All Questions
Tagged with kubernetes linux
72
questions
0
votes
0
answers
51
views
Receiving Kiss of Deaths with chrony
basically I think the issue is that my company NTP server has a Stratum of 5 and it might be laggy at times - but it's maintained by other team so I don't have much info about it.
Now I have tested ...
- 174
0
votes
0
answers
45
views
kubernetes etcd failed to publish local member to cluster through raft
Environment Background:
kubernetes configured 3 master and 3 worker node
Kubernetes is configured component by component following https://github.com/kelseyhightower/kubernetes-the-hard-way.
...
- 101
1
vote
1
answer
96
views
Discrepancy between kubernetes node memory stats and system memory usage
Kubernetes spits memory limit warnings at me, even though the memory of the node is not exhausted in any measure - neither by kubernetes stastics and even less by system statistics:
root@ftt:local-...
- 115
0
votes
0
answers
63
views
PVC is in terminating state and PV is in bound state in Kubernetes
I have the PVC which is in terminating state (because it is referenced from 3 other pods) and the PV is in bound state. PV has the retain reclaiming policy.
Also I am not sure on the reason for the ...
- 111
2
votes
3
answers
112
views
Setting up a cluster with workload distribution
I want to setup a server cluster which can keep by servers as busy as possible while still giving fair compute time to everyone. I have setup a basic Kubernetes setup but the issue is that if some ...
- 21
0
votes
1
answer
3k
views
Kubernetes - Find per core statistics for the pod
I would want to find the per core usage statistics for my Kubernetes pod.
In my Linux host/in the Kubernetes node, I use mpstat to find the statistics like below.
In my case, I assign 2.5 CPUs to the ...
- 109
0
votes
2
answers
556
views
AppArmor complain mode acts as enforce
AppArmor profile:
cat /etc/apparmor.d/test-deny-write
#include <tunables/global>
profile test-deny-write flags=(attach_disconnected) {
#include <abstractions/base>
file,
# Deny ...
- 445
0
votes
0
answers
136
views
How to make master node and worker nodes before installing kubernetes on Ubuntu?
I am trying to install kubernetes on my Ubuntu 22.04 os. I found blogs and videos in Youtube but failed and deleted all. I had hard time when making master node and worker nodes because there was no ...
- 1
0
votes
1
answer
499
views
How to allow kubernetes/calico traffic through iptables?
I have installed kubespray on my host. I want to close all ports on my host except the required ports. I want to add these rules:
iptables -A INPUT -p tcp -m multiport --dports 22,80,443 -j ACCEPT
...
- 101
0
votes
0
answers
293
views
How can I add my workers to my Kubernetes cluster I created with kubeadm?
I have three VMS I created with vagrant that can communicate with each other. Following through a video and also K8s official documentation on creating a cluster with kubeadmn. The master node has ...
0
votes
0
answers
121
views
Fluentd logs not sent to Elasticsearch on K8s
I have a cluster in VirtualBox to learn kubernetes. I have a deployment that contains MySQL and phpMyAdmin. I created a DemonSet that has the fluentd image and collects the logs to transmit them to ...
- 1
0
votes
0
answers
134
views
Trigger OS shell script post kubernetes container boot
I am running truenas scale 23.01 with kubernetes. On the system I have a container X and a small app Y running natively that interacts with this container through its local IP and port.
Whenever ...
- 101
0
votes
0
answers
224
views
Prometheus Server Pod Suddenly Crashed (unexpected fault address 0x7f911b1795d4)
With traffic Prometheus server pod getting restarting with below error stack. This is happend when the live traffic of the system. But could not be able to reproduced with the load testing.
Grafana ...
0
votes
0
answers
1k
views
Error retrieving resource lock kube-system/kube-controller-manager: Connection Refused - Kube Controller Manager
LOGS Kube controller Manager
Fetching last 1000 lines of logs from kube-controller-manager-raspberrypi pod in kube-system namespace: ...
- 1
0
votes
0
answers
25
views
using kyverno instead of apparmor
we want to use AppArmor for pod and container security. we have Kyverno and it's possible to add some capabilities using that.
I want to know if it is possible to replace AppArmor with Kyverno for our ...
- 13
5
votes
2
answers
24k
views
failed to create fsnotify watcher: too many open files
I received this error while trying to tail the log of a Kubernetes pod.
failed to create fsnotify watcher: too many open files
- 435
0
votes
1
answer
1k
views
Kubernetes: How/where to log when Secrets are deleted?
Does kubernetes capture - in the event log or elsewhere - when Secrets are deleted? I'm not seeing this showing up in the event log:
kubectl get events --field-selector involvedObject.kind=Secret --...
- 2,755
0
votes
1
answer
50
views
Is it possible to make services running on local server reachable for public?
I'm running a local QNAP NAS server and a remote server which is hosted at a public provider (bare metal kubernetes cluster).
I would like to run some services on my nas server, which should be ...
- 135
0
votes
1
answer
4k
views
Connect to a postgres running internally within a cluster through a kubernetes pod
I've got a kubernetes pod myapp-2390458f-kfjgd I can get access to with kubectl and an instance of a PostgreSQL that can be accessed from within the kubernetes cluster by the name mypos.tgres.com, but ...
- 141
0
votes
1
answer
214
views
apache "Options Indexes" working localhost but not with public DNS name
I have a Kubernetes cluster and a very basic container. I am trying to access it through the internet and the task is very simple, I just need to list the index of the directory. Here is my basic ...
- 35
0
votes
1
answer
2k
views
Forwarding apache logs from k8s Pod to Syslog server
I am new to Kubernetes, I know there are multiple ways to log collection. but I am specifically asking about my scenario. we have a Syslog xyz.com port 8090. now we want our pods to send logs to our ...
- 35
1
vote
1
answer
3k
views
How do I enable containerd?
When I run systemctl status containerd, I get the following output:
● containerd.service - containerd container runtime
Loaded: loaded (/usr/lib/systemd/system/containerd.service; disabled; vendor ...
- 273
0
votes
1
answer
590
views
After installing k8s1.26.2 using kubeadm, all pods including etcd,kube-proxy are in the crashloopbackoff state
I am trying to install k8s1.26 on debian11, my kernel version is 5.10.0/x86_64.
Here is my kubelet logs.
Mar 09 17:51:55 devnew0 kubelet[369024]: I0309 17:51:55.933659 369024 scope.go:115] "...
- 11
0
votes
1
answer
584
views
Process memory-usage mismatch in a Kubernetes sidecar container
I have a sidecar container with the following resources:
resources:
limits:
memory: 512Mi
requests:
memory: 64Mi
However, when I run top, I see this:
envoy & pilot-agent seem to be ...
- 107
-1
votes
1
answer
350
views
For a small production environment is it better to use only masters k8s or some mini k8s solutions?
I have a scenario of a small air-gap production environment with only three Linux servers (CentOS or RHEL).
I want to deploy a small k8s cluster on them.
I have two approaches for now:
Installing a ...
0
votes
1
answer
3k
views
kube-api server high cpu
I want to know how I can check why one of my ctrl node and kubernetes consumes more cpu than the others.
I have a cluster with 3 ctrl nodes and 4 worker nodes.
I have an nginx load balancer with the ...
PeterWegner90
0
votes
0
answers
3k
views
kubernetes cert-manager https attempt propagation check failed
Im trying to set up https on a local bare metal kubernetes cluster. Im getting an
cert-manager/challenges "msg"="propagation check failed" "error"="wrong status code ...
0
votes
0
answers
1k
views
kubernetes cluster cert-manager in crashloopbackoff
I had a kubernetes cluster running on a raspberry pi that had a simple server running on it. It's a small project i'm using to learn kubernetes.
After coming back to the project i realised it wasn't ...
0
votes
0
answers
251
views
Routing packets from VPN interface to other pods change source IP
I have a pod that runs WireGuard, IPv4 forwarding is enabled in that pod, thus all packets sent from WireGuard clients are routable to the other pods.
WireGuard client -> WG-NIC inside WireGuard ...
1
vote
0
answers
354
views
How to make two squid servers share the same disk cache?
I'm trying to setup squid proxy in a kubernetes environment as a caching server with 3 replicas. I wanted to know whether all three replicas can share the same disk storage, or I'll have to assign ...
- 21
0
votes
0
answers
188
views
Can I prevent rsync from setting attributes on the topmost directory?
I'm currently building a solution to rsync Gerrit data into a Kubernetes container which has storage (a persistent volume) mounted at /var/gerrit/logs/. I am trying to use the rsync command below, but ...
- 1
2
votes
0
answers
123
views
Kong-proxy not working inside Jelastic environment
We need a bit of help trying to install Kong in Kubernetes inside Jelastic environment. Me and My colleague have a production based kubernetes cluster with the following:
Load Balancer
1 Node with ...
- 21
1
vote
0
answers
142
views
Linux Auditd monitoring of file operations in mounted folder
I have multi node kubernetes cluster and I would like to monitor file operations that are made by containers in mounted persistent volume.
I found the all PV data are located at nodes in /var/lib/...
- 11
1
vote
1
answer
1k
views
What does this logs mean? (kubelet)
Today one worker node of kubernetes cluster was in freeze at around 5:30-5:40 and I try to find out what the reason of it stucking, in order to this I look in /var/log/syslog. There are tons of log, ...
- 11
-2
votes
1
answer
6k
views
modprobe: FATAL: Module nf_conntrack_ipv4 not found in directory
TASK [kubernetes/node : Modprobe nf_conntrack_ipv4] *************************************************************************************
fatal: [node1]: FAILED! => {"changed": false, &...
- 11
0
votes
1
answer
736
views
Can each GPU be used on Kubernetes as dedicated to a specific Pod?
I have the following environment:
Pods: Pod0, Pod1 (launched as a k8s Job)
GPUs: GPU0, GPU1
GPU0 is dedicated to Pod0, and GPU1 is dedicated to Pod1.
There can be multiple Pod0s and Pod1s at the same ...
- 393
0
votes
1
answer
1k
views
kubernetes pod with a socket connection not firing 'close' event
I have a Kubernetes deployment where a pod connects to a client via TCP Socket. On connect and disconnect different events happen. In the dev environment the server can respond to connections, data, ...
0
votes
1
answer
221
views
Remove unused docker images
Recently we found out that our Kubenetes nodes are using high disk space,after checking the nodes we found that the high disk space was due to docker images.
We know that if we run docker image prune -...
1
vote
1
answer
104
views
Handle 150 req/s and 2TB of logs for 7 days of retention available by API
I would like to get advise from experienced people to build a HA infrastructure to log 2To of data in JSON format every week.
I need to have a retention time of 7 days and need to be able to requests ...
- 11
0
votes
1
answer
3k
views
Kubernetes Nodes are not reachable and cannot reach local network after installing cilium
Little bit of an Introduction, Im pretty new to kubernetes so i'm a bit rough on it. Lets me sketch my problem.
TLDR: After installing cilium on kubernetes I cannot acces from and to any other machine ...
- 21
1
vote
1
answer
2k
views
Issues starting Kube-scheduler [ Kubernetes the hard way ]
I am trying to setup kubernetes cluster the hardway by following guide from Kelsey Hightower's Kubernetes The Hard Way
After setting up the kube-scheduler, when I start the scheduler I am seeing the ...
- 113
1
vote
2
answers
782
views
What happens when there's no custom chain to jump in a table in iptables?
I'm looking into how iptables work in Kubernetes for packets from a pod to a service. For the outbound, it goes through OUTPUT chain first(nat then filter in my case). Part of the iptables-save result ...
- 103
3
votes
3
answers
45k
views
Kubernetes API server not able to register master node
I was trying to create a Kubernetes Cluster using kubeadm. I had spin up an Ubuntu 18.04 server, installed docker (made it sure that docker.service was running), installed kubeadm kubelet and kubectl.
...
- 63
0
votes
1
answer
2k
views
helm - changing all configmaps during upgrade
We faced this kind of problem. When we start upgrading via helm - all our configmaps are changed after upgrade.
The question is How to say helm DO NOT change the configmaps during upgrading release?
...
- 11
0
votes
0
answers
470
views
NFS permissions (with AKS)
I'm mounting NFS (on the Azure Virtual Machine) into k8s (AKS). My application is running with Apache (www-data user). Now for some reason I cannot eventually comprehend my application errors with ...
- 123
0
votes
1
answer
119
views
Traffic is not being spread evenly between replicas of OpenFaas functions
As per this documentation, I have configured direct_functions to false, which allows the provider to balance traffic between replicas of OpenFaas functions. But it sends the traffic to only one ...
- 113
2
votes
0
answers
334
views
Kubernetes on Flatcar Linux will not start up kube API server after a reboot of the master node
Thank you for reading and taking your time to review this problem.
I have a problem using my Kubernetes cluster.
It is running Flatcar Linux, made by Kinvolk, recently acquired by Microsoft. I have ...
- 91
0
votes
1
answer
1k
views
How do veth interfaces connect to each other on a linux box?
I have been playing with Google Kubernetes Engine cluster recently. I have a question regarding their CNI. I have read from GCP documents and other articles that there is a bridge which all veth ...
- 101
2
votes
0
answers
2k
views
Kubernetes coredns not receiving requests
I've set up a kubernetes cluster, single node, debian 11. However, my CoreDNS doesn't seem to resolve anything. I'm noticing this by portainer being unable to load resources.
http: proxy error: dial ...
0
votes
0
answers
232
views
Linux Virtual Interface “missing” pair?
The Q may be specific to AWS EKS CNI/AWS EC2/AWS VPC Networking
The Q may be specific to Docker networking
We have an AWS Elastic Kubernetes cluster running with a WorkerNode.
On this WorkerNode, we ...
- 334