From 60d3abc6ecdc21b4ab921d34a55b4af48690f55a Mon Sep 17 00:00:00 2001 From: Julien Dessaux Date: Thu, 11 Mar 2021 18:53:14 +0100 Subject: Rewrote the whole website to get rid on a heavy theme --- content/blog/kubernetes/_index.md | 5 +++++ content/blog/kubernetes/get_key_and_certificae.md | 10 ++++++++++ content/blog/kubernetes/pg_dump_restore.md | 24 +++++++++++++++++++++++ 3 files changed, 39 insertions(+) create mode 100644 content/blog/kubernetes/_index.md create mode 100644 content/blog/kubernetes/get_key_and_certificae.md create mode 100644 content/blog/kubernetes/pg_dump_restore.md (limited to 'content/blog/kubernetes') diff --git a/content/blog/kubernetes/_index.md b/content/blog/kubernetes/_index.md new file mode 100644 index 0000000..3545b68 --- /dev/null +++ b/content/blog/kubernetes/_index.md @@ -0,0 +1,5 @@ +--- +title: "Kubernetes" +linkTitle: "Kubernetes" +weight: 40 +--- diff --git a/content/blog/kubernetes/get_key_and_certificae.md b/content/blog/kubernetes/get_key_and_certificae.md new file mode 100644 index 0000000..c66cac8 --- /dev/null +++ b/content/blog/kubernetes/get_key_and_certificae.md @@ -0,0 +1,10 @@ +--- +title: "Get tls certificate and key from a kubernetes secret" +date: 2020-08-06 +--- + +My use case is to deploy a wildcard certificate that was previously handled by an acme.sh on my legacy lxd containers. Since moving to kubernetes parts of my services I have been using cert-manager to issue letsencrypt certificates. Since I am not done yet I looked into a way of getting a certificate out of kubernetes. Assuming we are working with a secret named `wild.adyxax.org-cert` and our namespace is named `legacy` : +{{< highlight sh >}} +kubectl -n legacy get secret wild.adyxax.org-cert -o json -o=jsonpath="{.data.tls\.crt}" | base64 -d > fullchain.cer +kubectl -n legacy get secret wild.adyxax.org-cert -o json -o=jsonpath="{.data.tls\.key}" | base64 -d > adyxax.org.key +{{< /highlight >}} diff --git a/content/blog/kubernetes/pg_dump_restore.md b/content/blog/kubernetes/pg_dump_restore.md new file mode 100644 index 0000000..9aafb63 --- /dev/null +++ b/content/blog/kubernetes/pg_dump_restore.md @@ -0,0 +1,24 @@ +--- +title: "Dump and restore a postgresql database on kubernetes" +linkTitle: "Dump and restore a postgresql database" +date: 2020-06-25 +--- + +## Dumping +Assuming we are working with a postgresql statefulset, our namespace is named `miniflux` and our master pod is named `db-postgresql-0`, trying to +dump a database named `miniflux`: +{{< highlight sh >}} +export POSTGRES_PASSWORD=$(kubectl get secret --namespace miniflux db-postgresql -o jsonpath="{.data.postgresql-password}" | base64 --decode) +kubectl run db-postgresql-client --rm --tty -i --restart='Never' --namespace miniflux --image docker.io/bitnami/postgresql:11.8.0-debian-10-r19 --env="PGPASSWORD=$POSTGRES_PASSWORD" --command -- pg_dump --host db-postgresql -U postgres -d miniflux > miniflux.sql-2020062501 +{{< /highlight >}} + +## Restoring + +Assuming we are working with a postgresql statefulset, our namespace is named `miniflux` and our master pod is named `db-postgresql-0`, trying to +restore a database named `miniflux`: +{{< highlight sh >}} +kubectl -n miniflux cp miniflux.sql-2020062501 db-postgresql-0:/tmp/miniflux.sql +kubectl -n miniflux exec -ti db-postgresql-0 -- psql -U postgres -d miniflux +miniflux=# \i /tmp/miniflux.sql +kubectl -n miniflux exec -ti db-postgresql-0 -- rm /tmp/miniflux.sql +{{< /highlight >}} -- cgit v1.2.3