Category: Uncategorized

aws eks get k8 token kubectl

Note : If we creates eks cluster from UI it’s creates with different user and gives error when we do kubectl get pod

aws eks get-token  --cluster-name eks1
aws eks update-kubeconfig --name eks1
aws sts get-caller-identity
aws sts assume-role --role-arn "arn:aws:iam::1111111111:role/role-name" --role-session-name "tests3"
aws --profile=default eks update-kubeconfig --name eks1
aws eks create-cluster \
   --region ap-south-1 \
   --name eks1 \
   --kubernetes-version 1.20 \
   --role-arn arn:aws:iam::account_number:role/eks1-clst \
   --resources-vpc-config subnetIds=subnet-093a2ddfcb7bc30b1,subnet-0475d9e26dfdc9d00,subnet-0274975b4af3513ee
aws eks describe-cluster \
    --region ap-south-1 \
    --name eks1 \
    --query "cluster.status"

https://docs.aws.amazon.com/eks/latest/userguide/create-cluster.html

always check the minimum version of aws cli for eks

https://stackoverflow.com/questions/50791303/kubectl-error-you-must-be-logged-in-to-the-server-unauthorized-when-accessing

https://aws.amazon.com/premiumsupport/knowledge-center/eks-api-server-unauthorized-error/

Jenkins parameter and stash

pipeline {
    agent {label 'master'}
    parameters { 
    string(name: 'string1', defaultValue: 's1', description: 's1') 
    choice(name: 'CHOICES', choices: ['one', 'two', 'three'], description: 'chose') 
    password(name: 'password', defaultValue: 'SECRET', description: 'password')
    }
    stages{
        stage('one'){
            steps{
                sh "echo abc > abc.txt"
                stash includes: 'abc.txt', name: 'abc'
                sh "rm -rf abc.txt"
            }
        }
        stage('two'){
            steps{
                unstash 'abc'
                sh "cat abc.txt"
            }
        }
    }
}

https://www.jenkins.io/doc/book/pipeline/syntax/#parameters

Mount cifs/samba share inside container

#Dockerfile
FROM ubuntu
RUN apt update -y
RUN apt install  cifs-utils -y

docker build -t cifs .
docker run -it --cap-add SYS_ADMIN --cap-add DAC_READ_SEARCH   -cap-add NET_BIND_SERVICE cifs bash
#centos with privileged (working)

docker run --privileged -it --cap-add SYS_ADMIN --cap-add DAC_READ_SEARCH --cap-add NET_BIND_SERVICE centos bash
mount -t cifs -o username=a,password=a //192.168.0.228/public /mnt
mount -t cifs -o username=a,password=a //192.168.0.228/public /mnt
mount -t cifs -o username=a,password=a,ro,domain=WORKGROUP //192.168.0.228/public /a -v

Jenkins questions list

  • install jenkins using docker-compose
  • default port for jenkins 8080
  • Explain the your CICD pipeline
  • What is DSL?
  • How do you manage credentials in jenkins?
  • explain the basic structure of Jenkinsfile?
  • how jobs are managed for different branch/ multibranch?
  • What issues you faced in jenkins? = plugin high disk IO
  • build trigger?
  • how to configure webhook?
  • poll SCM?
  • light checkout in jekins?
  • groovy sandbox?
  • add worker node in jenkins? types of method?

Sonatype Nexus3 – Docker compose

version: '3'
services:
  jenkins:
    image: sonatype/nexus3:3.29.0
    user: root:root
    restart: always
    container_name: nexus
    environment:
      TZ: "Asia/Kolkata"
    volumes:
      - /opt/nexus-data:/nexus-data
    ports:
      - 8081:8081

Get admin passwords:

docker exec -it nexus bash

find / -iname admin.*

#OR

docker exec -it nexus  cat /nexus-data/admin.password

More : https://hub.docker.com/r/sonatype/nexus3#user-content-persistent-data