PVC Debug Pod entry

blog/content/posts/backups-and-updates-and-dependencies-and-resiliency.md

@@ -3,6 +3,7 @@ title: "Backups and Updates and Dependencies and Resiliency"
 date: 2024-02-18T16:00:00-08:00
 tags:
   - homelab
+  - k8s
   - SDLC
 
 ---

blog/content/posts/cloudflare-tunnel-dns.md

@@ -3,6 +3,7 @@ title: "Cloudflare Tunnel DNS"
 date: 2022-08-22T16:05:39-07:00
 tags:
   - homelab
+  - k8s
   - meta
 
 ---

blog/content/posts/grafana-oncall.md

@@ -3,6 +3,7 @@ title: "Grafana Oncall"
 date: 2022-09-13T10:52:53-07:00
 tags:
   - homelab
+  - k8s
   - observability
 
 ---

blog/content/posts/pvc-debug-pod.md

@@ -0,0 +1,47 @@
+---
+title: "PVC Debug Pod"
+date: 2024-03-04T22:05:41-08:00
+tags:
+  - k8s
+
+---
+I've been annoyed sufficiently-often by the fact that there is no single `kubectl` command to "_create a pod, and attach a PVC to it_" that I threw together the following script:
+<!--more-->
+```bash
+#!/bin/bash
+
+set -ex
+
+# This script assumes the existence and correct configuration of `kubectl` and `fzf`.
+# TODO - cool feature would be to grab namespaces with `kubectl get ns` and pipe through `fzf` to select - but, 99% of the time, this'll just be for the current namespace anyway
+
+PVC_TO_MOUNT=$(kubectl get pvc --no-headers | awk '{print $1}' | fzf)
+POD_CREATE_OUTPUT=$(cat <<EOF | kubectl create -f -
+apiVersion: v1
+kind: Pod
+metadata:
+  generateName: debug-pod-
+spec:
+  volumes:
+    - name: pvc
+      persistentVolumeClaim:
+        claimName: $PVC_TO_MOUNT
+  containers:
+    - name: debug-container
+      image: ubuntu
+      command: [ "/bin/bash", "-c", "--" ]
+      args: [ "while true; do sleep 30; done;" ]
+      volumeMounts:
+        - mountPath: "/mnt/pvc"
+          name: pvc
+EOF
+)
+POD_NAME=$(echo $POD_CREATE_OUTPUT | awk '{print $1}')
+kubectl wait --for=condition=Ready $POD_NAME
+kubectl exec -it $POD_NAME /bin/bash
+
+```
+
+While researching it, I did find out that [Ephemeral Containers](https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/) are now a thing - but, given that they also don't appear to allow a PVC-mount in their `kubectl`-creation, I suspect you'd still have to create via `cat <<EOF | kubectl create`[^why-create] anyway.
+
+[^why-create]: Why `create` and not `apply`? Because you can't use `generateName` with `apply`, and if I accidentally forget to tear down an pre-existing debug-pod I'd rather not be interrupted in what I'm doing. Arguably, though, that would be a good reminder to clean up after myself.

blog/content/posts/rebuild-from-scratch.md

@@ -4,6 +4,7 @@ date: 2023-02-07T19:52:44-08:00
 tags:
   - CI/CD
   - homelab
+  - k8s
   - observability
 
 ---

blog/content/posts/secure-docker-registry.md

@@ -3,6 +3,7 @@ title: "Secure Docker Registry"
 date: 2022-07-01T21:26:32-07:00
 tags:
   - homelab
+  - k8s
 ---
 Part of the self-hosted setup that supports this blog (along with all my other homelab projects) is a [Docker Registry](https://docs.docker.com/registry/) to hold the images built and used in the CI/CD pipeline. Recently I tried to install TLS certificates to secure interaction with the Registry, and it was a fair bit harder to figure out than I expected, so I wanted to write it up both for future-me and for anyone else struggling with the same problem.
 <!--more-->

blog/content/posts/self-hosted-analytics.md

@@ -3,6 +3,7 @@ title: "Self-Hosted Analytics"
 date: 2022-08-02T20:23:48-07:00
 tags:
   - homelab
+  - k8s
   - meta
 
 ---

blog/content/posts/vpn-on-kubernetes.md

@@ -3,6 +3,7 @@ title: "VPN on Kubernetes"
 date: 2022-12-15T22:28:24-08:00
 tags:
   - homelab
+  - k8s
 
 ---
 I was surprised to find that there's not much discussion of putting Kubernetes pods behind a VPN. Given how useful both tools are, you'd think more people would use them in concert.