Questions tagged [aks]
AKS (Azure Kubernetes Service) is a managed Kubernetes service provided by Microsoft Azure.
87
questions
5
votes
1
answer
53k
views
"Context deadline exceeded" preventing pods from being created in AKS
We have been experiencing an issue causing us pain for the last few months.
The issue appears to be that occasionally when we request a pod via the Kubernetes executor it fails to create.
For ...
- 934
4
votes
1
answer
4k
views
AKS version upgrade error: Operation failed with status: 'Conflict'. Details: Upgrades are disallowed while cluster is in a failed state
I noticed that one of AKS services is in the failed state. When I went to diagnostics, I found out that current version is not supported anymore. So I tried to follow instructions stated here: https://...
4
votes
2
answers
9k
views
Why are pods failing to schedule due to resources when node has plenty available?
The pods in my application scale with 1 pod per user (each user gets their own pod). I have the limits for the application container set up like so:
resources:
limits:
cpu: 250m
...
- 290
3
votes
2
answers
2k
views
How to move kubernetes to a different subscription in azure?
I have two subscriptions under my account.
When I check today, the balance is low in my subscription where I deployed the cluster.
So, I click on change subscription option and selected the second ...
- 412
3
votes
1
answer
6k
views
curl & wget cannot resolve internal dns names within the aks cluster but nslookup , host , dig work fine
I have a managed kubernetes instance on azure. I am very sure that the core dns is working and the dns pods are healthy.
I have a couple of services
frontend-service with one pod - Image [nginx-...
- 51
3
votes
2
answers
3k
views
How to find out IOPS disk usage by pod/container on k8s nodes?
My vms have been hard hit by IOPS (Causing network errors and other strange behavior) and I wonder what of my pods is causing it (if any) - how can I find out? I couldn't find a clear tool providing ...
- 183
2
votes
2
answers
5k
views
How does Azure Loadbalancer work with Azure AKS
I recently tried to figure out how an Azure Loadbalancer in front of an Azure AKS cluster actually routes traffic to the cluster nodes.
Our (quite basic) setup:
AKS cluster version 1.23.x with the ...
- 123
2
votes
1
answer
6k
views
Does Azure Application Gateway support gRPC connections?
I've set up an Azure Application Gateway with Azure Kubernetes Service using the Azure Application Gateway Ingress Controller (AGIC) and confirmed that it's working correctly using the sample ...
- 155
2
votes
1
answer
1k
views
What does the MEMORY(bytes) value mean in "kubectl top nodes" on Windows AKS nodes?
When I run kubectl top nodes on my Azure Kubernetes Services cluster with Windows nodes, I get a value back for MEMORY(bytes):
PS >kubectl top nodes
NAME CPU(cores) ...
- 179
2
votes
1
answer
349
views
Azure App Gateway warning about Public IP
I am using the Azure App Gateway v2 and the App Gateway Ingress Controller as a public frontend to an AKS cluster. Following the guidance in this doc, I created and associated the IP address to my ...
- 121
1
vote
2
answers
4k
views
I have deleted all the Azure AKS Kubernetes Nodes, how to restore back the Cluster to it's original state?
I am new to the Azure AKS Cluster world, and while messing with a test cluster i have deleted all its Nodes with kubectl delete node xxxx, thinking that the cluster will heal itself. Boy, was i wrong.
...
- 31
1
vote
2
answers
114
views
Monitor Azure Kubernetes Service (AKS) with Prometheus servers running independently
Can I deploy Prometheus to each Azure Kubernetes Service (AKS), and monitor each Prometheus from a Prometheus created by a virtual machine outside the AKS? In other words, I want to connect the ...
- 33
1
vote
1
answer
2k
views
How to connect AKS with postgres in private vnet?
I have created postgres with private vnet option.
So, no direct access to posgres from internet.
But, I can't access it from "CloudShell" also.
Also, while creating database,when I want to ...
- 531
1
vote
1
answer
914
views
How to expose services in private AKS cluster?
I've created a private cluster on AKS and deployed some workloads to it, but I'm not sure how to connect to the services. They are all NodePort services, both TCP & UDP.
Initially, I thought that ...
- 21
1
vote
2
answers
2k
views
What is the right way to assign Network Contributor Role to an AKS cluster via ARM / Bicep template?
I'm trying to configure a Load Balancer for my AKS server using Bicep/ARM. I am using the NGinx Ingress Controller in kubernetes and it does seem to work but when I first spin things up I am ...
- 113
1
vote
1
answer
2k
views
error reading configuration while deploying to aks
I am using Azure devops for regulation CI/CD in my project , i have a kubernetes cluster running through aks(azure kubernetes service) , i have used azure repo and everything and , every required file(...
- 23
1
vote
0
answers
97
views
502 Error When Accessing AKS via Application Gateway Ingress in Azure Private network
I have configured an Azure Kubernetes Service (AKS) with an Application Gateway in a private network setting. To facilitate communication between them, I've set up an Application Gateway Ingress ...
- 111
1
vote
0
answers
51
views
Upgrading personal AKS cluster
I have a personal Kubernetes cluster on AKS and Azure is making it mandatory for me to update the Kubernetes version in order to add a new node into the cluster.
Now that I have to do this, I would ...
1
vote
1
answer
102
views
Setting bytes-to-inode ratio on AKS storage class
I'm hitting inode limits on an AKS cluster in a volume (ext4) provisioned with Azure Disk Provisioner.
I've found the docs on the CSI Driver, but there's no mention on how to choose the target ...
- 9,799
1
vote
0
answers
447
views
AKS Egress Internal via Load Balancer to on-premise service
I have an AKS cluster and one of the pods, call it "my-service", needs to connect to an on-premises service via VPN and that service requires whitelisting of IPs. Unfortunately, it can only ...
- 111
1
vote
1
answer
580
views
Why do my AKS node have public IP even though "enableNodePublicIP" is set to false?
I have an AKS cluster where I added a new node pool. While creating the node pool, I set the option "Enable public IP per node" as Disabled. However, I still notice that my nodes in the VMSS ...
- 108
1
vote
1
answer
867
views
strict MIME type checking is enabled issue with PGAdmin in Azure application gateway
I am trying to install pgAdmin (image: 'dpage/pgadmin4:6.21') in Azure AKS. I am able to access the application when I use a Kubernetes LoadBalancer service, but when I use an Azure Application ...
- 113
1
vote
0
answers
1k
views
ETCD snapshots causing etcdserver: leader changed
For a while now we've experienced regular errors from operations on kube API in AKS resulting in etcdserver: leader changed message. From what we've learned there is an ETCD snapshot performed every ...
1
vote
0
answers
372
views
Azure AKS user nodepool VM temporary storage requirements
Do AKS user nodepool VMs use Azure VM temporary storage for any purpose?
Can an AKS user nodepool run on VMs without temporary storage?
What is is the minimal amount of Azure VM temporary storage ...
- 267
1
vote
0
answers
195
views
How to access aks service from same vnet?
I have created an aks cluster and deployed an application there and exposed it as a service.
Can be accessible through LoadBalancer.
To access it internally, I created a windows VM in the same vnet (...
- 185
1
vote
0
answers
358
views
How to keep postgres flexible server and aks on the same vnet?
I have created aks cluster with azure network type selected.
Terraform files for reference
My VNet used with aks.
But this vnet is not available in the dropdown of azure postgres flexible server ...
- 531
1
vote
1
answer
1k
views
How to simulate an Availability Zone (AZ) failure in Azure?
I'm setting up a cross AZ AKS cluster. I would like to simulate a failure of an AZ to test the behaviour of cluster and application after such an event.
What would be the best way of doing this?
- 11
1
vote
1
answer
243
views
Consul containers are creating as privileged containers, how to change that?
With the azure policy addon enabled(as per organization policy), we can’t create privileged containers on the aks, azure kubernetes.
Our application is set to security context as below.
...
- 412
1
vote
0
answers
834
views
AKS Certificate Manager upgrade w/ namespace change - Wrong cert-manager hook ID
Recently, we changed uninstalled our cert manager and reinstalled it into a new namespace.
There were no issues with the uninstall / reinstall of the cert manager. When we tried to create a new ...
- 133
1
vote
0
answers
185
views
Azure AKS does not have D2 v4 nodes listed in selection
Want to select D2 v4 (0GB Temp storage) nodes for my AKS node pool, but this node size is not available.
Now we are using D2s v3 (16GB temp storage).
That temp storage is not used and also is not that ...
1
vote
0
answers
128
views
Maesh address not resolved in AKS
I'm currently working with migrating a deployment to maesh. In this process I annotated, as required. my service with the maesh label. But trying to curl the service afterwards fails.
The old address(...
- 11
1
vote
0
answers
260
views
mysql helm aks keeps crashing
I tried to install mysql using helm chart
helm install mysql --set mysqlRootPassword=medone,mysqlUser=mysql,mysqlPassword=medone,mysqlDatabase=profil,persistence.existingClaim=mysql-pv-claim stable/...
- 11
0
votes
1
answer
3k
views
Kubernetes clusters should not grant CAPSYSADMIN security capabilities
In Our AKS, found high severity alerts related to this in Azure Security Center.
What is CAPSYSADMIN meant for?
Is the pods by default enabled with this property?
Because we didnt specifically enabled ...
- 101
0
votes
1
answer
2k
views
How to set flux to deploy latest image tag for every build?
I have added github actions to build a docker image for every latest commit and push it to our container registry in azure.
We have created yaml files to deploy the docker image to kubernetes on azure....
- 531
0
votes
1
answer
2k
views
How to launch a sql file on kubernetes pod creation?
We have our database either in aws rds or azure postgres or even on a different online server based on customer.
But our product will be running in azure kubernetes as a pod and service with database ...
- 156
0
votes
1
answer
1k
views
Custom CRDs not getting deleted in aks cluster, how to delete that?
I have installed consul helm repository to default namespace.
Now, want to change it to a custom namespace.
So, deleted the help chart using helm uninstall command.
Now, when I try to install again, ...
- 156
0
votes
2
answers
2k
views
Kubernetes NGINX Ingress Controller Failure using Helm on AKS
When going through the setup of a K8 ingress controller, which is documented here
I am unable to get past the step of "Create an Ingress Controller"
During the Helm command step and placing ...
- 153
0
votes
1
answer
230
views
Use fwmark in iptables on a container running in Azure K8S
I have a weird use case, where a pod running in Azure Kubernetes needs to route traffic from specific ports to specific targets through a dedicated VPN tunnel. But those targets are private IPs and ...
- 11
0
votes
1
answer
303
views
How to install Consul on azure kubernetes with policies enabled?
I have installed azure kubernetes with azure policy enabled.
I followed the steps in the getting started guide of consul as is: link
But when the consul is deployed, the pods are not deployed.
When I ...
- 531
0
votes
1
answer
703
views
Limit exceeded for cluster creation on Azure Kubernetes, where to cleanup?
I have deleted the old clusters by deleting the resource group completely.
But when I try to create a new cluster, I am getting error as limit exceeded.
As you can see in the below error.
{"code&...
- 412
0
votes
1
answer
259
views
why AKS,EKS,GKE better than k8s .can we say k8s architecture is base of these 3. How they leverage each other?
I am trying to learn k8s, and 1 question always coming as to why we need GKE, aks, or EKS.
In the cloud, Can we do container orchestration without the above services means can we have compute ...
- 3
0
votes
1
answer
130
views
Problems After Deploying Gitub Repo to Azure Kubernetes Service
I created an AKS successfully and tried to deploy a project from my Github repository. I followed the guidance on the following page and it sent me a success notice in the Azure Portal.
However, ...
- 123
0
votes
0
answers
23
views
Setting up Prometheus on Azure Kubernetes Cluster
I am setting up Prometheus on a production aks cluster. The app deployment on this cluster is exposed using ngnix ingress behind a load balancer and a firewall device.
How do I access Prometheus ...
- 1
0
votes
0
answers
34
views
Issues with Aliyun Scheduler extender in AKS
I am trying to use Aliyun scheduler extender to be able to use a T4 nVidia GPU with multiple PODs, I have a managed AKS cluster with a default NodePool with standard VMs (Standard_D2_v3) and added an ...
0
votes
0
answers
39
views
airflow git-sync-init not able to access secrets from SecretProviderClass
I am trying to build AKS with GitOps for FLux configuration and CSI Secrets provider for Airflow.
I am able to pass secrets from KV to AKS and to other pods, secrets are populated as AKS secrets, ...
- 1
0
votes
0
answers
29
views
I'm getting the error "InvalidParameter" while trying to create nodes in my AKS Cluster
I'm trying to install CAST AI, a tool that helps to reduce kubernetes costs, the tool is trying to create a agentPools in my cluster but i'm getting the following error:
{ "code": "...
- 1
0
votes
0
answers
40
views
Data written to PVC using job pod is not available in main POD
I have a job pod with a bash script that executes and writes data to the PVC, however, the same data is not available when I check in from the main POD, both the deployment & job use the same PVC, ...
0
votes
1
answer
128
views
Azure kubernetes service private cluster
I have a private Kubernetes cluster that needs to be accessible by a client, but I still want to keep everything enclosed within a VPN. Unfortunately, the VPN I created requires an address space that ...
0
votes
0
answers
21
views
Clarification Needed on Lifecycle Management of AKS LoadBalancer IP Addresses Labeled 'Static'
I'm currently managing an AKS cluster and have come across a point of confusion regarding the public IP addresses allocated for LoadBalancer services. These IPs are labeled as 'Static' in my Azure ...
0
votes
0
answers
66
views
How to set azure app gateway ingress in one namespace and target service istio-ingress is in another namespace in kubernetes?
azure app gateway ingress in one namespace and target service istio-ingress is in another namespace, how to set that.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: server-ingress
...
