This is my home Kubernetes cluster. Flux watches this Git repository and makes the changes to my cluster based on the manifests in the cluster directory. Renovate also watches this Git repository and creates pull requests when it finds updates to Docker images, Helm charts, and other dependencies.
For more information, head on over to my docs.
I have nested README files that should be visible as you browse the repo.
My Gitlab has more of my projects
List of container images in use cluster-wide
kubectl get pods --all-namespaces -o go-template --template="{{range .items}}{{range .spec.containers}}{{.image}} {{end}}{{end}}" | sed 's/ /\n/g' | uniq > ./container_images_in_use.txt
List of container images in use that have arm64 images available (grep -q --> grep -vq for inversion)
kubectl get po -A -o yaml | grep 'image:' | cut -f2- -d':' | sed 's/^[[:space:]]*//g' | grep '/' | sort -u | xargs -I{} bash -c "docker manifest inspect {} | grep -q arm64 && echo {}" > ./container_images_with_arm64.txt
Snippet for nodeAffinity for non-ARM pods
affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: "kubernetes.io/arch" operator: In values: - amd64 - i386 - i686 - x86
If using a node-taint for arm nodes[1], this will allow toleration
`tolerations:
- key: "arch" operator: "Equal" value: "arm64" effect: "NoSchedule"`
[1]While Bootstrapping: --kubelet-extra-args --register-with-taints="kubernetes.io/arch=arm64:NoSchedule"
Else: kubectl taint no k8s-0 kubernetes.io/arch=arm64:NoSchedule
Other useful snippets:
kubectl label node k8s-0 node-role.kubernetes.io/worker=true
kubectl apply --kustomize=./cluster/base/flux-system
cat ~/.config/sops/age/keys.txt | kubectl -n flux-system create secret generic sops-age --from-file=age.agekey=/dev/stdin
kubectl create namespace flux-system --dry-run=client -o yaml | kubectl apply -f -
Thanks to all the people who donate their time to the Kubernetes @Home community.