Remove all Docker Images

Use the following command to stop all containers and remove all images from your docker client. WARNING: There's no going back! With great power...blah, blah... =)

#!/bin/bash
# Stop all containers
docker stop $(docker ps -qa)  
# Delete all containers
docker rm $(docker ps -aq)  
# Delete all images
docker rmi $(docker images -q)  

Force Update of CoreOS

sudo /usr/bin/systemctl unmask update-engine.service  
sudo /usr/bin/systemctl start update-engine.service  
sudo update_engine_client -update  
sudo /usr/bin/systemctl stop update-engine.service  
sudo /usr/bin/systemctl mask update-engine.service  
sudo reboot  

Create docker-machine 1.9

Docker machine is a slick tool to let you bring up a docker instance on your machine, however, it defaults to latest for the Docker version. I needed a way to test our Artifactory server with issues related to docker version, so I wanted to build a docker 1.9 instance.

Turns out this is pretty easy if you have the right urls to pass. Here's the command I used:

docker-machine create -d virtualbox --virtualbox-boot2docker-url=https://github.com/boot2docker/boot2docker/releases/download/v1.9.1/boot2docker.iso old  

Access Kubernetes API behind bastion host

For our production Kubernetes instances, we run them on CoreOS in AWS. Our architecture is setup so that all instances are hidden inside private subnets. To access the resources there for administration tasks, we utilize bastion hosts.

This is a problem since now we don't have direct access to the API server for kubectl to work. To access the cluster using kubectl we'll need to setup an SSH tunnel between our laptop and the bastion host.

The following example shows how to setup this tunnel where 10.0.0.50 is the internal IP of my k8s API server and 1.2.3.4 is the ip of my bastion host:

ssh -L 9443:10.0.0.50:443 ec2-user@1.2.3.4 -N  

Now that we have a tunnel up and running, we should be able to hit our API server via localhost (e.g. curl https://localhost:9443) but we can't because I don't have localhost in the SAN of my certs. I could add localhost or use a different name which is what I did (k8s.stevesloka.com). To add the SAN name we need to add an entry to our local hosts file or setup a CNAME in public dns for simplicity (This way additional users of the cluster don't need to mess with their hosts files).

The following example shows my example hosts file:

##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1       localhost  
255.255.255.255 broadcasthost  
::1             localhost
127.0.0.1       k8s.stevesloka.com  

Now just configure kubectl to talk to my cluster and I'm in!

$ kubectl config set-cluster default-cluster --server=https://k8s.stevesloka.com:9443 --certificate-authority=ca.pem
$ kubectl config set-credentials default-admin --certificate-authority=ca.pem --client-key=apiserver-key.pem --client-certificate=apiserver.pem
$ kubectl config set-context default-system --cluster=default-cluster --user=default-admin
$ kubectl config use-context default-system

Calculate Directory Size on Linux

I keep forgetting the command to see the size of all directories. Run the following command in the root of where you want to calculate sizes.

du -h -d 1 -a .