Push multi-arch docker image

#ARM64
arm64_image_digest=$(docker manifest inspect nginx | jq '.manifests[] | select(.platform.architecture == "arm64")' | jq '.digest'| sed 's/"//g')

#AMD64
amd64_image_digest=$(docker manifest inspect nginx | jq '.manifests[] | select(.platform.architecture == "arm64")' | jq '.digest'| sed 's/"//g')


docker tag nginx your-username/nginx:amd64
docker tag nginx your-username/nginx:arm64

docker push your-username/nginx:amd64
docker push your-username/nginx:arm64


docker manifest create \
your-username/nginx:latest \
--amend your-username/nginx:amd64 \
--amend your-username/nginx:arm64

docker manifest push your-username/nginx:latest

https://www.docker.com/blog/multi-arch-build-and-images-the-simple-way/

export DOCKER_BUILDKIT=1

docker buildx create --use

docker buildx build --push --platform linux/arm64,linux/amd64 -t httpd-custom .

docker buildx stop
docker buildx rm

##10 0.064 .buildkit_qemu_emulator: /bin/sh: Invalid ELF image for this architecture

docker run --rm --privileged multiarch/qemu-user-static:register --reset

docker run --rm --privileged multiarch/qemu-user-static --reset -p yes



docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
docker buildx rm builder
docker buildx create --name builder --driver docker-container --use
docker buildx inspect --bootstrap

https://stackoverflow.com/questions/60080264/docker-cannot-build-multi-platform-images-with-docker-buildx

set and unset in debug bash script

set-x = print actual shell command

set -f = disable filename expansion [ ls *.yml ]

errexit = fails all script if any exit code arrives

pipefail = Failes multi Pipe statement if any false statement 

set -x -f -o errexit -o pipefail
set +x +f +e

https://stackoverflow.com/questions/68465355/what-is-the-meaning-of-set-o-pipefail-in-bash-script

What Does Bash “set -x” do?

https://www.newline.co/courses/newline-guide-to-bash-scripting/errexit

https://unix.stackexchange.com/questions/333867/what-does-set-f-in-korn-shell-do

ESP32 wroom 32 – MicroController

  • Fedora ardino IDE issue – https://github.com/arduino/Arduino/issues/11150
  • https://forum.arduino.cc/t/esp32-ide-compiler-importerror-no-module-named-serial/968605/10

sudo pip install pyserial

  • Open Arduino using Sudo
  • Stable repo link for Esp32
https://raw.githubusercontent.com/espressif/arduino-esp32/gh-pages/package_esp32_index.json
  • File > Preference > Additional Board Manager
  • Tools > Board > Board manager > esp32 > Install

  • Tools > Board > ESP32 > ESP32 Dev(or any board that you have)
  • File > Example > WIFI > SimpleWIFIServer
  • update wifi login creds
const char* ssid = "TP-Link_573B";
const char* password = "passowrd";
  • Tools > Serial Monitor

Youtube video : https://www.youtube.com/watch?v=UuxBfKA3U5M

pin out : https://www.studiopieters.nl/esp32-pinout/

esp32 wroom

Power consumption with 1 LED: 5V x 0.08Amp = 0.4 Watt

Grafana https behind nginx controller

if grafana is running on https and you do not add below setting it will give HTTP ERROR 400

nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
  • Also check grafana.ini aur default.ini for root_url
root_url = https://grafana.example.com
  • Also check the liveness and readiness probe scheme

https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/#backend-protocol

https://stackoverflow.com/questions/54459015/how-to-configure-ingress-to-direct-traffic-to-an-https-backend-using-https

  • grafana helm values.yaml
image:
  repository: grafana/grafana
  tag: 8.5.2
persistence:
  enabled: true
  type: statefulset
resources:
 limits:
   cpu: 500m
   memory: 512Mi
 requests:
   cpu: 500m
   memory: 512Mi

grafana.ini:
  app_mode: test
  paths:
    data: /var/lib/grafana/
    logs: /var/log/grafana
    plugins: /var/lib/grafana/plugins
    provisioning: /etc/grafana/provisioning
    temp_data_lifetime: 24h
  server:
    protocol: https
    domain: grafana.example.com
    enforce_domain: false
    root_url: https://grafana.example.com/
    serve_from_sub_path: false
    cert_file: /var/lib/grafana/cert/dev.crt
    cert_key: /var/lib/grafana/cert/dev.key
  database:
    type: postgres
    host: database-hostname
    name: grafana
    user: grafana
    password: ${grafana_eks_postgres_password}
    ssl_mode: disable
  security:
    cookie_secure: true
    allow_embedding: true
    strict_transport_security: true
    strict_transport_security_max_age_seconds: 31536000
    strict_transport_security_preload: true
    strict_transport_security_subdomains: true
    x_content_type_options: true
    x_xss_protection: true
  smtp:
    enabled: true
    host: email-smtp.ap-south-1.amazonaws.com:25
    user: ${grafana_smtp_username}
    password: ${grafana_smtp_password}
    #skip_verify = true
    from_address: exam@example.com
    from_name: test

readinessProbe:
  httpGet:
    path: /api/health
    port: 3000
    scheme: HTTPS
livenessProbe:
  httpGet:
    path: /api/health
    port: 3000
    scheme: HTTPS
  initialDelaySeconds: 60
  timeoutSeconds: 30
  failureThreshold: 10

ingress:
  enabled: true
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/proxy-connect-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
    route53mapper: enabled
    nginx.ingress.kubernetes.io/backend-protocol: HTTPS
  labels:
    app: grafana
  path: /
  pathType: ImplementationSpecific
  hosts:
    - grafana.example.com
helm upgrade --install grafana grafana/grafana --version 6.32.6 --set image.tag=8.5.2 --set persistence.enabled=true --set persistence.type=statefulset --set persistence.storageClassName=gp2

helm upgrade --install grafana grafana/grafana --version 6.32.6 -f values.taml

View image in linux ascii terminal

  • Install / Download binary from https://github.com/atanunq/viu

Dockerfile

FROM rust:slim-buster as build
ARG ARCH
WORKDIR opt
RUN rustup target add $ARCH-unknown-linux-musl
RUN apt update && apt install git -y
RUN git clone https://github.com/atanunq/viu
WORKDIR viu
RUN cargo build --target $ARCH-unknown-linux-musl --release
RUN cp /viu/target/$ARCH-unknown-linux-musl/release/viu /usr/bin

FROM alpine:3.15.0
COPY --from=build /opt/viu/target/$ARCH-unknown-linux-musl/release/viu /usr/bin
ENTRYPOINT ["viu"]
  • docker build with args
podman build -t viu --build-arg ARCH=x86_64 .
docker run -it -v $(pwd):/opt viu "/opt/img/bfa.jpg"
  • https://doc.rust-lang.org/nightly/rustc/platform-support.html
  • https://unix.stackexchange.com/questions/35333/what-is-the-fastest-way-to-view-images-from-the-terminal

rapsberry pi camera on ubuntu

  • see if camera attached to raspberry pi yo will see something like bcm2835-v4l2: V4L2 device registered as video0 – stills mode > 1280×720
root@lp-arm-4:~# dmesg  | grep -i vid
--More--
[   13.071843] bcm2835-isp bcm2835-isp: Device node output[0] registered as /dev/video13
[   13.615235] bcm2835-isp bcm2835-isp: Device node capture[0] registered as /dev/video14
[   13.615709] bcm2835-isp bcm2835-isp: Device node capture[1] registered as /dev/video15
[   13.616053] bcm2835-isp bcm2835-isp: Device node stats[2] registered as /dev/video16
[   13.626826] bcm2835-codec bcm2835-codec: Device registered as /dev/video10
[   13.631504] bcm2835-codec bcm2835-codec: Device registered as /dev/video11
[   13.667772] : bcm2835_codec_get_supported_fmts: port has more encoding than we provided space for. Some are dropped.
[   13.702795] bcm2835-v4l2: V4L2 device registered as video0 - stills mode > 1280x720
[   13.708226] bcm2835-v4l2: Broadcom 2835 MMAL video capture ver 0.0.2 loaded.
[   13.744213] bcm2835-codec bcm2835-codec: Device registered as /dev/video12

--More--
  • install raspistill binary 
apt install libraspberrypi-bin
  • check camera status
vcgencmd get_camera
  • Removing and adding back sunny connector(the yellow thingy below the camera in the board) worked. (very strange)

https://stackoverflow.com/questions/31354280/raspberry-camera-error-mmal-no-data-received-from-sensor

kubernetes 1.23 to 1.24 ,1.25, 1.26, 27, 28, 29 upgrade

  • install containerd and remove docker
systemctl stop docker
dnf remove docker-ce -y

dnf install containerd -y

sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
systemctl start containerd
systemctl enable containerd
  • edit /var/lib/kubelet/kubeadm-flags.env add below
KUBELET_KUBEADM_ARGS="--pod-infra-container-image=k8s.gcr.io/pause:3.5 --container-runtime=remote --container-runtime-endpoint=unix:///run/containerd/containerd.sock"

OR
KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint=unix:///run/containerd/containerd.sock"
  • edit /etc/crictl.yaml to remove crictl warning message
echo 'runtime-endpoint: unix:///run/containerd/containerd.sock' > /etc/crictl.yaml
systemctl start containerd


#[ERROR FileContent--proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables does not exist
#[ERROR FileContent--proc-sys-net-ipv4-ip_forward]: /proc/sys/net/ipv4/ip_forward contents are not set to 1

lsmod | grep -i netfilter
modprobe br_netfilter

echo 1 > /proc/sys/net/ipv4/ip_forward

echo 'net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1' > /etc/sysctl.d/k8s.conf

Remove CNI binary form /opt/cni/bin/*

rm -rf /opt/cni/bin/*

For Ubuntu 22.04 need to install containernetworking-plugins:

failed to load CNI config list file /etc/cni/net.d/10-calico.conflist: error parsing configuration list: unexpected end of JSON input: invalid cni config: failed to load

apt install containernetworking-plugins

#crontab entry for ubuntu 

@reboot modprobe br_netfilter
@reboot echo 1 > /proc/sys/net/ipv4/ip_forward

Note : weaves CNI had issue with containerd , k8 1.24 I uninstalled it.

It’s working with calico CNI

  • For new containerd version above 1.5.9
vi /etc/containerd/config.toml

SystemdCgroup = true
  • For Raspberry pi edit /boot/firmware/cmdline.txt and append this line
cgroup_enable=cpuset cgroup_enable=memory
  • Kernal 6.12.40-v8+ has some issues with cgroup_enable=memory need to switch to 6.6 
root@lp-arm-2:~# cat /proc/cmdline
coherent_pool=1M 8250.nr_uarts=0 snd_bcm2835.enable_headphones=0 cgroup_disable=memory .....

grep memory /proc/cgroups
dmesg | grep 'Kernel command line'
strings /boot/kernel8.img | grep cgroup_disable

kuberntes upgrade useful command

kubectl drain ip-10-222-110-231.eu-west-1.compute.internal --delete-emptydir-data="true" --ignore-daemonsets="true" --timeout="15m" --force

kubectl get nodes --label-columns beta.kubernetes.io/instance-type --label-columns beta.kubernetes.io/capacity-type -l role=worker
  • deleted pod automatically

#send output to env_output.tail
for i in $(cat qa.node); 
do echo "draining node : $i"
kubectl drain $i  --delete-emptydir-data="true" --ignore-daemonsets="true" --timeout="15m" --force >> env_output.tail 2>&1
echo "completed node : $i"
done

#read env_output.tail to delete pod
while(true)
do
pods=$(tail -n 20 env_output.tail | grep "error when evicting" | cut -d '(' -f1 | awk -F 'evicting' '{print $2}' | uniq | awk '{print $1,$2,$3}')
echo pods: $pods
apod=$(echo "$pods" | sed 's/"//g')
echo apod: $apod
echo "kubectl delete $apod"
kubectl delete $apod
sleep 5
done
#namespace=$(kubeclt get ns | tr "\n" " ")
namespace="abc xyz"

for ns in $namespace
do
    deploy=$(kubectl get deploy -n $ns | grep -v '0/' | awk '{print $1}' | sed 1d)
    for i in $deploy
    do
        kubectl -n $ns patch deployment $i -p '{"spec": {"template": {"spec": {"containers": [{"name": "'$i'","resources": { "requests": {"cpu": "100m"}}}]}}}}'
        echo "patched : $i ns=$ns"
    done
done

https://faun.pub/kubectl-commands-cheatsheet-43ce8f13adfb