kubectl get secrets -o yaml ${certname} –namespace=${namespace} | grep -E ‘tls.(crt|key)’ | while read line;
do
OUT=$(echo $line | awk -F:\ ‘{print$1}’)
echo $line | awk -F:\ ‘{print$NF}’ | base64 -D -i – > ${certname}-$OUT
done
Author: admin
Openssl cert connection test
openssl s_client -connect www.google.com:443
openssl s_client -connect www.google.com:443 -tls1
openssl s_client -connect www.google.com:443 -tls1_1
openssl s_client -connect www.google.com:443 -tls1_2
The following flags will set the SSL/TLS protocol version:
- -ssl2 use SSL v2
- -ssl3 use SSL v3
- -tls1 use TLS v1
- -tls1_1 use TLS v1.1
- -tls1_2 use TLS v1.2
Get list of images in registry
curl -skL ‘https://username:password@registry.mydomain.com/v2/_catalog’ | jq ‘.’
Copy Files from a pod to your machine
kubectl cp {{namespace}}/{{podname}}:path/to/directory /local/path
Copy Files to a pod
kubectl cp /local/path namespace/podname:path/to/directory
Fixing Git Large File Storage
git filter-branch -f –index-filter ‘git rm –cached –ignore-unmatch path/to/remove/file’
If a namespace is stuck in terminating stage
Please do not remove the finalizer, it is there for a reason. Try to instead find out which resources in the NS are pending deletion by:
- Checking if any apiservice is unavailable and hence doesn’t serve its resources: kubectl get apiservice|grep False
- Finding all resources that still exist via kubectl api-resources –verbs=list –namespaced -o name | xargs -n 1 kubectl get -n $your-ns-to-delete
- The solution to this problem is not to short-circuit the cleanup mechanism, its to find out what prevents cleanup from succeeding.
Get Kube events for a service
kubectl get events –sort-by='{.lastTimestamp}’ | grep service-name