title | layout | weight |
---|---|---|
Kubernetes/EKS cheatsheet |
multipage_layout |
5 |
This page lists some example commands for interacting with the GOV.UK Kubernetes clusters.
See https://kubernetes.io/docs/reference/kubectl/quick-reference/ for a more general quick-reference guide.
-
You need to have completed Access an EKS cluster from the get started guide. If you skimmed those instructions, make sure you have configured your shell:
export AWS_REGION=eu-west-1 alias k=kubectl
-
Obtain credentials to access the cluster. Use an IAM role with sufficient permissions:
-readonly
roles can view logs and configuration-poweruser
roles can run Rake tasks or open a shell-administrator
roles can modify base cluster services (you should not normally need this)
For example:
# Obtain IAM credentials for the AWS account (integration, staging, production). eval $(gds aws govuk-integration-poweruser -e --art 8h) # Select the corresponding kubectl context. `k config get-contexts` lists them. k config use-context integration # Use the `apps` namespace by default. You only need to do this the first # time you use each cluster. k config set-context --current --namespace=apps
From one pod, chosen arbitrarily:
k logs deploy/account-api
From all pods:
k logs -l app=account-api
k exec -it deploy/router-api -- rails c
k exec -it deploy/government-frontend -- bash
k exec -it deploy/router -c nginx
k exec deploy/email-alert-api -- rake -T
k exec deploy/email-alert-api -- \
rake 'support:view_emails[your.email@digital.cabinet-office.gov.uk]'
- The Release app shows what's deployed where.
- Deployment automation is via Argo CD. Post-deploy smoke tests run via Argo Workflows.
- To deploy a branch or manually promote a release:
- Go to the app's repo in GitHub.
- Choose Actions.
- Choose Deploy from the left-hand column.
- Click Run workflow.
- Leave the Use workflow from dropdown set to
main
, unless you are testing a change to the workflow itself. - Under Commit, tag or branch name to deploy, enter the branch or release tag.
Argo Workflows keeps logs only for failed workflow tasks.
The Smokey cronjob keeps the last 3 successes and the last 3 failures.
Dashboards are on Grafana.
You can see Sidekiq queue lengths on the Sidekiq Grafana dashboard.