://draveness.me/kubernetes-contributor/

给k8s提pr

[gobomb]

https://www.bluematador.com/blog/kubernetes-deployments-rolling-update-configuration

stragegy 可设为 rollingupdate 或者 recreate

[gobomb]

在给dockerd设置代理的情况下，要记得设置 Bypass proxy settings for these hosts & domains，否则push镜像时会报错：
error parsing HTTP 404 response body: unexpected end of JSON input: ""

[gobomb]

https://mp.weixin.qq.com/s/-Kau28Q5y23GyGWECWlhVg

client-go 中 index 相关源码

[gobomb]

openshift v2.11.0+1cd89d4-542
kubernetes v0.11.0+d4cacc0

openshift 在发布deployment时，默认会给pod加node-role.kubernetes.io/compute=true的nodeselector使得pod调度到计算节点上。

可修改namespace的annotation，覆盖默认nodeselector：oc annotate --overwrite namespace default openshift.io/node-selector='region=infra'

[gobomb]

https://zhuanlan.zhihu.com/p/37217575

写了类似的bug，难怪每次报错：

Status:Failure,Message:The resourceVersion for the provided watch is too old.,Reason:Expired,Details:nil,Code:410,}

[gobomb]

https://mp.weixin.qq.com/s/jWH7jVxj20bmc60_C-w9wQ

patch 和 update

[gobomb]

https://kubernetes.io/zh/docs/reference/kubectl/cheatsheet/

[gobomb]

用dlv调试容器内go进程

dlv attach $(pidof $YOURPOCESS) $(docker inspect -f '{{.GraphDriver.Data.MergedDir}}{{.Path}}' $CONTAINERID)

$YOURPOCESS 为进程名

$CONTAINERID 为容器ID

[gobomb]

crd定义yaml中设置kubectl能够显示的列

spec:
  additionalPrinterColumns:
  - JSONPath: .status.phase
    name: State
    type: string
  - JSONPath: .metadata.creationTimestamp
    name: CreateTime
    type: string
  group: cloudapp.cloudtogo.cn
  names:
  .....

[gobomb]

https://blog.csdn.net/u013276277/article/details/103404653

client-go watch 返回的 chan 被关闭问题

[gobomb]

https://mp.weixin.qq.com/s/jWH7jVxj20bmc60_C-w9wQ

k8s update与apply

[gobomb]

http://7xi8kv.com5.z0.glb.qiniucdn.com/meetup-%E5%AE%B9%E5%99%A8%E7%83%AD%E8%BF%81%E7%A7%BB.pdf

容器热迁移