Kubernetes Libraries
The Kubernetes libraries provide functions for namespace management, secret operations, pod health checks, and build infrastructure management. They abstract kubectl commands behind safe, idempotent functions.
Source: scripts/lib/k8s/
namespace.sh -- Namespace Management
Module: scripts/lib/k8s/namespace.sh
Functions
| Function | Description |
|---|---|
k8s_ns_exists | Check if a namespace exists |
k8s_ns_ensure | Create namespace if not exists, with optional labels |
k8s_ns_create | Create namespace with standard MATIH labels |
Standard Labels
All namespaces created by MATIH scripts include:
app.kubernetes.io/component=<component>
app.kubernetes.io/managed-by=matihsecrets.sh -- Secret Management
Module: scripts/lib/k8s/secrets.sh
Functions
| Function | Description |
|---|---|
k8s_secret_exists | Check if a secret exists in a namespace |
k8s_secret_create | Create a generic secret with key=value pairs |
k8s_secret_get | Read a secret value |
k8s_secret_delete | Delete a secret |
All functions are idempotent -- creating an existing secret is a no-op.
dev-secrets.sh -- Dev Environment Secrets
Module: scripts/lib/k8s/dev-secrets.sh
Creates development environment secrets with predictable values for local and dev cluster testing. These secrets are NOT used in production (ESO manages production secrets).
Created Secrets
| Secret | Namespace | Purpose |
|---|---|---|
postgresql | matih-control-plane | PostgreSQL credentials |
postgresql | matih-data-plane | PostgreSQL credentials |
redis | matih-control-plane | Redis password |
mlflow-s3-credentials | matih-data-plane | MinIO access for MLflow |
db-credentials | matih-data-plane | Application database credentials |
health.sh -- Pod Health Checks
Module: scripts/lib/k8s/health.sh
Functions
| Function | Description |
|---|---|
k8s_pods_ready | Check if all pods matching a selector are Ready |
k8s_wait_pods | Wait for pods to become Ready with timeout |
k8s_get_failing_pods | List pods in error states |
k8s_diagnose_pod | Get detailed diagnostic info for a failing pod |
Wait Pattern
# Wait up to 180 seconds for Spark Operator pods
k8s_wait_pods "matih-data-plane" "app.kubernetes.io/name=spark-operator" 180 1build.sh -- Build Infrastructure
Module: scripts/lib/k8s/build.sh
Manages Kubernetes resources used during the build process (e.g., build pods, PVCs).
nodepool.sh -- Nodepool Management
Module: scripts/lib/k8s/nodepool.sh
Manages AKS nodepool scaling for build and GPU workloads.
Related Pages
- Core Libraries -- Configuration and logging
- Azure Libraries -- AKS-specific operations
- Helm Libraries -- Helm deployment functions