Questions tagged as ['kubernetes']
I'd like to upgrade my GKE cluster to enable VPC-Native networking.
For that, I'm in need of creating new GKE Cluster. While I more or less know how to migrate my own deployments there and have a general strategy to not make a disruption, one thing that I'm unable to figure out is how to migrate the traffic from one cluster to another.
Let's label the clusters as OLD-GKE one I want to migrate off of ...
As per this documentation, I have configured direct_functions to false, which allows the provider to balance traffic between replicas of OpenFaas functions. But it sends the traffic to only one replica. Without using any service mesh solution how do I archive the fairly balance the traffic to all pods that are related to one openfaas function? I have deployed OpenFaas on the EKS cluster.
In reference to this question: Run 'kubectl' commands from my localhost to GKE - but via tunnelling through a bastion host
I'm facing the very same situation. I did all that is described in the accepted answer and achieved the point where I can communicate with my cluster via kubectl with --insecure-skip-tls-verify flag. However, I want to get rid of this flag as it is not the secure option. For that I tr ...
We want to run an interactive application on AWS that should be able to read and write a common workspace directory on a shared filesystem. Our approach so far was to use EFS for the shared data, and to use a PersistentVolumeClaim to reference it. However, the dynamically provisioned PersistentVolume will always create a new empty directory on EFS.
Is it possible to pre-populate an EFS directory ...
We have an on premises Kubernetes cluster, running on nodes with hostnames node1.mycompany.local through node7.mycompany.local. We also have a database server on node16.mycompany.local, outside the Kubernetes cluster.
When a pod runs on node4 or node7, it can not resolve database domain name and fails. If I move the pod to a different node other than 4 or 7, it can connect to the database and run ...
I had to build a bare-metal Kubernetes cluster with no Internet connection for some reason.
As dockershim was deprecated, I decided to use containerd as a CRI, but the offline installation with kubeadm failed while executing kubeadm init due to timeout.
Unfortunately, an error has occurred:
timed out waiting for the condition
This error is likely caused by:
- The ku ...
How platform sensitive is Kubernetes and Docker?
That is, can I build a cluster on disparate hardware?
Suppose, for example, I have a REST api I've written in ASP.NET Core. The language and development environment is generally cross-platform.
I can then build a Docker container for my API, and I can even build a multi-arch container, so images built from my container will run on both ARM and AMD64.
...
I try to deploy the web-app akaunting to a k8s cluster.
Therefore, I converted the given (and working!) docker-compose script using kompose to k8s yaml files.
When I try to apply these files (given AKAUNTING_SETUP=true), I get the following error; I have no clue how to fix it...
Call to a member function get() on null
Setting locale en-US
Creating database tables
Connecting to database akaunting@akaunting ...
I'm wondering if I can use an EKS managed node to be the control plane for a K3s cluster deployed on an edge/IoT device, such as the Intel NUC. My goal is to have a lightweight kubernetes distro to manage containerized applications running on the NUC or theoretically any edge/IoT device, but be able to manage it from the cloud whenever there is internet connectivity.
Could I set up a k3s cluster ...
We have a deployment configured with HPA based on the CPU metric. It can work fine for days, scaling pods up and down. And then at some point looks that it ignores metric and scales to some small number of pods. Usually we resolve it by setting manually minimal number of pods that could handle traffic. And after an hour or two it starts scale again.
Here is the result of kubectl describe hpa command ...
I just deployed frontend and backend pods, and there's an issue with connectivity between them.
The backend pod is configured in the following way:
apiVersion: v1
kind: Pod
metadata:
name: af-backend-pod
labels:
name: af-backend-pod
app: adv-format
spec:
containers:
- name: af-backend
image: localhost:5000/backend:1.2
ports:
- containerPort: 4040
env:
- name: NODE_ENV ...
Azure Kubernetes - AKS - K8s version - 1.20.9.
Trying to setup multiple nginx ingress with Internal LB.
ingress controller with ingress-class -
helm install test1 ingress-nginx/ingress-nginx \
--set controller.replicaCount=1 \
--set controller.nodeSelector."beta\.kubernetes\.io/os"=linux \
--set defaultBackend.nodeSelector."beta\.kubernetes\.io/os"=linux \
--set controller.ingressCla ...
I set up a k8s cluster more or less following this guide. So I have three master and control-plane nodes. I use haproxy as load balancer with following config:
#/etc/haproxy/haproxy.cfg
#---------------------------------------------
# Global settings
#---------------------------------------------
global
log /dev/log local0
log /dev/log local1 info
daemon
#---------------------------- ...
What are the scalability strategies for an infrastructure in a cloud?, I need to prepare a scalability plan document for a cybersecurity audit
I have a NodeJS application with express.js as a backend framework deployed on cloud using Kubernetes. The K8s runs on top of an Ubuntu template. The application deployed in Kubernetes is of service type NodePort. This means the app uses the external IP address of the K8s nodes. In my case, it's currently using an external IP address of one of the master nodes.
I then assigned a DNS hostname for the appl ...
I have a private registry that I had no problem connecting to with my kubernetes cluster... but it is having to pull ~1GB image from one side of the US to the other when ever I scale up my cluster. So I have setup a docker registry service as a mirror on a Vultr instance and that is working fine.. But I cannot for the life of me figure out where I am to put the registryMirrors definition in my kubern ...
We have our database either in aws rds or azure postgres or even on a different online server based on customer.
But our product will be running in azure kubernetes as a pod and service with database details in configmap.
Before we launch our app, it is mandatory that an sql file should be running in the database as preconfiguration.
What is the best approach we can set it so that we can automate this? ...
I am trying to deploy bitnami moodle chart with custom image hosted on gitlab. When I use the registry in pod the image gets downloaded. However, when used in the chart, it gives the error below with access forbiden. Tested on minikube, and private cluster.
*Failed to pull image "registry.gitlab.com/<repo>/01976966/container/external/moodle:3.11.4-debian-10-r0": rpc error: code = Unknown desc ...
I'm running a simple bare-metal multi-master "high availability" enviroment with 2 masters and 2 workers, as well as another VM with HAProxy serving as external Load Balancer.
My question is: it is possible to access the services (dashboard, ngnix, mysql (especially mysql), etc...) from outside of the cluster, exposing them to the network with this setup that i'm running?
I've tried using MetalLB in ...
Problem: I want to create a service which can clean up another service that only runs when the node and target pod is not under heavy load on a kubernetes cluster.
Solution: Unsure, I want to try and do something that involves passing the values of kubetctl top into a pod so it can decide what to do based on current load.
Is this possible or is there another solution?
Edit: I've been asked for more clarif ...
I have setup a private cluster in azure kubernetes.
Due to which, the helm charts are failing to install.
error details:
Error: INSTALLATION FAILED: Kubernetes cluster unreachable: Get "https://testingcluster-dns-827dc1c4.10357f00-62ec-4f3f-a2b0-6d86ccd26901.privatelink.centralindia.azmk8s.io:443/version?timeout=32s": dial tcp: lookup testingcluster-dns-827dc1c4.10357f00-62ec-4f3f-a2b0-6d86ccd26901.priv ...
I have 2 kubernetes clusters in the IBM cloud, one has 2 Nodes, the other one 4.
The one that has 4 Nodes is working properly but at the other one I had to temporarily remove the worker nodes due to monetary reasons (shouldn't be payed while being idle).
When I reactivated the two nodes, everything seemed to start up fine and as long as I don't try to interact with Pods it still looks fine on the su ...
I had a Kubernetes cluster with Docker and recently migrate it to containerd, but I still want to use Docker to manage images and containers for Kubernetes because of some compatibility problems.
When using Docker as a runtime, Docker was able to load images so that Kubernetes can use it, and was able to list containers running as Kubernetes pods with docker ps command.
Even after switching to conta ...
I'm a newbie of Kubernetes and stuck by the network part.
Kubernetes documentation:
There are several ways to publish a service:
- NodePort, exposes the Service on each Node's IP at a static port (the NodePort)
- Load Balancer, Exposes the Service externally using a cloud provider's load balancer. NodePort and ClusterIP services, to which the external load balancer routes, are automatically created.
I'm trying to create an AKS service with static pre-defined public IP. For that I'm using terraform.
The important parts
resource "azurerm_public_ip" "public_ip" {
allocation_method = "Static"
location = azurerm_resource_group.rg.location
name = "${local.resource_name_prefix}-PublicIp1"
resource_group_name = azurerm_resource_group.rg.name
sku = "Standard"
tags ...
I've created a private cluster on AKS and deployed some workloads to it, but I'm not sure how to connect to the services. They are all NodePort services, both TCP & UDP.
Initially, I thought that the endpoint AKS provides could be used to interact with the cluster as a whole, but this isn't the case -- this only exposes the Kubernetes API (probably why they call it the API endpoint)
I also tried ...
In general, my question about setting up a default certificate is answered here: Kubernetes ingress How to set default-ssl-certificate?.
What I don't understand is this part: I'm supposed to add the flag --default-ssl-certificate=kube-system/host-cert as the Ingress' argument. And to discover the YAML config file settings of the NGINX Ingress Controller I should check it with command like: kubectl ...
I want 2 or more applications to listen on the same port and for that I would need multiple external IP-addresses. Am I correct?
How do I can achieve Kubernetes (on a LoadBalancer for example) to listen on multiple IP-addresses on the same port?
For example:
a) 192.168.0.2:80
b) 192.168.0.3:80
...
For purposes beyond that which is necessary to describe here, it is necessary for me, in order to accomplish my goal, to exec into pods, determine the primary process's PID, and then perform some actions in running pods' /proc/<PID>/.
So the problem is obvious perhaps. Given arbitrary pods, how can one programmatically determine the main PID (not side-cars) in running pods realizing that the
Currently I am using command curl -sfL https://get.k3s.io to download k3s. The script get.k3s.io is using below third party internet calls to URLs :
GITHUB_URL=https://github.com/k3s-io/k3s/releases
STORAGE_URL=https://storage.googleapis.com/k3s-ci-builds
I want to avoid the above calls to URLs and want same k3s package to be stored locally in my personal github project location and want to down ...