Main Menu

Search

KUBERNETES: Operating System Commands To Validate Kubernetes Related OS Settings For Comparing and Troubleshooting Issues

This document provides useful Operating system level commands for validating following OS settings related to Kubernetes

  • firewalld
  • selinux
  • rpm packages list 
  • iptables & iptable nat rules
  • system level settings - sysctl -a output
  • Operating system release and kernel versions
  • List of all the services on the operating system
  • All the repositories that are enabled and disabled
  • Swap settings
  • Loaded modules (modprobe settings)
  • Sudo users 

Commands listed in this document will come in handy to troubleshoot Kubernetes issues where Kubernetes environment was working before and broken recently. For e.g. any issues post the OS patching, Kubernetes upgrade or other changes etc. 

If there are plans to do any upgrade or maintenance, it is good to capture these outputs on the Kubernetes nodes before the upgrade and after the upgrade/maintenance. In case there are any issues after upgrade/maintenance you can capture the command outputs again and compare whats changed.

Following are the list of commands to use.

List the loaded modules

lsmod

List all the system level settings (sysctl settings)

sysctl -a

Capture the kernel version

uname -a

Capture Operating system release version.

cat /etc/*release*

Capture and save the current IP tables.

iptables-save

Capture the current IP tables NAT rules.

iptables -L -t nat -vn --line-number

List all the system level services which are enabled/disabled/stopped/started

systemctl list-unit-files

Validate SELinux status

sestatus

List all the firewalld rules

sudo firewall-cmd --list-all-zones

Validate swap settings to see if it is disabled

cat /proc/swaps

List all the Yum/DNF repositories which are enabled and disabled.

sudo dnf repolist all

List all the rpm packages that are installed and when they were last updated

rpm -qa --last

Get the list of all the users

getent passwd

Capture the current sshd config settings

cat /etc/ssh/sshd_config

Capture the current sudoers configuration file

cat /etc/sudoers

Capture the current sudoer users info

ls -lrt /etc/sudoers.d/*

Validate the current users which have sudoer permissions

getent passwd | cut -f1 -d: | sudo xargs -L1 sudo -l -U | grep -v 'not allowed'


Keywords

OS operating system systems OS command commands validating checking check compare comparison maintenance outage window changed changes changing troubleshoot debug debugging broke broken issues problem problems
Tags: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)