Hackfi – Page 12

Simple Kubernetes NFS Subdir – External Provisioner

Why?
– No need to create directory manually on nfs server
– Easy

helm repo add nfs-subdir-external-provisioner https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner/

helm upgrade --install nfs-subdir-external-provisioner nfs-subdir-external-provisioner/nfs-subdir-external-provisioner --set nfs.server=192.168.0.182 --set nfs.path=/mnt/nfs2 --set storageClass.defaultClass=true --set storageClass.onDelete=retain

deployment-nginx.yml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-nginx
spec:
  selector:
    matchLabels:
      run: my-nginx
  replicas: 1
  template:
    metadata:
      labels:
        run: my-nginx
    spec:
      containers:
      - name: my-nginx
        image: nginx
        ports:
        - containerPort: 80
        volumeMounts:
        - name: pvc-claim
          mountPath: /data
        resources:
          requests:
            memory: "256Mi"
            cpu: "100m"
          limits:
            memory: "256Mi"
            cpu: "100m"
      volumes:
        - name: pvc-claim
          persistentVolumeClaim:
            claimName: test-claim
---

kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: test-claim
  annotations:
    nfs.io/storage-path: "test-path"
spec:
  storageClassName: nfs-client
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 10Mi

More : https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner

simple redis deployment in kubernetes

apiVersion: apps/v1
kind: Deployment
metadata:
  name: redis-deployment
  labels:
    app: redis
    env: prod
spec:
  replicas: 1
  selector:
    matchLabels:
      app: redis
      env: prod
  template:
    metadata:
      labels:
        app: redis
        env: prod
    spec:
      affinity:
        nodeAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
            nodeSelectorTerms:
            - matchExpressions:
              - key: "kubernetes.io/arch"
                operator: "In"
                values:
                - arm64
      tolerations:
      - key: "key"
        operator: "Equal"
        value: "arm"
        effect: "NoSchedule" 
      containers:
      - name: redis-container
        image: redis:6.2
        imagePullPolicy: IfNotPresent
        resources:
          requests:
            memory: "128Mi"
            cpu: "100m"
          limits:
            memory: "512Mi"
            cpu: "300m"
        volumeMounts:
          - name: redis-data
            mountPath: /data
        ports:
        - containerPort: 9090
      volumes:
        - name: redis-data
          nfs:
            server: 192.168.0.182
            path: "/mnt/nfs1/redis"
---
kind: Service
apiVersion: v1
metadata:
  name: redis-service
  labels:
    app: redis
    env: prod
spec:
  selector:
    app: redis
    env: prod
  ports:
  - name: redis
    protocol: TCP
    port: 6379
    targetPort: 6379
    nodePort: 31000
  type: NodePort

redis cli:

127.0.0.1:6379> set var1 100
OK
127.0.0.1:6379> get var1
"100"
127.0.0.1:6379> incr var1
(integer) 101
127.0.0.1:6379> get var1
"101"

prometheus service discovery – aws ec2 instance with tag

Create role(prometheus-ec2) with AmazonEC2ReadOnlyAccess policy
Attach role to ec2

Tag ec2

prometheus.yml

kind: ConfigMap
apiVersion: v1
metadata:
  name: prometheus-conf
data:
  prometheus.yml: |

global:
  scrape_interval:     10s
  evaluation_interval: 10s
scrape_configs:          
  - job_name: 'ec2-node'
    ec2_sd_configs:
      - region: ap-south-1
        port: 9100
    relabel_configs:
      - source_labels: [__meta_ec2_tag_app]
        action: keep
        regex: 'pro.*'
      - source_labels: [__meta_ec2_private_ip]
        action: replace
        target_label: ec2_private_ip

Basic setup on linux host

#set hostname
echo "Enter hostname:"
read host_name
hostnamectl set-hostname $host_name

#set ist timezone
rm -rf /etc/localtime | exit 0
ln -s /usr/share/zoneinfo/Asia/Kolkata /etc/localtime

#increase history size
echo 'export HISTSIZE=10000
export HISEFILESIZE=10000' >> /root/.bashrc

Run shell script before shutdown – linux

before_shutdown.sh

#!/bin/bash
#remove file older than 7 days
find /var/log -name "*.log" -type f -mtime +7

#test
touch "/opt/before_shutdown_tmp_file_$(date +%s)"

Create systemd service

echo '[Unit]
Description=before_shutdown

[Service]
ExecStart=/bin/true
Type=oneshot
RemainAfterExit=true
ExecStop=/opt/before_shutdown.sh

[Install]
WantedBy=multi-user.target' > /etc/systemd/system/before_shutdown.service

systemctl daemon-reload

systemctl enable before_shutdown

systemctl start before_shutdown

https://unix.stackexchange.com/questions/39226/how-to-run-a-script-with-systemd-right-before-shutdown

python argument parser

consumer.py –server kafka:9092 –consumer_group group1 –topic test-topic1 –messages 100 –sleep 1

import sys
import time
import argparse

#consumer.py --server kafka:9092 --consumer_group group1 --topic test-topic1 --messages 100 --sleep 1

parser = argparse.ArgumentParser(description='Optional app description')
parser.add_argument('--server', type=str,
                    help='kafka server with port eg. kafka:9092.')

parser.add_argument('--consumer_group', type=str,
                    help='consumer_group name.')

parser.add_argument('--topic', type=str,
                    help='kafka topic name')

parser.add_argument('--messages', type=int,
                    help='number of message needs to be produced.')

parser.add_argument('--sleep', type=int,
                    help='sleep between message produced.')

args = parser.parse_args()

print("kafka arguments:")
print(args.kafka_server,args.consumer_group,args.topic,args.messages,args.sleep)

More – https://stackoverflow.com/questions/20063/whats-the-best-way-to-parse-command-line-arguments
https://docs.python.org/3/library/argparse.html

linux strace command for Troubleshooting

Why Strace?
– Trace system call
– Troubleshooting issue with any binary command
– Debugging

strace ls

strace -c ls

strace -e trace=network nc -v -n 127.0.0.1 8080

https://www.geeksforgeeks.org/strace-command-in-linux-with-examples/

https://man7.org/linux/man-pages/man1/strace.1.html

Enable buildkit in docker and use heredoc feature

Why buildkit?
– Better build logs
– Better build cache

Temp enable buildkit

nginx.Dockerfile

# syntax=docker/dockerfile:1.3-labs
FROM nginx

COPY <<EOF /usr/share/nginx/html/index.html
"hola Duniya"
EOF

DOCKER_BUILDKIT=1 docker build -t here-nginx -f nginx.Dockerfile .

Enable buildkit permanently :

echo "{ "features": { "buildkit": true } }" > /etc/docker/daemon.json


systemctl restart docker

More : https://github.com/moby/buildkit

Introduction to heredocs in Dockerfiles

Raspberry pi 4 to measure temperature and humidity with DHT11/DHT22 sensor

pip3 install adafruit-circuitpython-dht
apt-get install libgpiod2

temp.py

import Adafruit_DHT
import time
 
DHT_SENSOR = Adafruit_DHT.DHT11
DHT_PIN = 4

#while loop is there because sometime it does not get the temp.
while True:
    humidity, temperature = Adafruit_DHT.read(DHT_SENSOR, DHT_PIN)
    if humidity is not None and temperature is not None:
        print("Temp={0:0.1f}C Humidity={1:0.1f}%".format(temperature, humidity))
    else:
        print("Sensor failure. Check wiring.");
    time.sleep(1);

run:

python3 temp.py

For DHT22 sensor:

temp-dht22.py

import Adafruit_DHT
import time

DHT_SENSOR = Adafruit_DHT.DHT22
DHT_PIN = 4

humidity, temperature = Adafruit_DHT.read(DHT_SENSOR, DHT_PIN)
if humidity is not None and temperature is not None:
    #print("Temp={0:0.1f}C Humidity={1:0.1f}%".format(temperature, humidity))
    print("{0},{1}".format(temperature, humidity))

shell script to send over pushgateway

root@lp-arm-1:~# cat /opt/cron/get_temp_dht22.sh
#!/bin/bash

t_and_h=$(python3 /opt/cron/get_temp_dht22.py)

temprerature=$(echo $t_and_h | awk -F ',' '{print $1}')
humidity=$(echo $t_and_h | awk -F ',' '{print $2}')
echo "room_temp $temprerature" | curl --data-binary @- http://192.168.0.183:30008/metrics/job/room_temp/instance/lp-arm-1
echo "room_humidity $humidity" | curl --data-binary @- http://192.168.0.183:30008/metrics/job/room_humidity/instance/lp-arm-1

Mount single file in docker

We can use –mount type=bind parameter to mount single file

docker run  -d -p 9090:9090 --mount type=bind,source=/opt/prometheus/prometheus.yml,target=/etc/prometheus/prometheus.yml prom/prometheus:v2.22.0

Using docker-compose file

version: "3.7"    
services:
  prometheus:
    image: prom/prometheus:v2.22.0
    volumes:
      - type: bind
        source: /opt/prometheus/prometheus.yml
        target: /etc/prometheus/prometheus.yml
    ports:
      - 9090:9090

More : https://stackoverflow.com/questions/42248198/how-to-mount-a-single-file-in-a-volume

https://docs.docker.com/storage/bind-mounts/