Questions tagged [kubernetes]
Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions. Using the concepts of "labels" and "pods", it groups the containers which make up an application into logical units for easy management and discovery.
2,737
questions
0
votes
1
answer
36
views
Hashicorp Vault transit auto unseal cluster is not receiving requests from transit seal configuration in main cluster (or requests are not being sent)
I am trying to set up auto-unseal for hashicorp vault using the transit secrets engine and two HA clusters. Cluster A is responsible for unsealing cluster B. My issue is that Cluster B (the main ...
- 101
0
votes
0
answers
23
views
Setting up Prometheus on Azure Kubernetes Cluster
I am setting up Prometheus on a production aks cluster. The app deployment on this cluster is exposed using ngnix ingress behind a load balancer and a firewall device.
How do I access Prometheus ...
- 1
0
votes
1
answer
27
views
cert-manager Certificate.spec.secretTempate is not updating annotations on the output secret
I recently needed to share a tls configuration between two different namespaces, looking at the docs I saw that you can use reflector to sync secrets between namespaces. I copy/pasted the documented ...
- 101
0
votes
1
answer
47
views
kube-proxy not starting due to nf_conntrack_max
Team
Trying to install k8s but kube-proxy not starting with below error
I0603 18:53:21.135178 1 server_others.go:69] "Using iptables proxy"
I0603 18:53:21.150071 1 node.go:141] ...
- 101
0
votes
0
answers
14
views
K8 GCE deployment cluster failed to initalize after kube-up.sh
Running into a issue after running kube-up.sh script on Ubuntu 22.04. From what I can tell, after running kube-up.sh it creates my master & worker needs in Google Cloud successfully, but presents ...
0
votes
0
answers
32
views
k8s : Calico node is not coming up
I am trying to bring up k8s cluster with calico. Calico node install-cni container is not coming up
root@stage:/etc# kubectl version
Client Version: v1.28.10
Kustomize Version: v5.0.4-0.20230601165947-...
- 101
0
votes
0
answers
35
views
Is it possible to run Rancher on rke2 v1.28.10? If so, which version of nginx-ingress should be used?
I installed v1.28.10+rke2r1 and have three controlplane VMs and four worker node VMs. I wanted to see if Rancher (the web service gui) would work so I added the Rancher helm repo and ran helm install ...
- 950
0
votes
0
answers
62
views
Stop minikube on Ubuntu shutdown
I'm new to Kubernetes, I have internal instruction on how to setup the app locally using minikube. The problem is that I sometimes forget to stop the Cluster, if I do when shutdown the system it will ...
- 250
-1
votes
0
answers
16
views
Monitor the actions that extract data from AKS cluster to local machine
Is there a way to monitor the actions that extract data from AKS cluster to local machine? like for example another user A have this AKS cluster that have sensitive data and some other user B from ...
- 9
0
votes
0
answers
34
views
Issues with Aliyun Scheduler extender in AKS
I am trying to use Aliyun scheduler extender to be able to use a T4 nVidia GPU with multiple PODs, I have a managed AKS cluster with a default NodePool with standard VMs (Standard_D2_v3) and added an ...
0
votes
0
answers
57
views
bad certificate kubernetes master node
"tls: bad certificate"
""level":"warn","ts":"2024-06-02T11:14:58.713Z","caller":"embed/config_logging.go:169","msg":...
- 101
1
vote
1
answer
118
views
kubectl explain Subsequent entries cannot be automatically completed
kubectl explain Subsequent entries cannot be automatically completed.
System: Centos 7 2009
Executed commands
yum install bash-completion -y
echo "source <(kubectl completion bash)" &...
- 21
0
votes
0
answers
15
views
Cant access Auth0 from kubernetes because of egress network policy
I have an authorization microservice that authorizes users through Auth0. My service is running in kubernetes and I've tested that it works if i disable my egress network policies but it doesn't work ...
- 101
0
votes
0
answers
39
views
airflow git-sync-init not able to access secrets from SecretProviderClass
I am trying to build AKS with GitOps for FLux configuration and CSI Secrets provider for Airflow.
I am able to pass secrets from KV to AKS and to other pods, secrets are populated as AKS secrets, ...
- 1
0
votes
1
answer
50
views
Kubernetes MySQL Operator 8.4.0 not ready (stuck on start)
I have followed step by step the instructions to deploy the MySQL operator on Kubernetes. Following the instructions from the official page. Once deployed without errors, the operator is not in ready ...
- 1
0
votes
1
answer
50
views
Reducing downtime of Statefulset K8S
I am currently in the process of migrating applications from DO droplets (VPS) to Kubernetes (K8S). The old system applications are mostly stateful, so I am facing challenges in minimizing downtime.
...
- 21
0
votes
0
answers
35
views
After restoring etcd data and modifying node labels, there is a situation where pods cannot be scheduled under statefulset
My test environment is two control panel nodes(Suppose they are A and B respectively, and that at the beginning A has the pod's nodeselector tag cur=true.), and one etcd node (using binary files to ...
- 11
0
votes
0
answers
75
views
Assign static IP address (outbound traffic) for every pod in EKS cluster
I have my software running in EKS cluster, where every node can fit up to 5 pods. The software uses multiple accounts on 3rd-party service which requires IP whitelisting. I have separate manifest ...
0
votes
0
answers
69
views
Running into NodeHasDiskPressure using kubeadm with containerd (invalid capacity 0 on image filesystem)
I have a setup with the default configuration of containerd, containerd config default. I have also set SystemCgroup = true since this installation is on arch linux (and their docs mentioned this). ...
2
votes
1
answer
72
views
Deduplicating nodes listed in `kubectl top nodes`
I've set up a new kubernetes cluster using k3s. When I run kubectl top nodes there are 6 listed even though the cluster only has 4 nodes. Some of the hosts have changed hostnames since first being set ...
- 143
0
votes
1
answer
66
views
Kubernetes filebeat config map for pod events
We have a pod that restarts randomly and we can't find the reason because Kubernetes only keeps event logs only for a short time. Even if we increase it, the logs will be lost when the pod is deleted.
...
- 1
0
votes
2
answers
69
views
How to make ingress-nginx use provided certificate to user?
I am installing Home Assistant in my K3S Kubernetes cluster through Ansible and I want to use a Let's Encrypt certificate for my ingress that has been generated by Cert-Manager running on my cluster.
...
- 1,055
0
votes
0
answers
57
views
How to Generate and Revoke Kubernetes Admin Config Files in a Kubeadm Cluster?
I have a Kubernetes cluster set up using kubeadm, and currently, developers can access and deploy using the default admin config file. However, I need to generate a new admin config file and revoke ...
0
votes
0
answers
39
views
Do I need service mesh to secure my k8s cluster communication
Many articles across the internet recommend using service mesh solutions like Istio or Linkerd to secure network communication inside a Kubernetes cluster. At the same time, popular CNI plugins like ...
- 101
1
vote
0
answers
68
views
What are my groups in kubernetes (GKE) on GCP?
The answer is supposedly easy:
$ kubectl auth whoami
But it says that I belong only to system:authenticated. That's not pretty informative, and I believe I must belong to system:masters. Why? Because ...
- 2,328
1
vote
1
answer
144
views
Why the NFS CSI driver is recommended over the NFS in-tree driver?
In the official Kubernetes documentation, I read:
To configure NFS storage, you can use the in-tree driver or the NFS CSI driver for Kubernetes (recommended).
My questions are:
Why the NFS CSI ...
- 222
0
votes
0
answers
46
views
How to use bare metal Kubernetes with existing AWS Load Balancer (NLB)
I created a cluster manually with kubespray (NO cloud providers used) on AWS EC2 machines that I created myself. I have an AWS NLB that I created myself.
What is the proper way to configure Kubernetes ...
1
vote
1
answer
92
views
Merge 2 ~/.kube/config into one
Cluster information:
Kubernetes version:
Client Version: v1.30.0
Server Version: v1.28.2
Host OS: SUSE Server 15 SP4
CNI and version: calico
CRI and version: containerd://1.7.3
Description
Im trying ...
- 11
0
votes
0
answers
33
views
How to setup k8s Windows node using Calico Operator
I have now tried for a week to properly setup Windows k8s node using Calico without success. I have followed official Calico documentation docs.tigera.io. I have tried both Operator and Manual install ...
- 1
0
votes
0
answers
62
views
How to configure k3s with ingress-nginx to correctly forward user IP in X-Real-IP header?
I am trying to configure k3s with ingress-nginx on some VPS from Hetzner. I have set up a server with a public IP and others without public IPs, all connected in a private network. When I install ...
- 101
0
votes
0
answers
21
views
Telegraf cannot reach URL
I wrote a small telegraf.conf. When I put it in a docker compose it works. When I put it in my Kubernetes CLuster it does not.
The logs say: [inputs.http] Error in plugin: [url=https://dwd.api.proxy....
0
votes
0
answers
766
views
FailedScheduling too many pods. Preemption: 0/2 nodes are available: 2 No preemption victims found for incoming pod
I configured eks and when performing a deployment, the pod is always in pending state.
FailedScheduling appears. My node group is created with 2 node - T2.micro - 20gb.
Even the simplest deployment ...
0
votes
0
answers
91
views
kubelet.service: Failed at step EXEC spawning /usr/bin/kubelet: No such file or directory
I am new to Kubernetes, And I am trying to run kubelet and I am facing huge difficulties. Need your help I tried to remove Kubernetes, and reinstall completly, but kubelet doesn't run at all.
...
0
votes
1
answer
46
views
Getting permission error from Unifi Network Application when connecting to MongoDB in Kubernetes
I running K3S Kubernetes on a cluster server consisting of a mixture of Raspberry 4 and Raspberry 5 nodes.
I want to install Unifi Network Application on the cluster server and have come pretty far in ...
- 1,055
0
votes
1
answer
39
views
Will Kubernetes attempt to assign a node port that has already been manually assigned?
I have manually assigned a node port to a service like so... I'm running on Kube 1.27
spec:
type: NodePort
selector:
app: foo
ports:
- port: 1775
targetPort: 1775
nodePort: ...
- 293
0
votes
1
answer
348
views
Google Cloud Composer 2 Environment won't become healthy
I am trying to create a Google Cloud Composer 2 environment in my project, but it fails to become healthy.
I am creating it with the default settings and a service account that has the Cloud Composer ...
0
votes
0
answers
38
views
K8s and Linux Audit Logs Missing From Splunk OTEL Collected Logs
I'm migrating from the Splunk Connect for Kubernetes Helm Chart to the SignalFX Splunk Otel Collector Helm Chart. I'm having trouble translating the custom filters that we have in the SCK chart to add ...
0
votes
0
answers
36
views
Docker-in-docker/Gitlab-CI Cannot use docker command running on Kubernetes Cluster
From subject my gitlab-ci cannot use docker command. With ERROR: Cannot connect to the Docker daemon at tcp://localhost:2375. Is the docker daemon running?
This is my gitlab-ci.yml
image: docker:...
0
votes
1
answer
100
views
Networkpolicy blocks ingress traffic unexpectedly
Here is the definition of the networkpolicy:
spec:
podSelector:
matchExpressions:
- key: app.kubernetes.io/component
operator: In
values:
- "backend"
...
- 11
0
votes
0
answers
27
views
Understanding Calico CNI Behavior: Masquerading of Pod IP with tunl0 Interface IP
I have a query regarding pod-to-pod communication across nodes with different subnets in Kubernetes using Calico CNI.
In my Kubernetes cluster, I have one control plane node and two worker nodes, each ...
- 1
0
votes
0
answers
38
views
ARP resolution does not work as intended in VPC when doing L2 Announcements with CIlium CNI on a K8S Cluster spanning EC2 instances
VPC Configuration
VPC CIDR: 10.0.0.0/16
Region 1: 10.0.0.0/24 (public), 10.0.64.0/24 (private)
Region 2: 10.0.16.0/24 (public), 10.0.80.0/24 (private)
Region 3: 10.0.32.0/24 (public), 10.0.96.0/24 (...
- 131
0
votes
1
answer
61
views
Karpenter consolidation happening on non-scheduled time
Recently I have upgraded Karpenter version to v0.34.0 and along with that disruption feature comes where we can schedule the node consolidation to specific hours. I have added the disruption policy ...
0
votes
0
answers
120
views
AWS application load balancer not registering targets for Kubernetes EKS node target group
I have an EKS cluster with public/private access on a VPC with public and private subnets. I've setup my ALB in the public subnets on port 80, internet-facing and ip and installed the AWS controller ...
0
votes
1
answer
90
views
Exposing Kubernetes pods with TCP and UDP traffic
I'm writing a Kubernetes operator to deploy individual, dedicated game servers, inside the same cluster. What would be the best method for exposing these servers outside of the cluster?
Requirements
...
- 25
0
votes
1
answer
98
views
Fluent-bit bitnami helm chart - kubernetes filter does not work
I am trying to run fluent-bit using bitnami helm chart and I want to use kubernetes filter. It does collect the logs but the kubernetes filter does not add any information(pod id, pod name etc). When ...
- 1
1
vote
1
answer
96
views
Discrepancy between kubernetes node memory stats and system memory usage
Kubernetes spits memory limit warnings at me, even though the memory of the node is not exhausted in any measure - neither by kubernetes stastics and even less by system statistics:
root@ftt:local-...
- 115
0
votes
0
answers
94
views
While creating the MySQL Operator for Kubernetes I faced CrashLoopBackOff on pods
I am trying to create a MySQL Operator for Kubernetes, using the guide of MySQL official documentation(https://dev.mysql.com/doc/mysql-operator/en/).
While doing the steps mentioned in the Document, ...
0
votes
1
answer
31
views
KUBEFLOW notebook - add custom configuration field
When creating a new notebook I added under Configurations options for nvidia runtime and access to Kubeflow pipelines. Those are both added with a checkbox to toggle on or off which all map to ...
- 154
0
votes
0
answers
32
views
Kubernetes is no accepting traffic from my Load Balancer when I deploy it in Terraform in DigitalOcean
When I deploy my ingress controller I get an error from digital ocean dashboard
0/1
Kubernetes nodes accepting traffic
--
First I create my kubernetes cluster named avatares_cluster
# main.tf
...
1
vote
0
answers
107
views
Issue between Fleet-managed Elastic agent on external server and Fleet in k8s
My fleet-managed agent can't send logs (they are always dropped) to ES, but does send the metrics. The error message seen in the agent's status is a 504 Gateway Time-out.
Additionally, we see this ...
- 11
Related Tags
google-kubernetes-engine × 320
docker × 282
google-cloud-platform × 202
amazon-web-services × 147
kubeadm × 138
networking × 136
nginx × 119
azure × 97
nginx-ingress × 94
amazon-eks × 90
helm × 87
ingress × 81
calico × 80
kubectl × 77
linux × 72
aks × 65
load-balancing × 63
ubuntu × 62
prometheus × 60
k3s × 56
containers × 55
domain-name-system × 50
etcd × 48
cluster × 42
more related tags
Hot Network Questions
- In By His Bootstraps (Heinlein) why is Hitler's name Schickelgruber?
- Should I accept an offer of being a teacher assistant without pay?
- Integration of the product of two exponential functions
- adding *any* directive above Include negates HostName inside that included file
- Which numbers are sums of finite numbers of reciprocal squares?
- Would a spaceport on Ceres make sense?
- Why can Ethernet NICs bridge to VirtualBox and most Wi-Fi NICs don't?
- Why is completeness (as in Gödel completeness theorem) a desirable feature?
- What does ‘a grade-hog’ mean?
- What actual purpose do accent characters in ISO-8859-1 and Windows 1252 serve?
- Do IDE data lines need pull-up resistors?
- Is there a way to non-destructively test whether an Ethernet cable is pure copper or copper-clad aluminum (CCA)?
- What is the best catalog of black hole candidates?
- How can I take apart a bookshelf?
- Issue with rendering Lightning progress indicator
- Why was the animal "Wolf" used in the title "The Wolf of Wall Street (2013)"?
- How are "pursed" and "rounded" synonymous?
- Can I tell a MILP solver to prefer solutions with fewer fractions?
- What is the original source of this Sigurimi logo?
- Could a transparent frequency-altering material be possible?
- How do I get my D&D group to engage to a minimum
- A chess engine in Java: generating white pawn moves
- How to achieve punya in our lives and get human birth in next life?
- Can a directed set be empty?