scubbo/blogcontent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PVC Debug Pod entry

Browse Source
This commit is contained in:
Jack Jackson 2024-03-04 22:16:36 -08:00
parent 973224b5ef
commit c5b2875fdd
8 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
blog/content/posts/backups-and-updates-and-dependencies-and-resiliency.md
View File

@ -3,6 +3,7 @@ title: "Backups and Updates and Dependencies and Resiliency"
date: 2024-02-18T16:00:00-08:00 date: 2024-02-18T16:00:00-08:00
tags: tags:
- homelab - homelab
- k8s
- SDLC - SDLC
--- ---

1
blog/content/posts/cloudflare-tunnel-dns.md
View File

@ -3,6 +3,7 @@ title: "Cloudflare Tunnel DNS"
date: 2022-08-22T16:05:39-07:00 date: 2022-08-22T16:05:39-07:00
tags: tags:
- homelab - homelab
- k8s
- meta - meta
--- ---

1
blog/content/posts/grafana-oncall.md
View File

@ -3,6 +3,7 @@ title: "Grafana Oncall"
date: 2022-09-13T10:52:53-07:00 date: 2022-09-13T10:52:53-07:00
tags: tags:
- homelab - homelab
- k8s
- observability - observability
--- ---

47
blog/content/posts/pvc-debug-pod.md Normal file
View File

@ -0,0 +1,47 @@
---
title: "PVC Debug Pod"
date: 2024-03-04T22:05:41-08:00
tags:
- k8s
---
I've been annoyed sufficiently-often by the fact that there is no single `kubectl` command to "_create a pod, and attach a PVC to it_" that I threw together the following script:
<!--more-->
```bash
#!/bin/bash
set -ex
# This script assumes the existence and correct configuration of `kubectl` and `fzf`.
# TODO - cool feature would be to grab namespaces with `kubectl get ns` and pipe through `fzf` to select - but, 99% of the time, this'll just be for the current namespace anyway
PVC_TO_MOUNT=$(kubectl get pvc --no-headers | awk '{print $1}' | fzf)
POD_CREATE_OUTPUT=$(cat <<EOF | kubectl create -f -
apiVersion: v1
kind: Pod
metadata:
generateName: debug-pod-
spec:
volumes:
- name: pvc
persistentVolumeClaim:
claimName: $PVC_TO_MOUNT
containers:
- name: debug-container
image: ubuntu
command: [ "/bin/bash", "-c", "--" ]
args: [ "while true; do sleep 30; done;" ]
volumeMounts:
- mountPath: "/mnt/pvc"
name: pvc
EOF
)
POD_NAME=$(echo $POD_CREATE_OUTPUT | awk '{print $1}')
kubectl wait --for=condition=Ready $POD_NAME
kubectl exec -it $POD_NAME /bin/bash
```
While researching it, I did find out that [Ephemeral Containers](https://kubernetes.io/docs/concepts/workloads/pods/ephemeral-containers/) are now a thing - but, given that they also don't appear to allow a PVC-mount in their `kubectl`-creation, I suspect you'd still have to create via `cat <<EOF | kubectl create`[^why-create] anyway.
[^why-create]: Why `create` and not `apply`? Because you can't use `generateName` with `apply`, and if I accidentally forget to tear down an pre-existing debug-pod I'd rather not be interrupted in what I'm doing. Arguably, though, that would be a good reminder to clean up after myself.

1
blog/content/posts/rebuild-from-scratch.md
View File

@ -4,6 +4,7 @@ date: 2023-02-07T19:52:44-08:00
tags: tags:
- CI/CD - CI/CD
- homelab - homelab
- k8s
- observability - observability
--- ---

1
blog/content/posts/secure-docker-registry.md
View File

@ -3,6 +3,7 @@ title: "Secure Docker Registry"
date: 2022-07-01T21:26:32-07:00 date: 2022-07-01T21:26:32-07:00
tags: tags:
- homelab - homelab
- k8s
--- ---
Part of the self-hosted setup that supports this blog (along with all my other homelab projects) is a [Docker Registry](https://docs.docker.com/registry/) to hold the images built and used in the CI/CD pipeline. Recently I tried to install TLS certificates to secure interaction with the Registry, and it was a fair bit harder to figure out than I expected, so I wanted to write it up both for future-me and for anyone else struggling with the same problem. Part of the self-hosted setup that supports this blog (along with all my other homelab projects) is a [Docker Registry](https://docs.docker.com/registry/) to hold the images built and used in the CI/CD pipeline. Recently I tried to install TLS certificates to secure interaction with the Registry, and it was a fair bit harder to figure out than I expected, so I wanted to write it up both for future-me and for anyone else struggling with the same problem.
<!--more--> <!--more-->

1
blog/content/posts/self-hosted-analytics.md
View File

@ -3,6 +3,7 @@ title: "Self-Hosted Analytics"
date: 2022-08-02T20:23:48-07:00 date: 2022-08-02T20:23:48-07:00
tags: tags:
- homelab - homelab
- k8s
- meta - meta
--- ---

1
blog/content/posts/vpn-on-kubernetes.md
View File

@ -3,6 +3,7 @@ title: "VPN on Kubernetes"
date: 2022-12-15T22:28:24-08:00 date: 2022-12-15T22:28:24-08:00
tags: tags:
- homelab - homelab
- k8s
--- ---
I was surprised to find that there's not much discussion of putting Kubernetes pods behind a VPN. Given how useful both tools are, you'd think more people would use them in concert. I was surprised to find that there's not much discussion of putting Kubernetes pods behind a VPN. Given how useful both tools are, you'd think more people would use them in concert.