Helm/Reloader: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
← Older edit
VisualWikitext
No edit summary
 
(6 intermediate revisions by the same user not shown)
Line 14: Line 14:
Diagram
Diagram
|-
|-
|valign='top' style='padding:6px'|
|valign='top'|
<kroki lang="plantuml">
<kroki lang="plantuml">
@startuml
@startuml
Line 22: Line 22:
' Styling for Transparency and Layout
' Styling for Transparency and Layout
skinparam backgroundColor transparent
skinparam backgroundColor transparent
skinparam DefaultFontName Helvetica
skinparam componentStyle  rectangle
skinparam shadowing      false


package "Input Sources" {
package "Input Sources" {
Line 194: Line 197:
kubectl                    delete ns  reloader-system
kubectl                    delete ns  reloader-system
kubectl                    delete pv  reloader-data-reloader-0
kubectl                    delete pv  reloader-data-reloader-0
</syntaxhighlight>
|}
==Reloader » Config==
{|class='wikitable mw-collapsible'
!scope='col' style='text-align:left' colspan='2'|
Reloader » Config
|-
!scope='col' style='width:50%'| Context
!scope='col' style='width:50%'| Namespace
|-
|valign='top'|
<syntaxhighlight lang='bash'>
export KUBECONFIG="${HOME}/.kube/shahed-ab-kubeconfig.yaml"
kubectl get service kubernetes -n default
kubectl config get-contexts
kubectl cluster-info
kubectl get --raw /.well-known/openid-configuration|yq -P
kubectl config view -o=yaml|yq '.contexts[0].name'
kubectl get ns shahed-academia
kubectl    -n=shahed-academia get SecretStore    store-shahed-ab
kubectl    -n=shahed-academia get ExternalSecret academia-audit-eso
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='yaml'>
cat <<'YML' | \
kubectl apply -f -
---
apiVersion: v1
kind: Namespace
metadata:
  name: shahed-academia
  labels:
    app.kubernetes.io/version: 1.0.0
    app.kubernetes.io/managed-by: kubectl
YML
kubectl get namespace shahed-academia -o=yaml
</syntaxhighlight>
|-
|valign='top'|
{|class='wikitable'
|valign='top'|
* [[Vault#Auth|Skipped » Find More 👉 Vault » Auth]]
----
* [[Vault#Engine » KV|Skipped » Find More 👉 Vault » Engine » KV]]
|}
|valign='top'|
{|class='wikitable'
|valign='top'|
* [[Helm/Vault Secrets Operator#Vault » Config|Skipped » Find More 👉 Vault » K8s » Config » VSO]]
----
* [[Helm/External Secrets Operator#Vault » Config|Skipped » Find More 👉 Vault » K8s » Config » ESO]]
|}
|-
|valign='top'|
{|class='wikitable'
!scope='col'| Scope
!scope='col'| Annotation Key
!scope='col'| Value
|-
| '''Global/Auto'''        || <code>reloader.stakater.com/auto</code>              || <code>true</code>
|-
| '''Specific Secret'''    || <code>secret.reloader.stakater.com/reload</code>    || <code>name-of-secret</code>
|-
| '''Specific ConfigMap''' || <code>configmap.reloader.stakater.com/reload</code>  || <code>name-of-cm</code>
|}
|valign='top'|
<syntaxhighlight lang='bash'>
kubectl -n=shahed-academia annotate deployment <deployment-name> \
  secret.reloader.stakater.com/reload='academia-audit'
kubectl -n=shahed-academia get deploy <deployment-name> -o=yaml \
| yq -P '.metadata.annotations'
</syntaxhighlight>
|-
!scope='col'| VaultStaticSecret
!scope='col'| ExternalSecret
|-
|valign='top'|
<syntaxhighlight lang='bash'>
kubectl -n=shahed-academia annotate deployment <deployment-name> \
  secret.reloader.stakater.com/reload='academia-audit-vso'
kubectl -n=shahed-academia get deploy <deployment-name> -o=yaml \
| yq -P '.metadata.annotations'
</syntaxhighlight>
<syntaxhighlight lang='bash'>
kubectl -n=shahed-academia label VaultStaticSecret academia-audit-vso \
last-sync=$(date +%s) --overwrite
</syntaxhighlight>
|valign='top'|
<syntaxhighlight lang='bash'>
kubectl -n=shahed-academia annotate deployment <deployment-name> \
  secret.reloader.stakater.com/reload='academia-audit-eso'
kubectl -n=shahed-academia get deploy <deployment-name> -o=yaml \
| yq -P '.metadata.annotations'
</syntaxhighlight>
<syntaxhighlight lang='bash'>
kubectl -n=shahed-academia annotate ExternalSecret academia-audit-eso \
force-sync=$(date +%s) --overwrite
</syntaxhighlight>
</syntaxhighlight>
|}
|}

Latest revision as of 07:26, 25 January 2026

helm repo add stakater https://stakater.github.io/stakater-charts
helm repo update && helm repo list
kubectl config get-contexts

Diagram

Helm » Context

Helm » Context 

export KUBECONFIG="${HOME}/.kube/aws-kubeconfig.yaml"
export KUBECONFIG="${HOME}/.kube/gcp-kubeconfig.yaml"
export KUBECONFIG="${HOME}/.kube/lke-kubeconfig.yaml"
export KUBECONFIG="${HOME}/.kube/config"

Helm » Install

Helm » Install 

helm show   values stakater/reloader --version=2.2.6|less
helm show   values stakater/reloader --version=2.2.7|less

export KUBECONFIG="${HOME}/.kube/shahed-ab-kubeconfig.yaml"
kubectl create ns   reloader-system || true

kubectl get ns|grep reloader-system
kubectl delete ns   reloader-system || true
Install Notes 
cat <<'YML' | \
helm -n=reloader-system upgrade \
-i reloader  stakater/reloader --version=2.2.7 -f -
---
nameOverride: reloader
fullnameOverride: reloader
image:
  name: stakater/reloader
  repository: ghcr.io/stakater/reloader
  tag: v1.4.12
reloader:
  watchGlobally: true
  deployment:
    replicas: 1
    revisionHistoryLimit: 5
    resources:
      limits:
        cpu: 100m
        memory: 512Mi
      requests:
        cpu: 10m
        memory: 128Mi
YML
Verify 
helm -n=reloader-system status          reloader
helm -n=reloader-system get    manifest reloader

Helm » Config

Helm » Config

Scale » Down Scale » Up 
kubectl -n=reloader-system \
scale deploy/reloader --replicas=0

kubectl -n=reloader-system \
scale deploy/reloader --replicas=1

Helm » Debug

Helm » Debug 

POD_NAME="$(kubectl -n=reloader-system get  pods -o=yaml -l app.kubernetes.io/name=reloader |yq -P '.items[].metadata.name')"
kubectl -n=reloader-system exec -it "${POD_NAME}" -c reloader -- sh
kubectl -n=reloader-system logs -f  "${POD_NAME}" -c reloader
kubectl -n=reloader-system logs -f  "${POD_NAME}"

kubectl -n=reloader-system get  pods -o=yaml|yq -P '.items[].spec.containers[].name'
kubectl -n=reloader-system get  pods -o=yaml|yq -P '.items[].metadata.labels'

kubectl -n=reloader-system exec -it -l app.kubernetes.io/name=reloader -c reloader -- sh
kubectl -n=reloader-system logs -f  -l app.kubernetes.io/name=reloader -c reloader
kubectl -n=reloader-system logs -f  -l app.kubernetes.io/name=reloader

Helm » Uninstall

Helm » Uninstall 

helm -n=reloader-system status    reloader
helm -n=reloader-system get all   reloader
helm -n=reloader-system uninstall reloader

kubectl -n=reloader-system delete pvc --all
kubectl                    delete ns  reloader-system
kubectl                    delete pv  reloader-data-reloader-0

Reloader » Config

Reloader » Config

Context Namespace 
export KUBECONFIG="${HOME}/.kube/shahed-ab-kubeconfig.yaml"
kubectl get service kubernetes -n default
kubectl config get-contexts
kubectl cluster-info


kubectl get --raw /.well-known/openid-configuration|yq -P
kubectl config view -o=yaml|yq '.contexts[0].name'


kubectl get ns shahed-academia
kubectl     -n=shahed-academia get SecretStore    store-shahed-ab
kubectl     -n=shahed-academia get ExternalSecret academia-audit-eso

cat <<'YML' | \
kubectl apply -f -
---
apiVersion: v1
kind: Namespace
metadata:
  name: shahed-academia
  labels:
    app.kubernetes.io/version: 1.0.0
    app.kubernetes.io/managed-by: kubectl
YML

kubectl get namespace shahed-academia -o=yaml
Scope Annotation Key Value
Global/Auto reloader.stakater.com/auto true
Specific Secret secret.reloader.stakater.com/reload name-of-secret
Specific ConfigMap configmap.reloader.stakater.com/reload name-of-cm 
kubectl -n=shahed-academia annotate deployment <deployment-name> \
  secret.reloader.stakater.com/reload='academia-audit'

kubectl -n=shahed-academia get deploy <deployment-name> -o=yaml \
 | yq -P '.metadata.annotations'
VaultStaticSecret ExternalSecret 
kubectl -n=shahed-academia annotate deployment <deployment-name> \
  secret.reloader.stakater.com/reload='academia-audit-vso'

kubectl -n=shahed-academia get deploy <deployment-name> -o=yaml \
 | yq -P '.metadata.annotations'

kubectl -n=shahed-academia label VaultStaticSecret academia-audit-vso \
 last-sync=$(date +%s) --overwrite

kubectl -n=shahed-academia annotate deployment <deployment-name> \
  secret.reloader.stakater.com/reload='academia-audit-eso'

kubectl -n=shahed-academia get deploy <deployment-name> -o=yaml \
 | yq -P '.metadata.annotations'

kubectl -n=shahed-academia annotate ExternalSecret academia-audit-eso \
 force-sync=$(date +%s) --overwrite

Playground

Playground 

helm -n=reloader-system install    reloader stakater/reloader --version=2.2.6
helm -n=reloader-system upgrade -i reloader stakater/reloader --version=2.2.7
helm show   values                          stakater/reloader --version=2.2.7|less

kubectl -n=reloader-system exec -it -l app.kubernetes.io/name=reloader -c reloader -- sh
kubectl -n=reloader-system logs -f  -l app.kubernetes.io/name=reloader -c reloader
kubectl -n=reloader-system logs -f  -l app.kubernetes.io/name=reloader

kubectl -n=reloader-system get  pods -o=yaml|yq -P '.items[].spec.containers[].name'
kubectl -n=reloader-system get  pods -o=yaml|yq -P '.items[].metadata.labels'
kubectl -n=reloader-system get  pods --show-labels

kubectl -n=reloader-system delete all --all
kubectl -n=reloader-system delete ing --all
kubectl -n=reloader-system delete sts --all

kubectl                    delete pv  reloader-data-reloader-0
kubectl -n=reloader-system delete svc --all
kubectl -n=reloader-system delete pvc --all

kubectl -n=reloader-system rollout history deploy/reloader
kubectl -n=reloader-system rollout restart deploy/reloader
kubectl -n=reloader-system rollout status  deploy/reloader

kubectl -n=reloader-system exec -it -l app.kubernetes.io/name=reloader -c reloader -- sh
kubectl -n=reloader-system logs -f  -l app.kubernetes.io/name=reloader -c reloader
kubectl -n=reloader-system logs -f  -l app.kubernetes.io/name=reloader

References

References

Retrieved from "https://wiki.chorke.org/index.php?title=Helm/Reloader&oldid=16440"