{"id":18457944,"url":"https://github.com/alokkusingh/home-stack","last_synced_at":"2025-07-20T12:05:08.104Z","repository":{"id":95088322,"uuid":"467383026","full_name":"alokkusingh/home-stack","owner":"alokkusingh","description":"Home Project Stack","archived":false,"fork":false,"pushed_at":"2025-06-23T03:15:36.000Z","size":410,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-23T04:25:29.223Z","etag":null,"topics":["d3js","docker","docker-hub","github","graalvm","jagger","java","java-17","k8s","kubernetes","microk8s","microservice","mysql","native-image","rasberry-pi-4","rbac","reactjs","rest","springboot-3x","vrrp"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/alokkusingh.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-03-08T05:57:49.000Z","updated_at":"2025-06-23T03:15:40.000Z","dependencies_parsed_at":"2024-02-27T02:45:36.946Z","dependency_job_id":"51b0e671-6da0-40a9-b70d-01bb2c92c3fa","html_url":"https://github.com/alokkusingh/home-stack","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/alokkusingh/home-stack","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alokkusingh%2Fhome-stack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alokkusingh%2Fhome-stack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alokkusingh%2Fhome-stack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alokkusingh%2Fhome-stack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/alokkusingh","download_url":"https://codeload.github.com/alokkusingh/home-stack/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/alokkusingh%2Fhome-stack/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266120068,"owners_count":23879253,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["d3js","docker","docker-hub","github","graalvm","jagger","java","java-17","k8s","kubernetes","microk8s","microservice","mysql","native-image","rasberry-pi-4","rbac","reactjs","rest","springboot-3x","vrrp"],"created_at":"2024-11-06T08:16:13.205Z","updated_at":"2025-07-20T12:05:08.097Z","avatar_url":"https://github.com/alokkusingh.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# Home Stack \n\n\u003cdiv class=\"warning\" style='padding:0.1em; background-color:#E9D8FD; color:#69337A'\u003e\n\u003cspan\u003e\n\u003cp style='margin-top:1em; text-align:center'\u003e\n\u003cb\u003eHome Project Stack\u003c/b\u003e\u003c/p\u003e\n\u003cp style='margin-left:1em;'\u003e\nThe stack is deployed using Kubernetes cluster enabled using microk8s (https://microk8s.io/docs). microk8s is installed using snap package manger. Package is provided by Canonical (publisher of Ubuntu).\u003cbr\u003e\n- Resources: quad-core ARMx64 processor with 8GB RAM\u003cbr\u003e\n- Kernel: GNU/Linux 6.8.0-1015-raspi aarch64\u003cbr\u003e\n- OS: Ubuntu 24.04.1\u003cbr\u003e\u003cbr\u003e\nAs of now it is deployed on 2 nodes cluster.\n\u003c/p\u003e\n\u003cp style='margin-bottom:1em; margin-right:1em; text-align:right; font-family:Georgia'\u003e \u003cb\u003e- Alok Singh\u003c/b\u003e \n\u003c/p\u003e\u003c/span\u003e\n\u003c/div\u003e\n\n\n## Table of contents \n\u003c!-- TOC --\u003e\n* [Home Stack](#home-stack-)\n * [Table of contents](#table-of-contents-)\n * [Prerequisites](#prerequisites)\n * [Deployment of home-stack Kubernetes Stack](#deployment-of-home-stack-kubernetes-stack)\n * [Create Namespaces](#create-namespaces)\n * [Roll Binding for cluster admin user: `alok`](#roll-binding-for-cluster-admin-user-alok)\n * [Setup remote user alok](#setup-remote-user-alok)\n * [Node Taint](#node-taint)\n * [Master Node](#master-node)\n * [Worker Node](#worker-node)\n * [Kubernetes Dashboard](#kubernetes-dashboard)\n * [Kubernetes Metrics Server](#kubernetes-metrics-server)\n * [Create ConfigMap](#create-configmap)\n * [Create Secrets](#create-secrets)\n * [Create Network policy](#create-network-policy)\n * [MySQL Service - Pod/Deployment/Service](#mysql-service---poddeploymentservice)\n * [Home Network Troubleshoot - Pod/Statefulset/Service](#home-network-troubleshoot---podstatefulsetservice)\n * [Home API Service - Pod/Deployment/Service](#home-api-service---poddeploymentservice)\n * [Home Email Service - Pod/Deployment/Service](#home-email-service---poddeploymentservice)\n * [Home Auth Service - Pod/Deployment/Service](#home-auth-service---poddeploymentservice)\n * [Home Analytics Service - Pod/Deployment/Service](#home-analytics-service---poddeploymentservice)\n * [Home Search Service - Pod/Deployment/Service](#home-search-service---poddeploymentservice)\n * [Home Event Service - Pod/Deployment/Service](#home-event-service---poddeploymentservice)\n * [Home ETL Service - Pod/Statefulset/Service](#home-etl-service---podstatefulsetservice)\n * [Home GIT Commit CronJob (retired)](#home-git-commit-cronjob-retired)\n * [Dashboard Service - Pod/Deployment/Service](#dashboard-service---poddeploymentservice)\n * [Jaeger Service](#jaeger-service)\n * [Mosquitto MqTT Service](#mosquitto-mqtt-service)\n * [IoT Telemetry Service](#iot-telemetry-service)\n * [Delete Stack](#delete-stack)\n * [Ingress](#ingress)\n * [Ingress Create](#ingress-create)\n * [Ingress Delete](#ingress-delete)\n * [Ingress Describe](#ingress-describe)\n * [Ingress Logs](#ingress-logs)\n * [Horizontal Autoscaling](#horizontal-autoscaling)\n * [Create Horizontal Pod Autoscaler](#create-horizontal-pod-autoscaler)\n * [Manually Autoscale](#manually-autoscale)\n * [Update Scale to 1](#update-scale-to-1)\n * [Miscellaneous commands](#miscellaneous-commands)\n * [Client and Server version](#client-and-server-version)\n * [API Resources](#api-resources)\n * [Get Node Details](#get-node-details)\n * [Get Cluster Dump](#get-cluster-dump)\n * [Get all from all namespaces](#get-all-from-all-namespaces)\n * [Get all Services](#get-all-services)\n * [Describe a Service](#describe-a-service)\n * [Get Pod Log](#get-pod-log)\n * [Describe a Pod](#describe-a-pod)\n * [top a pod](#top-a-pod)\n * [Get All Pods under All Namespaces](#get-all-pods-under-all-namespaces)\n * [Describe a spec](#describe-a-spec)\n * [List all Docker images in Microk8s cluster (within the cluster node)](#list-all-docker-images-in-microk8s-cluster-within-the-cluster-node)\n * [Prune Docker Images from Microk8s CLuster](#prune-docker-images-from-microk8s-cluster)\n * [Install crictl](#install-crictl)\n * [Configure crictl for Microk8s](#configure-crictl-for-microk8s)\n * [Prune Images](#prune-images)\n * [Service Mesh - Istio](#service-mesh---istio)\n * [Install](#install)\n * [Backup](#backup)\n * [Config Map](#config-map)\n * [Secrets](#secrets)\n * [Network Monitoring](#network-monitoring)\n * [Kubeshark](#kubeshark)\n * [Start Monitoring Pods](#start-monitoring-pods)\n * [Stop Monitoring Pods](#stop-monitoring-pods)\n * [Deployment Architecture](#deployment-architecture)\n * [Services](#services)\n\u003c!-- TOC --\u003e\n## Prerequisites\n* [Kubernetes Setup on Raspberry Pi](https://github.com/alokkusingh/RaspberryPi-Kubernetes/blob/main/README.md)\n---\n## Deployment of home-stack Kubernetes Stack\n### Create Namespaces\n```shell\nssh alok@jgte \"mkdir yaml\"\n```\n```shell\nscp yaml/namespace.yaml alok@jgte:yaml/\n```\n```shell\nssh alok@jgte \"kubectl apply -f yaml/namespace.yaml\"\n```\n### Roll Binding for cluster admin user: `alok`\nSo that cluster operation can be performed by running `kubectl` remotely\n```shell\nscp yaml/home-user-rback-cluster-admin-user.yaml alok@jgte:yaml/\n```\n```shell\nssh alok@jgte \"kubectl apply -f yaml/home-user-rback-cluster-admin-user.yaml\"\n```\n#### Setup remote user alok\n[Please refer here](https://github.com/alokkusingh/RaspberryPi-Kubernetes/blob/main/README.md#create-remote-user---alok)\n\n---\n### Node Taint\n#### Master Node\nat the end - to remove\n```shell\nkubectl taint nodes jgte nodeType=master:NoSchedule-\n```\n#### Worker Node\nat the end - to remove\n```shell\nkubectl taint nodes khbr nodeType=worker:NoSchedule-\n```\n### Kubernetes Dashboard\n```shell\nkubectl apply -f yaml/kubernetes-dashboard.yaml\n```\n```text\nNote: the dashboard service type is LoadBalancer and host IP (static) is assigned. The Dashboard can be access directly - https://jgte:8443/\n```\n```shell\nkubectl delete -f yaml/kubernetes-dashboard.yaml\n```\n```shell\nkubectl get all --namespace kubernetes-dashboard\n```\n```shell\nkubectl get svc --namespace kubernetes-dashboard\n```\n```shell\nkubectl apply -f yaml/kubernetes-dashboard-rback-dashboard-admin-user.yaml\n```\n```shell\nkubectl create token k8s-dashboard-admin-user --duration=999999h -n kubernetes-dashboard\n```\n```shell\nkubectl apply -f yaml/kubernetes-dashboard-rback-cluster-admin-user.yaml\n```\n```shell\nkubectl create token k8s-dashboard-cluster-admin-user --duration=999999h -n kubernetes-dashboard\n```\n```text\nNotes:\n- the last one doesnt have workloads get role\n- use one of this token for Kubernetes Dashboard login\n```\n---\n### Kubernetes Metrics Server\n```shell\nkubectl apply -f yaml/metrix-server.yaml\n```\n```shell\nkubectl delete -f yaml/metrix-server.yaml\n```\n```shell\nkubectl get deployment metrics-server -n kube-system\n```\n```shell\nkubectl top nodes\n```\n---\n### Create ConfigMap\n```shell\nkubectl apply -f yaml/config-map.yaml\n```\nNote: add/update below configs from backup `~/k8s`\n1. home-api-cofig (home-stack)\n 2. iot-secure-keystore-password\n 3. iot-secure-truststore-password\n4. home-auth-cofig (home-stack)\n 5. application-security-jwt-secret \n 6. oauth-google-client-id\n 7. logging-level-com-alok\n8. home-etl-cofig (home-stack)\n 9. git-bearer-token\n### Create Secrets\n```shell\nkubectl apply -f yaml/secrets.yaml\n```\n### Create Network policy\n```shell\nkubectl apply -f yaml/networkpolicy.yaml\n```\n---\n### MySQL Service - Pod/Deployment/Service\n```shell\nssh alok@jgte mkdir -p /home/alok/data/mysql\n```\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/mysql-service.yaml \n```\n```shell\nkubectl apply -f yaml/mysql-service.yaml\n```\n```shell\nkubectl delete -f yaml/mysql-service.yaml\n```\n```shell\nkubectl exec -it pod/mysql-0 --namespace home-stack-db -- mysql -u root -p\u003c\u003cpassword\u003e\u003e\n```\n```\nCREATE DATABASE `home-stack`;\n```\n```shell\nkubectl exec -it pod/mysql-0 --namespace home-stack-db -- mysql -u root -p home-stack\n```\n```shell\nkubectl logs pod/mysql-0 --namespace home-stack-db\n```\n```shell\nmysql -u root -p home-stack --host 127.0.0.1 --port 32306\n```\n**Note:**\n\u003eRun liquibase to create batch tables and add application users and roles\n\n\u003e[Follow the link to configure sqldeveloper on Mac to connect to MySQL server remotely](https://cybercafe.dev/setup-mysql-and-sql-developer-on-macos/ \"https://cybercafe.dev/setup-mysql-and-sql-developer-on-macos/\")\n---\n### Home Network Troubleshoot - Pod/Statefulset/Service\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/home-nw-tshoot.yaml \n```\n```shell\nkubectl apply -f yaml/home-nw-tshoot.yaml --namespace=home-stack\n```\n```shell\nkubectl delete -f yaml/home-nw-tshoot.yaml --namespace=home-stack\n```\n```shell\nkubectl exec -it pod/home-nw-tshoot-deployment-0 --namespace home-stack -- zsh\n```\n---\n### Home API Service - Pod/Deployment/Service\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/home-api-service.yaml \n```\n```shell\nkubectl apply -f yaml/home-api-service.yaml --namespace=home-stack\n```\n```shell\nkubectl delete -f yaml/home-api-service.yaml --namespace=home-stack\n```\n```shell\nkubectl exec -it pod/home-api-deployment-0 --namespace home-stack -- bash\n```\n```shell\nkubectl exec -it pod/home-api-deployment-0 --namespace home-stack -- tail -f /opt/logs/application.log\n```\n```shell\nkubectl logs pod/home-api-deployment-0 --namespace home-stack\n```\n```shell\nkubectl rollout restart statefulset.apps/home-api-deployment -n home-stack\n```\n---\n### Home Email Service - Pod/Deployment/Service\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/home-email-service.yaml \n```\n```shell\nkubectl apply -f yaml/home-email-service.yaml --namespace=home-stack\n```\n```shell\nkubectl delete -f yaml/home-email-service.yaml --namespace=home-stack\n```\n### Home Auth Service - Pod/Deployment/Service\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/home-auth-service.yaml \n```\n```shell\nkubectl apply -f yaml/home-auth-service.yaml --namespace=home-stack\n```\n```shell\nkubectl delete -f yaml/home-auth-service.yaml --namespace=home-stack\n```\n```shell\nkubectl exec -it pod/home-auth-deployment-0 --namespace home-stack -- bash\n```\n```shell\nread instance\n```\n```shell\nkubectl exec -it pod/home-auth-deployment-$instance --namespace home-stack -- tail -f /opt/logs/application.log\n```\n```shell\nkubectl logs pod/home-auth-deployment-$instance --namespace home-stack\n```\n```shell\nkubectl rollout restart statefulset.apps/home-api-deployment -n home-stack\n```\n---\n### Home Analytics Service - Pod/Deployment/Service\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/home-analytics-service.yaml \n```\n```shell\nkubectl apply -f yaml/home-analytics-service.yaml --namespace=home-stack\n```\n```shell\nkubectl delete -f yaml/home-analytics-service.yaml --namespace=home-stack\n```\n```shell\nread instance\n```\n```shell\nkubectl logs pod/home-analytics-deployment-$instance --namespace home-stack\n```\n```shell\nkubectl exec -it pod/home-analytics-deployment-$instance --namespace home-stack -- bash\n```\n---\n### Home Search Service - Pod/Deployment/Service\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/home-search-service.yaml \n```\n```shell\nkubectl apply -f yaml/home-search-service.yaml --namespace=home-stack\n```\n```shell\nkubectl delete -f yaml/home-search-service.yaml --namespace=home-stack\n```\n```shell\nread instance\n```\n```shell\nkubectl logs pod/home-search-deployment-$instance --namespace home-stack\n```\n```shell\nkubectl exec -it pod/home-search-deployment-$instance --namespace home-stack -- bash\n```\n### Home Event Service - Pod/Deployment/Service\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/home-event-service.yaml \n```\n```shell\nkubectl apply -f yaml/home-event-service.yaml --namespace=home-stack\n```\n```shell\nkubectl delete -f yaml/home-event-service.yaml --namespace=home-stack\n```\n```shell\nread instance\n```\n```shell\nkubectl logs pod/home-event-deployment-$instance --namespace home-stack\n```\n```shell\nkubectl exec -it pod/home-event-deployment-$instance --namespace home-stack -- bash\n```\n---\n### Home ETL Service - Pod/Statefulset/Service\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/home-etl-service.yaml \n```\n```shell\nkubectl apply -f yaml/home-etl-service.yaml --namespace=home-stack\n```\n```shell\nkubectl delete -f yaml/home-etl-service.yaml --namespace=home-stack\n```\n```shell\nkubectl exec -it pod/home-etl-deployment-0 --namespace home-stack -- bash\n```\n```shell\nkubectl exec -it pod/home-etl-deployment-0 --namespace home-stack -- tail -f /opt/logs/application.log\n```\n```shell\nkubectl logs pod/home-etl-deployment-0 --namespace home-stack\n```\n```shell\nkubectl rollout restart statefulset.apps/home-api-deployment -n home-stack\n```\n---\n### Home GIT Commit CronJob (retired)\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/git-commit-cronjob.yaml \n```\n```shell\nkubectl apply -f yaml/git-commit-cronjob.yaml --namespace=home-stack\n```\n```shell\nkubectl delete -f yaml/git-commit-cronjob.yaml --namespace=home-stack\n```\n---\n### Dashboard Service - Pod/Deployment/Service\n```shell\nkubectl apply -f yaml/dashboard-nginx-config-map.yaml\n```\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/dashboard-service.yaml \n```\n```shell\nkubectl apply -f yaml/dashboard-service.yaml\n```\n```shell\nkubectl delete -f yaml/dashboard-service.yaml\n```\n```shell\nkubectl exec -it deployment.apps/dashboard-deployment --namespace home-stack-dmz -- /bin/sh\n```\n```shell\nkubectl logs deployment.apps/dashboard-deployment --namespace home-stack-dmz\n```\n---\n### Jaeger Service\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/jaeger-all-in-one-template.yml \n```\n```shell\nkubectl apply -f yaml/jaeger-all-in-one-template.yml --namespace=home-stack\n```\n```shell\nkubectl delete -f yaml/jaeger-all-in-one-template.yml --namespace=home-stack\n```\n---\n### Mosquitto MqTT Service\n```shell\nkubectl apply -f yaml/iot-config-map.yaml\n```\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/mosquitto-service.yaml \n```\n```shell\nkubectl create secret tls mosquitto-secret --cert=../iot-home-stack/secret/server.crt --key=../iot-home-stack/secret/server.key --namespace=home-stack-iot\n```\n```shell\nkubectl create secret generic mosquitto-ca-secret --from-file=../iot-home-stack/secret/mqtt-signer-ca.crt --namespace=home-stack-iot\n```\n```shell\nkubectl delete secret mosquitto-acl-secret --namespace=home-stack-iot\n```\n```shell\nkubectl create secret generic mosquitto-acl-secret --from-file=../iot-home-stack/secret/acl.conf --namespace=home-stack-iot\n```\n```shell\nkubectl apply -f yaml/iot-mosquitto-service.yaml --namespace=home-stack-iot\n```\n```shell\nkubectl delete -f yaml/iot-mosquitto-service.yaml --namespace=home-stack-iot\n```\n### IoT Telemetry Service\n```shell\nkubectl apply -f yaml/iot-telemetry-config-map.yaml\n```\n```shell\nkubectl create secret generic iot-telemetry-secret --from-file=keystore.jks=../iot-home-stack/secret/mqtt.client.home-telemetry-svc.jks --namespace=home-stack-iot\n```\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/iot-telemetry-service.yaml \n```\n```shell\nkubectl apply -f yaml/iot-telemetry-service.yaml --namespace=home-stack-iot\n```\n```shell\nkubectl delete -f yaml/iot-telemetry-service.yaml --namespace=home-stack-iot\n```\n---\n### Delete Stack\n```\nkubectl delete namespace home-stack-dmz\n```\n```\nkubectl delete namespace home-stack \n```\n```\nkubectl delete namespace home-stack-db \n```\n---\n\n## Ingress\n### Ingress Create\n```shell\nkubectl apply -f yaml/ingress.yaml\n```\n### Ingress Delete\n```shell\nkubectl delete -f yaml/ingress.yaml\n```\n### Ingress Describe\n```shell\nkubectl get ingress -n home-stack-dmz\n```\n```shell\nkubectl describe ingress -n home-stack-dmz\n```\n```shell\nkubectl describe ingress ingress-home-jgte --namespace home-stack-dmz\n```\n```shell\nkubectl get all --namespace ingress\n```\n```shell\nkubectl describe daemonset.apps/nginx-ingress-microk8s-controller --namespace ingress\n```\n```shell\nkubectl describe pod/nginx-ingress-microk8s-controller-8wmwc --namespace ingress \n```\n### Ingress Logs\n```shell\nkubectl get all --namespace ingress\n```\n```shell\nkubectl logs nginx-ingress-microk8s-controller-8wmwc --namespace ingress\n```\n---\n## Horizontal Autoscaling\n### Create Horizontal Pod Autoscaler\n```shell\nkubectl apply --validate=true --dry-run=client -f yaml/home-hpa.yaml\n```\n```shell\nkubectl apply -f yaml/home-hpa.yaml --namespace=home-stack\n```\n```shell\nkubectl get hpa\n```\n```shell\nkubectl describe hpa home-auth-hpa\n```\n```shell\nkubectl describe hpa home-api-hpa\n```\n```shell\nkubectl describe hpa home-analytics-hpa\n```\n### Manually Autoscale\n```shell\nkubectl autoscale deployment dashboard-deployment --min=2 --max=3 -n home-stack\n```\n```shell\nkubectl get hpa --namespace home-stack\n```\n\n### Update Scale to 1\n```shell\nkubectl edit hpa dashboard-deployment --namespace home-stack\n```\n```shell\nkubectl scale -n home-stack deployment dashboard-deployment --replicas=1\n```\n---\n## Miscellaneous commands\n### Client and Server version\n```shell\nkubectl version --output=json\n```\n### API Resources\n```shell\nkubectl api-resources\n```\n### Get Node Details\nThis gives details about nodes including images in local\n```shell\nkubectl get nodes -o yaml\n```\n```shell\nkubectl describe nodes\n```\n```shell\nkubectl get ResourceQuota\n```\n### Get Cluster Dump\nThis gives cluster dump including all pods log\n```shell\nkubectl cluster-info dump \u003e ~/k8s/cluster-dump.log\n```\n### Get all from all namespaces\n```shell\nkubectl get all --all-namespaces\n```\n### Get all Services\n```shell\nkubectl get svc --all-namespaces \n```\n### Describe a Service\n```shell\nkubectl describe svc dashboard-service --namespace home-stack-dmz\n```\n```shell\nkubectl describe svc kubernetes-dashboard --namespace kubernetes-dashboard\n```\n### Get Pod Log\n```shell\nkubectl logs pod/dashboard-deployment-65cf5b8858-7x8z8 --namespace home-stack\n```\n### Describe a Pod\n```shell\nkubectl describe pod home-etl-deployment-0 --namespace=home-stack\n```\n### top a pod\n```shell\nkubectl top pods\n```\n```shell\nkubectl top pod home-etl-deployment-0 --containers\n```\n### Get All Pods under All Namespaces\n```shell\nkubectl get po -A -o wide\n```\n### Describe a spec\n```shell\nkubectl api-resources \n```\n```shell\nkubectl explain --api-version=\"networking.k8s.io/v1\" NetworkPolicy.spec\n```\n```shell\nkubectl explain --api-version=\"networking.k8s.io/v1\" NetworkPolicy.spec.ingress\n```\n```shell\nkubectl explain --api-version=\"batch/v1beta1\" cronjobs.spec\n```\n```shell\nkubectl get crd \n```\n```shell\nkubectl explain --api-version=\"apiregistration.k8s.io/v1\" APIService\n```\n```shell\nkubectl explain --api-version=\"apiextensions.k8s.io/v1\" CustomResourceDefinition\n```\n### List all Docker images in Microk8s cluster (within the cluster node)\n```shell\nsudo microk8s ctr images ls\n```\n### Prune Docker Images from Microk8s CLuster\n#### Install crictl\n```shell\nVERSION=\"v1.26.0\" # check latest version in /releases page\ncurl -L https://github.com/kubernetes-sigs/cri-tools/releases/download/$VERSION/crictl-${VERSION}-linux-arm64.tar.gz --output crictl-${VERSION}-linux-arm64.tar.gz\nsudo tar zxvf crictl-$VERSION-linux-arm64.tar.gz -C /usr/local/bin\nrm -f crictl-$VERSION-linux-arm64.tar.gz\n```\n#### Configure crictl for Microk8s\n```shell\nsudo vim /etc/crictl.yaml \n```\n```shell\nruntime-endpoint: unix:///var/snap/microk8s/common/run/containerd.sock\nimage-endpoint: unix:///var/snap/microk8s/common/run/containerd.sock\ntimeout: 10\ndebug: true\n```\n#### Prune Images\n```shell\nsudo crictl rmi --prune\n```\n\nkubectl cheat sheet - https://kubernetes.io/docs/reference/kubectl/cheatsheet/\n\n---\n## Service Mesh - Istio\n### Install\n\n---\n\u003eTo be explored - seems microk8s isteo addon not supported for ARMx64 architecture. Where the same is supported for minikube.\n---\n## Backup\n### Config Map\nThis is needed as some config items are directly updated in the cluster through Kubernetes Dashboard for security reason\n```shell\nkubectl get configmap --namespace=home-stack stmt-parser-cofig -o yaml \u003e ~/k8s/stmt-parser-cofig.yaml\nkubectl get configmap --namespace=home-stack home-etl-cofig -o yaml \u003e ~/k8s/home-etl-cofig.yaml\nkubectl get configmap --namespace=home-stack home-api-cofig -o yaml \u003e ~/k8s/home-api-cofig.yaml\nkubectl get configmap --namespace=home-stack home-auth-cofig -o yaml \u003e ~/k8s/home-auth-cofig.yaml\nkubectl get configmap --namespace=home-stack dashboard-cofig -o yaml \u003e ~/k8s/dashboard-cofig.yaml\nkubectl get configmap --namespace=home-stack home-common-cofig -o yaml \u003e ~/k8s/home-common-cofig.yaml\nkubectl get configmap --namespace=home-stack-dmz nginx-conf -o yaml \u003e ~/k8s/nginx-conf.yaml\nkubectl get configmap --namespace=home-stack home-email-cofig -o yaml \u003e ~/k8s/home-email-cofig.yaml\n```\n### Secrets\nThis is needed as some secret items are directly updated in the cluster through Kubernetes Dashboard for security reason\n```shell\nkubectl get secrets --namespace=home-stack mysql-secrets -o yaml \u003e ~/k8s/mysql-secrets.yaml\nkubectl get secrets --namespace=home-stack-db mysql-secrets -o yaml \u003e ~/k8s/mysql-secrets-db.yaml\n```\n---\n## Network Monitoring\n### Kubeshark\n#### Start Monitoring Pods\n```shell\nkubeshark tap\n```\nKubeshark dashboard is accessible using http://localhost:8899\n#### Stop Monitoring Pods\n```shell\nkubeshark clean\n```\n---\n## Deployment Architecture\n![alt text](https://github.com/alokkusingh/home-stack/blob/main/draw-io/image/HomeStack.drawio.png)\n\n### Services\n\n| Application | Description | Service Type | Deployment/StatefulSet/CronJob/DaemonSet | URL | Comments |\n|---------------------------|------------------------------------------------------------|--------------------------|------------------------------------------|------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------|\n| Home ETL Service | ETL for bank statement and other sources | ClusterIP (Headless) | StatefulSet | /home/etl | NA |\n| Home Auth Service | Home AuthN and AuthZ service | ClusterIP | Deployment | /home/api | GraalVM based native Image |\n| Home API Service | API for Bank/Expense/Tax/Investment/etc... | ClusterIP | Deployment | /home/api | GraalVM based native Image |\n| Home Analytics Service | gRPC interface to categorize expense | ClusterIP | Deployment | /home/api | GraalVM based native Image |\n| Home Email Service | IMAP to read bank transactions and SMTP to send mail | ClusterIP | Deployment | /home/api | GraalVM based native Image |\n| Home Dashboard | ReactJS App on Nginx | NodePort | Deployment | http://jgte:30080 or https://jgte | - For multinode deployment Interface has to be changed to ClusterIP and put behind Ingress - externalTrafficPolicy: Local to disable SNATing |\n| Home GIT Cronjob | Cronjob to update GIT with uploaded statement (not in use) | None | CronJob | NA | NA |\n| Database | MySQL | NodePort | StatefulSet | jdbc:mysql://mysql:3306/home-stack | - NodePort because I want to access SQL from outside of the cluster |\n| Kubernetes Dashboard | | LoadBalancer (static IP) | Deployment | https://jgte:8443/ | |\n| Kubernetes Matrix | Generating resource utilization matrix | ClusterIP | Deployment | NA | |\n| Kubernetes Matrix Scraper | Matrix scrapper from pods | ClusterIP | Deployment | NA | |\n| Jaeger Dashboard | | NodePort | Deployment | http://jgte:31686/ | |\n| Ingress Controller | Nginx Ingress Controller | NodePort | DaemonSet | Port: 443 | API/ETL/Dashboard are behind Nginx but still we have Dashboard accessible directly (from mobile cant access host name - require local DNS server) |\n\n---\n```mermaid\ngraph LR\n A[Write Code] --\u003e B{Does it work?}\n B -- Yes --\u003e C[Great!]\n B -- No --\u003e D[Google]\n D --\u003e A\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falokkusingh%2Fhome-stack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Falokkusingh%2Fhome-stack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Falokkusingh%2Fhome-stack/lists"}