{ "k8s Ingress with TLS": { "prefix": "k-ingress-tls", "description": "k8s Ingress with TLS", "body": [ "# https://kubernetes.io/docs/concepts/services-networking/ingress/#tls", "apiVersion: v1", "kind: Secret", "metadata:", " name: ${1:testsecret-tls}", " namespace: ${2:default}", "type: kubernetes.io/tls", "# The TLS secret must contain keys named 'tls.crt' and 'tls.key' that contain the certificate and private key to use for TLS.", "data:", " tls.crt: base64 encoded cert", " tls.key: base64 encoded key", "", "---", "apiVersion: networking.k8s.io/v1", "kind: Ingress", "metadata:", " name: ${3:tls-example-ingress}", " namespace: ${2:default}", "spec:", " tls:", " - hosts:", " - ${4:https-example.foo.com}", " secretName: ${1:testsecret-tls}", " rules:", " - host: ${4:https-example.foo.com}", " http:", " paths:", " - path: /${5}", " pathType: Prefix", " backend:", " service:", " name: ${6:service1}", " port:", " number: ${7:80}", "---", "$0" ] }, "k8s Ingress": { "prefix": "k-ingress", "description": "k8s Ingress", "body": [ "# https://kubernetes.io/docs/concepts/services-networking/ingress/", "apiVersion: networking.k8s.io/v1", "kind: Ingress", "metadata:", " name: ${1:example-ingress}", " namespace: ${2:default}", "spec:", " rules:", " - host: ${3:example.foo.com}", " http:", " paths:", " - path: /${4}", " pathType: ${5|Prefix,Exact|}", " backend:", " service:", " name: ${6:service1}", " port:", " number: ${7:80}", "---", "$0" ] }, "k8s Ingress with Rewrite rule": { "prefix": "k-ingress-rewrite", "description": "k8s Ingress with Rewrite rule", "body": [ "# https://kubernetes.io/docs/concepts/services-networking/ingress/", "apiVersion: networking.k8s.io/v1", "kind: Ingress", "metadata:", " name: ${1:example-ingress}", " namespace: ${2:default}", " # https://kubernetes.github.io/ingress-nginx/examples/rewrite/", " annotations:", " nginx.ingress.kubernetes.io/rewrite-target: /\\$1", "spec:", " rules:", " - host: ${3:example.foo.com}", " http:", " paths:", " - path: ${4:/api/(.*)}", " pathType: Prefix", " backend:", " service:", " name: ${5:service1}", " port:", " number: ${6:80}", "---", "$0" ] }, "k8s Deployment": { "prefix": "k-deployment", "description": "k8s Deployment", "body": [ "# https://kubernetes.io/docs/concepts/workloads/controllers/deployment/", "apiVersion: apps/v1", "kind: Deployment", "metadata:", " name: ${1:myjob}", " namespace: ${2:default}", " labels:", " app: ${1:myjob}", "spec:", " selector:", " matchLabels:", " app: ${1:myjob}", " replicas: 1", " strategy:", " rollingUpdate:", " maxSurge: 25%", " maxUnavailable: 25%", " type: RollingUpdate", " template:", " metadata:", " annotations:", " kubectl.kubernetes.io/default-container: ${1:myjob}", " labels:", " app: ${1:myjob}", " spec:", " # initContainers:", " # Init containers are exactly like regular containers, except:", " # - Init containers always run to completion.", " # - Each init container must complete successfully before the next one starts.", " containers:", " - name: ${1:myjob}", " image: ${3:myjob:latest}", " imagePullPolicy: ${4|IfNotPresent,Always,Never|}", " resources:", " requests:", " cpu: 100m", " memory: 100Mi", " limits:", " cpu: 100m", " memory: 100Mi", " livenessProbe:", " tcpSocket:", " port: ${5:80}", " initialDelaySeconds: 5", " timeoutSeconds: 5", " successThreshold: 1", " failureThreshold: 3", " periodSeconds: 10", " readinessProbe:", " httpGet:", " path: /_status/healthz", " port: ${5:80}", " initialDelaySeconds: 5", " timeoutSeconds: 2", " successThreshold: 1", " failureThreshold: 3", " periodSeconds: 10", " env:", " - name: DB_HOST", " valueFrom:", " configMapKeyRef:", " name: ${1:myjob}", " key: DB_HOST", " ports:", " - containerPort: ${5:80}", " name: ${1:myjob}", " volumeMounts:", " - name: localtime", " mountPath: /etc/localtime", " volumes:", " - name: localtime", " hostPath:", " path: /usr/share/zoneinfo/Asia/Taipei", " restartPolicy: Always", "---", "$0" ] }, "k8s Service": { "prefix": "k-service", "description": "k8s Service", "body": [ "# https://kubernetes.io/docs/concepts/services-networking/service/", "apiVersion: v1", "kind: Service", "metadata:", " name: ${1:myjob}", " namespace: ${2:default}", "spec:", " selector:", " app: ${1:myjob}", " type: ${3|ClusterIP,NodePort,LoadBalancer|}", " ports:", " - name: ${1:myjob}", " protocol: ${4|TCP,UDP|}", " port: ${5:80}", " targetPort: ${6:5000}", " nodePort: ${7:30001}", "---", "$0" ] }, "k8s ConfigMap": { "prefix": "k-configmap", "description": "k8s ConfigMap", "body": [ "# https://kubernetes.io/docs/concepts/configuration/configmap/", "apiVersion: v1", "kind: ConfigMap", "metadata:", " name: ${1:myconfig}", " namespace: ${2:default}", "data:", " ${3:key}: ${4:value}", "---", "$0" ] }, "k8s Secret": { "prefix": "k-secret", "description": "k8s Secret", "body": [ "# https://kubernetes.io/docs/concepts/configuration/secret/", "apiVersion: v1", "kind: Secret", "metadata:", " name: ${1:mysecret}", " namespace: ${2:default}", "type: Opaque", "data:", " # Example:", " # password: {{ .Values.password | b64enc }}", "---", "$0" ] }, "k8s Job": { "prefix": "k-job", "description": "k8s Job", "body": [ "# https://kubernetes.io/docs/concepts/workloads/controllers/job/", "apiVersion: batch/v1", "kind: Job", "metadata:", " name: ${1:myjob}", " namespace: ${2:default}", " labels:", " app: ${1:myjob}", "spec:", " template:", " metadata:", " name: ${1:myjob}", " labels:", " app: ${1:myjob}", " spec:", " containers:", " - name: ${1:myjob}", " image: ${3:python:3.7.6-alpine3.10}", " command: ['sh', '-c', '${4:python3 manage.py makemigrations && python3 manage.py migrate}']", " env:", " - name: ENV_NAME", " value: ENV_VALUE", " volumeMounts:", " - name: localtime", " mountPath: /etc/localtime", " volumes:", " - name: localtime", " hostPath:", " path: /usr/share/zoneinfo/Asia/Taipei", " restartPolicy: OnFailure", " dnsPolicy: ClusterFirst", "---", "$0" ] }, "k8s CronJob": { "prefix": "k-cronjob", "description": "k8s CronJob", "body": [ "# https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/", "apiVersion: batch/v1", "kind: CronJob", "metadata:", " name: ${1:cronjobname}", " namespace: ${2:default}", "spec:", " schedule: \"${3:*/1 * * * *}\"", " jobTemplate:", " spec:", " template:", " spec:", " containers:", " - name: ${4:jobname}", " image: ${5:busybox}", " args: ['/bin/sh', '-c', '${6:date; echo Hello from the Kubernetes cluster}']", " restartPolicy: OnFailure", "---", "$0" ] }, "k8s Pod": { "prefix": "k-pod", "description": "k8s Pod", "body": [ "# https://kubernetes.io/docs/concepts/workloads/pods/", "apiVersion: v1", "kind: Pod", "metadata:", " name: \"${1:myapp}\"", " namespace: ${2:default}", " labels:", " annotations:", " kubectl.kubernetes.io/default-container: ${1:myapp}", " app: \"${1:myapp}\"", "spec:", " containers:", " - name: ${1:myapp}", " image: \"${3:debian-slim:latest}\"", " resources:", " limits:", " cpu: 200m", " memory: 500Mi", " requests:", " cpu: 100m", " memory: 200Mi", " env:", " - name: DB_HOST", " valueFrom:", " configMapKeyRef:", " name: myapp", " key: DB_HOST", " ports:", " - containerPort: ${4:80}", " name: http", " volumeMounts:", " - name: localtime", " mountPath: /etc/localtime", " volumes:", " - name: localtime", " hostPath:", " path: /usr/share/zoneinfo/Asia/Taipei", " restartPolicy: Always", "---", "$0" ] }, "k8s PersistentVolumeClaim": { "prefix": "k-pvc", "description": "k8s PersistentVolumeClaim", "body": [ "# https://kubernetes.io/docs/concepts/storage/persistent-volumes/", "apiVersion: v1", "kind: PersistentVolumeClaim", "metadata:", " name: ${1:myapp}", " namespace: ${2:default}", " labels:", " app: ${1:myapp}", "spec:", " # AKS: default,managed-premium", " # GKE: standard", " # EKS: gp2 (custom)", " # Rook: rook-ceph-block,rook-ceph-fs", " storageClassName: ${3|default,managed-premium,standard,gp2,rook-ceph-block,rook-ceph-fs|}", " accessModes:", " - ${4|ReadWriteOnce,ReadWriteMany,ReadOnlyMany|}", " resources:", " requests:", " storage: ${5:2Gi}", "---", "$0" ] }, "k8s DaemonSet": { "prefix": "k-daemonset", "description": "k8s DaemonSet", "body": [ "# https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/", "apiVersion: apps/v1", "kind: DaemonSet", "metadata:", " name: ${1:myapp}", " namespace: ${2:default}", " labels:", " app: ${1:myapp}", "spec:", " selector:", " matchLabels:", " app: ${1:myapp}", " template:", " metadata:", " annotations:", " kubectl.kubernetes.io/default-container: ${1:myapp}", " labels:", " app: ${1:myapp}", " spec:", " tolerations:", " # this toleration is to have the daemonset runnable on master nodes", " # remove it if your masters can't run pods", " - key: node-role.kubernetes.io/master", " effect: NoSchedule", " containers:", " - name: ${1:myapp}", " image: ${3:debian}", " resources:", " limits:", " memory: 200Mi", " requests:", " cpu: 100m", " memory: 200Mi", " volumeMounts:", " - name: localtime", " mountPath: /etc/localtime", " terminationGracePeriodSeconds: 30", " volumes:", " - name: localtime", " hostPath:", " path: /usr/share/zoneinfo/Asia/Taipei", "---", "$0" ] }, "k8s StatefulSet": { "prefix": "k-statefulset", "description": "k8s StatefulSet", "body": [ "# https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/", "apiVersion: apps/v1", "kind: StatefulSet", "metadata:", " name: ${1:myapp}", " namespace: ${2:default}", "spec:", " selector:", " matchLabels:", " app: ${1:myapp} # has to match .spec.template.metadata.labels", " serviceName: \"${1:myapp}\"", " replicas: ${3:3} # by default is 1", " template:", " metadata:", " annotations:", " kubectl.kubernetes.io/default-container: ${1:myapp}", " labels:", " app: ${1:myapp} # has to match .spec.selector.matchLabels", " spec:", " terminationGracePeriodSeconds: 10", " containers:", " - name: ${1:myapp}", " image: ${4:${1:myapp}-slim:1.16.1}", " ports:", " - containerPort: ${5:80}", " name: ${1:myapp}", " volumeMounts:", " - name: ${6:www}", " mountPath: /usr/share/nginx/html", " volumeClaimTemplates:", " - metadata:", " name: ${6:www}", " spec:", " storageClassName: ${7:my-storage-class}", " accessModes:", " - ${8|ReadWriteOnce,ReadWriteMany,ReadOnlyMany|}", " resources:", " requests:", " storage: ${9:1Gi}", "---", "$0" ] } }