graph view:
InfraNodus
×  ⁝⁝ 
Graph Language Processing Settings:

 
Specify the settings for your text-to-network conversion algorithm for this graph.
Lemmatizer: ?
Every word will be converted to its lemma (e.g. bricks > brick, taken > take) and will be shown on the graph as a node. Set to your language for more precise results. Switch off to turn off lemmatization and add your custom stop words list below.
 
Show on Graph:   Double Brackets [[]]:  Categories and Tags:   
Stop Words: ?
List the words, comma-separated (no spaces), that should not appear in the graph, in addition to your default global stopwords list.
Example: is,the,as,to,in

 
Synonym Nodes: ? unmerge all
If you'd like some words to appear as one node on the graph, in addition to your default global synonyms list, list the synonyms, one per line.
Example:
machine:machine learning
learning:machine learning

 

×  ⁝⁝ 
Dynamic Graph Settings


See the dynamic evolution of this graph: scroll or "play" the text entries to see how the text propagated through the network graph over time.

the final graph

highlight propagation edge
show visible statements only



 
Play the Graph


current speed of the player:
0 2000

one statement at a time


×  ⁝⁝ 
Export the Data


Network Graph Images:

The graph images for publishing on the web or in a journal. For embeds and URLs use the share menu.
PNG (Image)  SVG (Hi-Res)

Visible Statements (Tagged):

Export the currently filtered (visible) statements with all the meta-data tags (topics, sentiment).
CSV (Spreadsheet)   MD (e.g.Obsidian)  

Text Mining Analytics:

Summary of insights from the analytics panel. For specific in-depth exports, see the download button in the Analytics panel.
TXT Analytics Report  CSV Report  N-Grams CSV

Network Graph Data:

The raw data with all the statistics for further analysis in another software.
JSON  CSV  Gexf (Gephi)

All the Text (for backup and duplicating):

Plain text used to create this graph without any meta-data
Download Plain Text (All Statements)
× ⁝⁝ 
Share Graph Image

 
Share a non-interactive image of the graph only, no text:
Download Image Tweet
 
Share Interactive Text Graph

 

 
×  ⁝⁝ 
Save This Graph View:

 

×  ⁝⁝ 
Delete This Graph:

 

×  ⁝⁝ 
Your Project Notes
Interpret graph data, save ideas, AI content, and analytics reports. Add Analytics
Top keywords (global influence):
Top topics (local contexts):
Explore the main topics and terms outlined above or see them in the excerpts from this text below.
See the relevant data in context: click here to show the excerpts from this text that contain these topics below.
Tip: use the form below to save the most relevant keywords for this search query. Or start writing your content and see how it relates to the existing search queries and results.
Tip: here are the keyword queries that people search for but don't actually find in the search results.

Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE- SERVICES chain. Because of this, the HostPort/portmap rule could match incoming traffic even if there were better fitting, more specific service definition rules like NodePorts later in the chain. The issue is fixed in CNI 0.7.5 and Kubernetes 1.11.9, 1.12.7, 1.13.5, and 1.14.0.

   edit   deselect   + to AI

 

CVE-2018-5543 The F5 BIG-IP Controller for Kubernetes 1.0.0-1.5.0 (k8s-bigip-crtl) passes BIG-IP username and password as command line parameters, which may lead to disclosure of the credentials used by the container.

   edit   deselect   + to AI

 

CVE-2018-18264 Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.

   edit   deselect   + to AI

 

CVE-2018-1000400 Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error (CWE-270) vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via container execution. This vulnerability appears to have been fixed in 1.9.

   edit   deselect   + to AI

 

CVE-2017-1002100 Default access permissions for Persistent Volumes (PVs) created by the Kubernetes Azure cloud provider in versions 1.6.0 to 1.6.5 are set to "container" which exposes a URI that can be accessed without authentication on the public internet. Access to the URI string requires privileged access to the Kubernetes cluster or authenticated access to the Azure portal.

   edit   deselect   + to AI

 

CVE-2016-1905 The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object.

   edit   deselect   + to AI

 

@domhalps @SBUCloud: With Ka Wai Leung get a preview of #HPE participation at #RHSummit Boston MA ! Engage the #HPERedHat team on booth #637 #So…

   edit   deselect   + to AI

 

@SBUCloud Pierre Vacherand #CTO @Apalia Switzerland talks about the customer's benefits from a full stack #Automation for… https://t.co/RlDUZHsry0

   edit   deselect   + to AI

 

@SBUCloud @Social_4U: Would you like to take advantage of policy-based provisioning for persistent volume in ? Join @datamattsson at #…

   edit   deselect   + to AI

 

@mulenga29 @lightbend: BIG RELEASE! 🙌 Lightbend Pipelines 1.0.0 now out - build and deploy streaming pipelines with #AkkaStreams, #SparkStreaming,…

   edit   deselect   + to AI

 

@Crypto__graph @rhdevelopers: Whether you're still learning or an experienced or #Kubernetes application #developer, add this #YAML extensio…

   edit   deselect   + to AI

 

@serenamarie125 @KialiProject: Stop scrolling. Don't miss this. Kiali Operator is now available. Sta using it to install Kiali. See how easy it is:…

   edit   deselect   + to AI

 

@EdgeIotAi @NadhanEG: #RHSummit Track Guide for Emerging Technology :: #CTO Chris Wright :: #AI #ML on :: #Edge -- where #5G meets #IoT…

   edit   deselect   + to AI

 

@SlawomirKumka #Kubernetes & #Microservices enabling the Cloud's "Next Frontier" #IBMCloudPrivate https://t.co/bIrSu0pDd7

   edit   deselect   + to AI

 

@nicholas_redhat openshift: #SavetheDate: Commons Gathering co-located with KubeCon in Barcelona, Spain, May 20, 2019.… https://t.co/B0D4yPWdSu

   edit   deselect   + to AI

 

@jamieeduncan @openshift: Planning your Red Hat Summit experience around ? We’ve made it simple for you to find all the best sessions & acti…

   edit   deselect   + to AI

 

@spbreed Deploying Applications to Multiple #Datacenters https://t.co/wkRIUclo0r via @openshift

   edit   deselect   + to AI

 

@kamesh_sampath @couchbase: Virtual event: Join @RedHat this Friday for a @Couchbase on Openshift demo; learn how to run Couchbase deployments natively…

   edit   deselect   + to AI

 

@stefanvoirschot @openshift: Planning your Red Hat Summit experience around ? We’ve made it simple for you to find all the best sessions & acti…

   edit   deselect   + to AI

 

@Social_4U @SBUCloud: Learn how to build an end-to-end #DataAnalytics pipeline to get value from Your #Data with at #RHSummit May 7-9 Bo…

   edit   deselect   + to AI

 

@bentonam @couchbase: Virtual event: Join @RedHat this Friday for a @Couchbase on Openshift demo; learn how to run Couchbase deployments natively…

   edit   deselect   + to AI

 

@JimmyLarroche65 @couchbase: Virtual event: Join @RedHat this Friday for a @Couchbase on Openshift demo; learn how to run Couchbase deployments natively…

   edit   deselect   + to AI

 

@FujioTurner @couchbase: Virtual event: Join @RedHat this Friday for a @Couchbase on Openshift demo; learn how to run Couchbase deployments natively…

   edit   deselect   + to AI

 

@wyly_ellen @1Vizuri: Just one week until our April 25 workshop in Columbia, MD with @RedHatPartners and @sysdig. Learn about transforming applicati…

   edit   deselect   + to AI

 

@gummybaren @couchbase: Virtual event: Join @RedHat this Friday for a @Couchbase on Openshift demo; learn how to run Couchbase deployments natively…

   edit   deselect   + to AI

 

1. The test service 'A' which receives HTTP requests at port 80 has five pods deployed on three nodes.<br>

   edit   deselect   + to AI

 

metadata:

   edit   deselect   + to AI

 

nginx.ingress.kubernetes.io/proxy-next-upstream-tries: "2"

   edit   deselect   + to AI

 

paths:

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

<strong>In the next 3 minutes, about 20% requests were timeout, which is unacceptable in product environment.</strong> </p>

   edit   deselect   + to AI

 

neo4j-core-2 1/1 Running 0 20h

   edit   deselect   + to AI

 

neo4j ClusterIP None &lt;none&gt; 7474/TCP,6362/TCP 20h

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

<p><strong>Whitelabel Error Page

   edit   deselect   + to AI

 

<p>Here is my generate nginx.conf entry for my server</p>

   edit   deselect   + to AI

 

set $proxy_upstream_name "-";

   edit   deselect   + to AI

 

ssl_certificate_key /ingress-controller/ssl/default-payday.pem;

   edit   deselect   + to AI

 

if ($scheme = https) {

   edit   deselect   + to AI

 

set $ingress_name "frontend-routing";

   edit   deselect   + to AI

 

client_max_body_size "1m";

   edit   deselect   + to AI

 

proxy_set_header ssl-client-dn "";

   edit   deselect   + to AI

 

proxy_set_header X-Forwarded-For $the_real_ip;

   edit   deselect   + to AI

 

proxy_set_header X-Scheme $pass_access_scheme;

   edit   deselect   + to AI

 

proxy_set_header Proxy "";

   edit   deselect   + to AI

 

proxy_buffering "off";

   edit   deselect   + to AI

 

proxy_cookie_domain off;

   edit   deselect   + to AI

 

proxy_redirect off;

   edit   deselect   + to AI

 

metadata:

   edit   deselect   + to AI

 

spec:

   edit   deselect   + to AI

 

rules:

   edit   deselect   + to AI

 

backend:

   edit   deselect   + to AI

 

<pre><code>kind: ConfigMap

   edit   deselect   + to AI

 

labels:

   edit   deselect   + to AI

 

use-proxy-protocol: "true"

   edit   deselect   + to AI

 

metadata:

   edit   deselect   + to AI

 

annotations:

   edit   deselect   + to AI

 

selector:

   edit   deselect   + to AI

 

protocol: TCP

   edit   deselect   + to AI

 

<p>org.springframework.security.oauth2.common.exceptions. InvalidRequestException: Possible CSRF detected - state parameter was required but no state could be found</p>

   edit   deselect   + to AI

 

<p>The tutorial does the healthz check by having an nginx instance fronting the API server, which connects to the API server using TLS. The only reason to do this is because the GCP load balancer needs a non-TLS endpoint for the health check. I don't see why using curl directly with TLS shouldn't work. Has something changed in terms of default permissions between the v1.12.0 and v1.13.2 releases?</p>

   edit   deselect   + to AI

 

I installed the necessary namespace for the basic nginx-ingress-controller, I'm running on docker-for-mac.</p>

   edit   deselect   + to AI

 

name: ingress-nginx

   edit   deselect   + to AI

 

targetPort: 80

   edit   deselect   + to AI

 

<p><code>kubectl describe ingress</code> returns:</p>

   edit   deselect   + to AI

 

Rules:

   edit   deselect   + to AI

 

/v23 nginx23:80 (10.1.0.124:80,10.1.0.128:80)

   edit   deselect   + to AI

 

<p>Can you tell what's wrong with this config?</p><p>We have an app that we are trying to move into Istio mesh. One of the services makes requests to <code>metadata.google.internal</code> in order to finish configuring the environment.</p>

   edit   deselect   + to AI

 

name: google-metadata-server

   edit   deselect   + to AI

 

ports:

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

[2019-02-07T15:29:22.886Z] "GET /HTTP/1.1" 404 NR 0 0 0 - "-" "Google-HTTP-Java-Client/1.27.0 (gzip)" "3411a0be-6d29-42f3-b01a-567edf2cc3e2" "169.254.169.254" "-" - - 169.254.169.254:80 10.16.0.29:58794

   edit   deselect   + to AI

 

<p>What I did is to create a simple deployment with Istio, in the same cluster, same namespace, and telnet the metadata server manually:</p>

   edit   deselect   + to AI

 

GET / HTTP/1.1

   edit   deselect   + to AI

 

date: Thu, 07 Feb 2019 16:35:52 GMT

   edit   deselect   + to AI

 

x-envoy-upstream-service-time: 1

   edit   deselect   + to AI

 

<p>I've been experimenting and building my deployment using minikube and I have created a yaml file that will successfully deploy everything locally on minikube without error. You can see the full deployment yaml file here: <a href="https://github.com/mwinteringham/restful-booker-platform/blob/kubes/kubes/deploy.yml" rel="nofollow noreferrer">https://github.com/mwinteringham/restful-booker-platform/blob/kubes/kubes/deploy.yml&lt;/a&gt;&lt;/p&gt;

   edit   deselect   + to AI

 

metadata:

   edit   deselect   + to AI

 

rules:

   edit   deselect   + to AI

 

backend:

   edit   deselect   + to AI

 

serviceName: rbp-room

   edit   deselect   + to AI

 

servicePort: 3002

   edit   deselect   + to AI

 

- path: /auth

   edit   deselect   + to AI

 

backend:

   edit   deselect   + to AI

 

serviceName: rbp-ui

   edit   deselect   + to AI

 

<li>I have left the deployment run for approx. 10 minutes to make sure the initial startup 404s are done</li>

   edit   deselect   + to AI

 

<p><a href="https://github.com/innostarterkit/language" rel="nofollow noreferrer">https://github.com/innostarterkit/language&lt;/a&gt;&lt;/p&gt;

   edit   deselect   + to AI

 

[==================================================>] 61.12MB/61.12MB

   edit   deselect   + to AI

 

9dfa40a0da3b: Layer already exists error parsing HTTP 408 response

   edit   deselect   + to AI

 

body{background:url(//www.google.com/images/errors/robot.png) 100% 5px

   edit   deselect   + to AI

 

no-repeat;margin-left:-5px}@media only screen and

   edit   deselect   + to AI

 

(-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png)

   edit   deselect   + to AI

 

request. That’s all we know.\n"</p>

   edit   deselect   + to AI

 

<p>Daniel</p><p>I'm trying to change the <code>client_max_body_size</code> value, so my nginx ingress will not return 413 error. </p>

   edit   deselect   + to AI

 

data:

   edit   deselect   + to AI

 

hsts-include-subdomains: "false"

   edit   deselect   + to AI

 

name: nginx-configuration

   edit   deselect   + to AI

 

<p>These changes has no effect at all, after loading it, in the nginx controller log I can see the information about reloading config map, but the values in nginx.conf are the same: </p>

   edit   deselect   + to AI

 

client_max_body_size "1m";

   edit   deselect   + to AI

 

client_max_body_size "1m";

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

name = "******"

   edit   deselect   + to AI

 

password = "******"

   edit   deselect   + to AI

 

token = "t0k3n"

   edit   deselect   + to AI

 

region = "us-east1"

   edit   deselect   + to AI

 

<pre><code>2019-01-09T14:35:07.384-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: 2019/01/09 14:35:07 [DEBUG] Google API Request Details:

   edit   deselect   + to AI

 

2019-01-09T14:35:07.384-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: Content-Length: 584

   edit   deselect   + to AI

 

2019-01-09T14:35:07.384-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: "cluster": {

   edit   deselect   + to AI

 

2019-01-09T14:35:07.384-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: "legacyAbac": {

   edit   deselect   + to AI

 

2019-01-09T14:35:07.384-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: "username": "****"

   edit   deselect   + to AI

 

2019-01-09T14:35:07.384-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: "oauthScopes": [

   edit   deselect   + to AI

 

2019-01-09T14:35:07.384-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: "https://www.googleapis.com/auth/servicecontrol",

   edit   deselect   + to AI

 

2019-01-09T14:35:07.384-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: }

   edit   deselect   + to AI

 

2019-01-09T14:35:07.521-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: HTTP/2.0 500 Internal Server Error

   edit   deselect   + to AI

 

2019-01-09T14:35:07.521-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: Server: ESF

   edit   deselect   + to AI

 

2019-01-09T14:35:07.522-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: X-Frame-Options: SAMEORIGIN

   edit   deselect   + to AI

 

2019-01-09T14:35:07.522-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: "code": 500,

   edit   deselect   + to AI

 

2019-01-09T14:35:07.522-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: "domain": "global",

   edit   deselect   + to AI

 

2019-01-09T14:35:07.522-0500 [DEBUG] plugin.terraform-provider-google_v1.20.0_x4.exe: }

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

HTTP/2.0 500 Internal Server Error

   edit   deselect   + to AI

 

Server: ESF

   edit   deselect   + to AI

 

X-Frame-Options: SAMEORIGIN

   edit   deselect   + to AI

 

"errors": [

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

kind: Service

   edit   deselect   + to AI

 

selector:

   edit   deselect   + to AI

 

port: 8080

   edit   deselect   + to AI

 

metadata:

   edit   deselect   + to AI

 

metadata:

   edit   deselect   + to AI

 

- name: my-service

   edit   deselect   + to AI

 

imagePullSecrets:

   edit   deselect   + to AI

 

kind: Ingress

   edit   deselect   + to AI

 

spec:

   edit   deselect   + to AI

 

backend:

   edit   deselect   + to AI

 

<p>My minikube is running under ip 192.168.99.100 and when I tried to access my application with address: curl 192.168.99.100:80/myservice, I got 502 Bad Gateway.</p>

   edit   deselect   + to AI

 

<p>No updates/changes has been made to cluster or pods. All pods are green and working and all hosts are healty. Everything has been working for more then 2 weeks until this morning.</p>

   edit   deselect   + to AI

 

<blockquote>

   edit   deselect   + to AI

 

sudo apt-get install curl

   edit   deselect   + to AI

 

export LANG=en_US.UTF-8

   edit   deselect   + to AI

 

export AWS_S3_BUCKET=my.s3.bucket.kube

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

Resolving storage.googleapis.com (storage.googleapis.com)... 74.125.29.128, 2607:f8b0:400d:c03::80

   edit   deselect   + to AI

 

100%[======================================&gt;] 496,696,744 57.4MB/s in 8.2s

   edit   deselect   + to AI

 

... calling verify-prereqs

   edit   deselect   + to AI

 

usage: aws [options] &lt;command&gt; &lt;subcommand&gt; [parameters]

   edit   deselect   + to AI

 

<p>The s3 bucket does get created.</p>

   edit   deselect   + to AI

 

<li>notebook server running on 192.168.0.0/24&lt;/li&gt;

   edit   deselect   + to AI

 

<p>The workers are able to connect to the scheduler, but in the scheduler I get a errors of the form </p>

   edit   deselect   + to AI

 

<p>I set up the <code>kube</code> cluster using <code>kops</code>.</p>

   edit   deselect   + to AI

 

<p>However, the combination of Kubernetes pod networking, and Docker-in-Docker results in the following when trying to push to gcr:</p>

   edit   deselect   + to AI

 

time="2018-03-19T03:31:17.410403394Z" level=error msg="Upload failed, retrying: net/http: HTTP/1.x transport connection broken: write tcp w.x.y.z:39662-&gt;z.y.x.w:443: write: broken pipe"

   edit   deselect   + to AI

 

<p>Here are the docker commands being ran. Obviously the sensitive data has been omitted.</p>

   edit   deselect   + to AI

 

<p>The <code>jules -stage deploy_docker</code> command runs a <code>go build</code>, <code>docker build</code>, and then <code>gcloud docker -- push...</code> on 8 different directories simultaneously.</p>

   edit   deselect   + to AI

 

<hr>

   edit   deselect   + to AI

 

<p>I get <code>Error: unknown flag: --name</code>.</p>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

kube-apiserver-master 1/1 Running 0 2m

   edit   deselect   + to AI

 

kube-scheduler-master 1/1 Running 0 2m

   edit   deselect   + to AI

 

kube-dns 172.17.0.2:53,172.17.0.2:53 3m

   edit   deselect   + to AI

 

kubernetes.io/cluster-service=true

   edit   deselect   + to AI

 

IP: 10.96.0.10

   edit   deselect   + to AI

 

TargetPort: 53/TCP

   edit   deselect   + to AI

 

<p>The <code>172.17.0.2</code> is the IP address assigned by docker bridge (<code>docker0</code>) for <code>kube-dns</code> container. On working k8s network setup, the <code>kube-dns</code> should have endpoints with address from <code>podSubnet</code> (<code>10.244.0.0/16&lt;/code&gt;). </p>

   edit   deselect   + to AI

 

producer Deployment/producer &lt;unknown&gt;/1% 1 3 1 42m

   edit   deselect   + to AI

 

metadata:

   edit   deselect   + to AI

 

labels:

   edit   deselect   + to AI

 

strategy: {}

   edit   deselect   + to AI

 

io.kompose.service: producer

   edit   deselect   + to AI

 

ports:

   edit   deselect   + to AI

 

- name: mongoHost

   edit   deselect   + to AI

 

requests:

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

<p>I have tried setting the <code>horizontal-pod-autoscaler-use-rest-clients=false</code> for <code>kube-controller-manager</code>, still facing the same issue. </p>`kubectl get hpa` showing targets as unknown and not autoscaling the pod when the load is increased?<p>I am not able to see any log output when deploying a very simple Pod:</p>

   edit   deselect   + to AI

 

name: counter

   edit   deselect   + to AI

 

args: [/bin/sh, -c,

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

Namespace: default

   edit   deselect   + to AI

 

Status: Running

   edit   deselect   + to AI

 

Image: busybox

   edit   deselect   + to AI

 

/bin/sh

   edit   deselect   + to AI

 

Ready: True

   edit   deselect   + to AI

 

Conditions:

   edit   deselect   + to AI

 

Volumes:

   edit   deselect   + to AI

 

QoS Class: BestEffort

   edit   deselect   + to AI

 

Type Reason Age From Message

   edit   deselect   + to AI

 

Normal Created 16m kubelet, ip-10-0-0-43.ec2.internal Created container

   edit   deselect   + to AI

 

</code></pre>`kubectl logs counter` not showing any output following official Kubernetes example<p>I try to run on any Kube slave node:</p>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

ip-10-43-0-11 656m 32% 1736Mi 47%

   edit   deselect   + to AI

 

<p>Ok, what I should do? give permissions to the <code>system:node</code> group I suppose</p>

   edit   deselect   + to AI

 

<pre><code>$ kubectl describe clusterrole system:node

   edit   deselect   + to AI

 

Resources Non-Resource URLs Resource Names Verbs

   edit   deselect   + to AI

 

nodes [] [] [create get list watch delete patch update]

   edit   deselect   + to AI

 

pods/eviction [] [] [create]

   edit   deselect   + to AI

 

tokenreviews.authentication.k8s.io [] [] [create]

   edit   deselect   + to AI

 

<p>Now:</p>

   edit   deselect   + to AI

 

PolicyRule:

   edit   deselect   + to AI

 

<p>Only way that it works is:</p>

   edit   deselect   + to AI

 

apiVersion: rbac.authorization.k8s.io/v1beta1

   edit   deselect   + to AI

 

- apiGroups: [""]

   edit   deselect   + to AI

 

apiVersion: rbac.authorization.k8s.io/v1beta1

   edit   deselect   + to AI

 

name: system:node:ip-10-43-0-13

   edit   deselect   + to AI

 

apiGroup: rbac.authorization.k8s.io

   edit   deselect   + to AI

 

Client Version: version.Info{Major:"1", Minor:"7", GitVersion:"v1.7.4", GitCommit:"793658f2d7ca7f064d2bdf606519f9fe1229c381", GitTreeState:"clean", BuildDate:"2017-08-17T08:48:23Z", GoVersion:"go1.8.3", Compiler:"gc", Platform:"linux/amd64"}

   edit   deselect   + to AI

 

<p>During some of these relatively large builds, I am intermittently (~every other build) seeing a build pod become evicted, using <code>kubectl describe pod &lt;podname&gt;</code> I can investigate and I've noticed that the pod is evicted due to the following: </p>

   edit   deselect   + to AI

 

Node: ip-192-168-66-176.eu-west-1.compute.internal/

   edit   deselect   + to AI

 

Status: Failed

   edit   deselect   + to AI

 

maven:

   edit   deselect   + to AI

 

/bin/sh

   edit   deselect   + to AI

 

cpu: 1

   edit   deselect   + to AI

 

Environment:

   edit   deselect   + to AI

 

GIT_COMMITTER_EMAIL: jenkins-x@googlegroups.com

   edit   deselect   + to AI

 

XDG_CONFIG_HOME: /home/jenkins

   edit   deselect   + to AI

 

/home/jenkins/.docker from volume-2 (rw)

   edit   deselect   + to AI

 

jnlp:

   edit   deselect   + to AI

 

131c407141521c0842f62a69004df926be6cb531f9318edf0885aeb96b0662b4

   edit   deselect   + to AI

 

Environment:

   edit   deselect   + to AI

 

GIT_COMMITTER_EMAIL: jenkins-x@googlegroups.com

   edit   deselect   + to AI

 

XDG_CONFIG_HOME: /home/jenkins

   edit   deselect   + to AI

 

/home/jenkins/.docker from volume-2 (rw)

   edit   deselect   + to AI

 

Volumes:

   edit   deselect   + to AI

 

volume-2:

   edit   deselect   + to AI

 

Type: Secret (a volume populated by a Secret)

   edit   deselect   + to AI

 

Medium:

   edit   deselect   + to AI

 

jenkins-token-smvvp:

   edit   deselect   + to AI

 

Node-Selectors: &lt;none&gt;

   edit   deselect   + to AI

 

Normal Created 7m kubelet, ip-192-168-66-176.eu-west-1.compute.internal Created container

   edit   deselect   + to AI

 

Normal SuccessfulMountVolume 7m kubelet, ip-192-168-66-176.eu-west-1.compute.internal MountVolume.SetUp succeeded for volume "volume-3"

   edit   deselect   + to AI

 

Normal Pulled 7m kubelet, ip-192-168-66-176.eu-west-1.compute.internal Container image "jenkinsci/jnlp-slave:3.14-1" already present on machine

   edit   deselect   + to AI

 

Normal Killing 5m kubelet, ip-192-168-66-176.eu-west-1.compute.internal Killing container with id docker://maven:Need to kill Pod

   edit   deselect   + to AI

 

kubectl delete gateway istio-system-gateway -n istio-system

   edit   deselect   + to AI

 

<p>I have tried to reinstall istio following this <a href="https://cloud.google.com/kubernetes-engine/docs/tutorials/installing-istio" rel="nofollow noreferrer">https://cloud.google.com/kubernetes-engine/docs/tutorials/installing-istio&lt;/a&gt;.

   edit   deselect   + to AI

 

- cluster:

   edit   deselect   + to AI

 

certificate-authority-data: REDACTED

   edit   deselect   + to AI

 

server: https://139.54.130.49:32046

   edit   deselect   + to AI

 

namespace: default

   edit   deselect   + to AI

 

user: federation

   edit   deselect   + to AI

 

user: kubectl

   edit   deselect   + to AI

 

user: kubernetes-admins1

   edit   deselect   + to AI

 

users:

   edit   deselect   + to AI

 

token: e7506989-42eb-11e8-bf70-fa163eb593a3

   edit   deselect   + to AI

 

- name: kubectl

   edit   deselect   + to AI

 

user:

   edit   deselect   + to AI

 

where am I going wrong ? </p>

   edit   deselect   + to AI

 

Annotations: federation.kubernetes.io/cluster-role-name=federation-controller-manager:federation-site-1-default-context

   edit   deselect   + to AI

 

Creation Timestamp: 2018-04-22T17:37:40Z

   edit   deselect   + to AI

 

Secret Ref:

   edit   deselect   + to AI

 

Status:

   edit   deselect   + to AI

 

Reason: ClusterNotReachable

   edit   deselect   + to AI

 

<code>$ which ssh-agent || ( apt-get update -y &amp;&amp; apt-get install openssh-client -y )

   edit   deselect   + to AI

 

Enter passphrase for /dev/fd/63: ERROR: Job failed: exit code 1</code>

   edit   deselect   + to AI

 

<p>This works fine on a larger level, but I lose the ability to use role and claims based authorization since I do not have the authentication set up in my app specifically.</p>

   edit   deselect   + to AI

 

"IncludeScopes": true,

   edit   deselect   + to AI

 

"Console": {

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

.ConfigureAppConfiguration((hostingContext, config) =&gt;

   edit   deselect   + to AI

 

var appAssembly = Assembly.Load(new AssemblyName(env.ApplicationName));

   edit   deselect   + to AI

 

config.AddCommandLine(args);

   edit   deselect   + to AI

 

.UseDefaultServiceProvider((context, options) =&gt;

   edit   deselect   + to AI

 

<p>Example of logging in other classes:</p>

   edit   deselect   + to AI

 

(message, certificate, chain, errors) =&gt; true;

   edit   deselect   + to AI

 

- cluster:

   edit   deselect   + to AI

 

<p>I have a very simple EventHubClient app. It will just listen to an EventHub messages.</p>

   edit   deselect   + to AI

 

// Init Mapper

   edit   deselect   + to AI

 

EventHubPath,

   edit   deselect   + to AI

 

// Registers the Event Processor Host and starts receiving messages

   edit   deselect   + to AI

 

<p><strong>Kubernetes Manifest file (.yaml):</strong></p>

   edit   deselect   + to AI

 

spec:

   edit   deselect   + to AI

 

template:

   edit   deselect   + to AI

 

containers:

   edit   deselect   + to AI

 

imagePullSecrets:

   edit   deselect   + to AI

 

historysvc-deployment-558fc5649f-bln8f 0/1 CrashLoopBackOff 17 1h

   edit   deselect   + to AI

 

Namespace: default

   edit   deselect   + to AI

 

Annotations: &lt;none&gt;

   edit   deselect   + to AI

 

historysvc:

   edit   deselect   + to AI

 

State: Terminated

   edit   deselect   + to AI

 

Last State: Terminated

   edit   deselect   + to AI

 

Ready: False

   edit   deselect   + to AI

 

Conditions:

   edit   deselect   + to AI

 

Volumes:

   edit   deselect   + to AI

 

QoS Class: BestEffort

   edit   deselect   + to AI

 

Type Reason Age From Message

   edit   deselect   + to AI

 

Normal Started 6s (x5 over 1m) kubelet, aks-nodepool1-81522366-0 Started container

   edit   deselect   + to AI

 

<p><strong>UPDATE 1</strong></p>

   edit   deselect   + to AI

 

Start Time: Tue, 24 Jul 2018 10:15:37 +0200

   edit   deselect   + to AI

 

IP: 10.244.0.12

   edit   deselect   + to AI

 

Image: vncont.azurecr.io/historysvc:v1

   edit   deselect   + to AI

 

Last State: Terminated

   edit   deselect   + to AI

 

Ready: False

   edit   deselect   + to AI

 

Conditions:

   edit   deselect   + to AI

 

Volumes:

   edit   deselect   + to AI

 

QoS Class: BestEffort

   edit   deselect   + to AI

 

Type Reason Age From Message

   edit   deselect   + to AI

 

<pre><code>docker run &lt;image&gt;

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

<pre><code>NAME REFERENCE TARGETS MINPODS MAXPODS REPLICAS AGE

   edit   deselect   + to AI

 

Client Version: version.Info{Major:"1", Minor:"8", GitVersion:"v1.8.6", GitCommit:"6260bb08c46c31eea6cb538b34a9ceb3e406689c", GitTreeState:"clean", BuildDate:"2017-12-21T06:34:11Z", GoVersion:"go1.8.3", Compiler:"gc", Platform:"darwin/amd64"}

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

<li><a href="https://stackoverflow.com/questions/50437947/azure-microsoft-compute-resource-provider-stuck-registering-for-about-a-day">Azure: Microsoft.Compute resource provider stuck &#39;Registering&#39; for about a day</a></li>

   edit   deselect   + to AI

 

from within Azure), the provider takes an exorbitantly long time to

   edit   deselect   + to AI

 

<p>The following command should register Microsoft.Compute in a timely manner:</p>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

<p>Other Providers that Registered Successfully:</p>

   edit   deselect   + to AI

 

</ul>

   edit   deselect   + to AI

 

<h2>Other Background:</h2>

   edit   deselect   + to AI

 

This is where my situation diverges from the above question. When unregistering the component with:

   edit   deselect   + to AI

 

<p>This is different from the user over here who then gets Stuck / Hangs at Un-Registering, as opposed to failing with the above message when attempting to unregister (<a href="https://stackoverflow.com/questions/50437947/azure-microsoft-compute-resource-provider-stuck-registering-for-about-a-day">Azure: Microsoft.Compute resource provider stuck &#39;Registering&#39; for about a day</a>)</p>

   edit   deselect   + to AI

 

<p><code>gcloud auth activate-service-account --key-file=key-file.json</code></p>

   edit   deselect   + to AI

 

<p>My question (to MS and anyone else) is: Why is this issue occurring and what work around can be implemented by the users / customers themselves as opposed to by Microsoft Support?</p>

   edit   deselect   + to AI

 

<li><a href="https://stackoverflow.com/questions/48761952/cant-contact-our-azure-aks-kube-tls-handshake-timeout">Can&#39;t contact our Azure-AKS kube - TLS handshake timeout</a></li>

   edit   deselect   + to AI

 

<li><a href="https://github.com/Azure/AKS/issues/112" rel="noreferrer">https://github.com/Azure/AKS/issues/112&lt;/a&gt;&lt;/li&gt;

   edit   deselect   + to AI

 

</ol>

   edit   deselect   + to AI

 

<h2>TL;DR</h2>

   edit   deselect   + to AI

 

<p>You can also try scaling your Cluster (assuming that doesn't break your app).</p>

   edit   deselect   + to AI

 

</ol>

   edit   deselect   + to AI

 

<p>The node(s) on my impacted cluster look like this:</p>

   edit   deselect   + to AI

 

<p>To the above point, here are the metrics the same Node after Scaling up and then back down (which happened to alleviate our issue, but does not always work — see answers at bottom):</p>

   edit   deselect   + to AI

 

<p>Zimmergren over on GitHub indicates that he has less issues with larger instances than he did running bare bones smaller nodes. This makes sense to me and could indicate that the way the AKS servers divy up the workload (see next section) could be based on the size of the instances.</p>

   edit   deselect   + to AI

 

<li>giorgited (<a href="https://github.com/Azure/AKS/issues/268#issuecomment-376390692" rel="noreferrer">https://github.com/Azure/AKS/issues/268#issuecomment-376390692&lt;/a&gt;)</li>

   edit   deselect   + to AI

 

<h2>Existence of Multiple AKS Management 'Servers' in one Az Region</h2>

   edit   deselect   + to AI

 

</blockquote>

   edit   deselect   + to AI

 

<p>Both of our Clusters are running identical ingresses, services, pods, containers so it is also unlikely that anything a user is doing causes this problem to crop up.</p>

   edit   deselect   + to AI

 

<p>That said...</p>

   edit   deselect   + to AI

 

</blockquote>

   edit   deselect   + to AI

 

</ol>

   edit   deselect   + to AI

 

<li><a href="https://stackoverflow.com/questions/47481022/tls-handshake-timeout-with-kubernetes-in-gke?rq=1">TLS handshake timeout with kubernetes in GKE</a></li>

   edit   deselect   + to AI

 

var reflectorDisambiguator = int64(time.Now().UnixNano() % 12345)

   edit   deselect   + to AI

 

<li><p>There is a svc running in k8s cluster which use nodeport 30003</p></li>

   edit   deselect   + to AI

 

</ol>

   edit   deselect   + to AI

 

<p>Please see error below from the console:</p>

   edit   deselect   + to AI

 

<p>How can I solve this error?</p><p>so I've deployed a GRPC service to GKE and <strong>confirmed it works by connecting and making calls in python</strong>... but my goal is to create a front end web app rather than just use python.</p>

   edit   deselect   + to AI

 

<p>Using <em>ingress-nginx 0.20.0</em> which is built on top of <em>NGINX 1.15.5</em> I have the following ingress object.</p>

   edit   deselect   + to AI

 

annotations:

   edit   deselect   + to AI

 

nginx.ingress.kubernetes.io/enable-access-log: "false"

   edit   deselect   + to AI

 

spec:

   edit   deselect   + to AI

 

- backend:

   edit   deselect   + to AI

 

- hosts:

   edit   deselect   + to AI

 

<pre><code>server {

   edit   deselect   + to AI

 

listen 443 ssl http2;

   edit   deselect   + to AI

 

ssl_trusted_certificate /etc/ingress-controller/ssl/monitoring-kb-kibana-tls-full-chain.pem;

   edit   deselect   + to AI

 

# ngx_auth_request module overrides variables in the parent request,

   edit   deselect   + to AI

 

proxy_set_header Content-Length "";

   edit   deselect   + to AI

 

proxy_set_header X-Real-IP $the_real_ip;

   edit   deselect   + to AI

 

proxy_buffers 4 4k;

   edit   deselect   + to AI

 

client_max_body_size 10m;

   edit   deselect   + to AI

 

set $namespace "monitoring";

   edit   deselect   + to AI

 

rewrite_by_lua_block {

   edit   deselect   + to AI

 

if ($scheme = https) {

   edit   deselect   + to AI

 

<pre><code>{"proxy_protocol_addr": "","remote_addr": "xxx.xxx.xxx.xx", "proxy_add_x_forwarded_for": "xxx.xxx.xxx.xx, xxx.xxx.xxx.xx", "remote_user": "", "time_local": "21/Nov/2018:09:53:39 +0000", "request" : "GET / HTTP/1.1", "status": "202", "body_bytes_sent": "0", "http_referer": "", "http_user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36", "request_length" : "0", "request_time": "0.004", "proxy_upstream_name": "monitoring-kb-kibana-5601", "upstream_addr": "xxx.xxx.xxx.xx:4180", "upstream_response_length": "0", "upstream_response_time": "0.003", "upstream_status": "202", "request_body": "", "http_authorization": ""}

   edit   deselect   + to AI

 

{"proxy_protocol_addr": "","remote_addr": "xxx.xxx.xxx.xx", "proxy_add_x_forwarded_for": "xxx.xxx.xxx.xx, xxx.xxx.xxx.xx", "remote_user": "", "time_local": "21/Nov/2018:09:53:43 +0000", "request" : "GET /plugins/kibana/assets/settings.svg HTTP/1.1", "status": "202", "body_bytes_sent": "0", "http_referer": "https://kibana.test.com/app/kibana", "http_user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36", "request_length" : "0", "request_time": "0.029", "proxy_upstream_name": "monitoring-kb-kibana-5601", "upstream_addr": "xxx.xxx.xxx.xx:4180", "upstream_response_length": "0", "upstream_response_time": "0.030", "upstream_status": "202", "request_body": "", "http_authorization": ""}

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

<li><p>Run Prometheus as a docker container outside of kubernetes. To accomplish this I have created this Dockerfile:</p>

   edit   deselect   + to AI

 

<pre><code>global:

   edit   deselect   + to AI

 

- job_name: 'kubernetes-apiservers'

   edit   deselect   + to AI

 

kubernetes_sd_configs:

   edit   deselect   + to AI

 

<pre><code>Failed to list *v1.Pod: Get http://localhost:443/api/v1/pods?limit=500&amp;amp;resourceVersion=0: dial tcp 127.0.0.1:443: connect: connection refused"

   edit   deselect   + to AI

 

<li><p>I thought deploying Prometheus as a Kubernetes deployment may help, so I made this yaml and deployed it.</p>

   edit   deselect   + to AI

 

spec:

   edit   deselect   + to AI

 

metadata:

   edit   deselect   + to AI

 

- name: prometheus-monitor

   edit   deselect   + to AI

 

ports:

   edit   deselect   + to AI

 

</ol>

   edit   deselect   + to AI

 

* Trying 127.0.0.1...

   edit   deselect   + to AI

 

&gt; Accept: */*

   edit   deselect   + to AI

 

&lt; Content-Length: 37

   edit   deselect   + to AI

 

* Closing connection 0*

   edit   deselect   + to AI

 

* TCP_NODELAY set

   edit   deselect   + to AI

 

&gt; Accept: */*

   edit   deselect   + to AI

 

<p>My Cluster IP is 184.173.44.62 and my service node port is 30484.

   edit   deselect   + to AI

 

Name: sunlife-analystrating-deployment

   edit   deselect   + to AI

 

Selector: app=sunlife-analystrating-deployment

   edit   deselect   + to AI

 

Pod Template:

   edit   deselect   + to AI

 

Port: 5002/TCP

   edit   deselect   + to AI

 

Type Status Reason

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

Labels: component=apiserver

   edit   deselect   + to AI

 

IP: 172.21.0.1

   edit   deselect   + to AI

 

Events: &lt;none&gt;

   edit   deselect   + to AI

 

Selector: app=sunlife-analystrating-deployment

   edit   deselect   + to AI

 

NodePort: &lt;unset&gt; 30484/TCP

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

response="Hello World"

   edit   deselect   + to AI

 

</code></pre><p>I tried to create a <code>LoadBalancer</code> service on an AKS cluster with </p>

   edit   deselect   + to AI

 

app: myapp

   edit   deselect   + to AI

 

protocol: TCP

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

eating load balancer (will retry): failed to ensure load balancer for service defaul

   edit   deselect   + to AI

 

ts.windows.net/&amp;lt;token 2&gt;/' associated with this subscription. Please use the authori

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

</blockquote>

   edit   deselect   + to AI

 

<li>expose the pod as a clusterIP service and dump my tables onto the database</li>

   edit   deselect   + to AI

 

<blockquote>

   edit   deselect   + to AI

 

mysqlRootPassword=xxx,mysqlUser=xxx,mysqlPassword=xxx, \

   edit   deselect   + to AI

 

<p>I am deploying my wordpress app and nginx containers in one pod, for mutual persistent volume use. The deployment yaml looks like this:</p>

   edit   deselect   + to AI

 

name: wordpress

   edit   deselect   + to AI

 

selector:

   edit   deselect   + to AI

 

labels:

   edit   deselect   + to AI

 

name: nginx

   edit   deselect   + to AI

 

value: mysql:3306

   edit   deselect   + to AI

 

secretKeyRef:

   edit   deselect   + to AI

 

- containerPort: 80

   edit   deselect   + to AI

 

mountPath: "/etc/nginx/conf.d"

   edit   deselect   + to AI

 

value: mysql:3306

   edit   deselect   + to AI

 

secretKeyRef:

   edit   deselect   + to AI

 

- name: MY_WP_SITEURL

   edit   deselect   + to AI

 

value: "true"

   edit   deselect   + to AI

 

mountPath: /var/www/html

   edit   deselect   + to AI

 

- name: wp-config

   edit   deselect   + to AI

 

path: wp.conf

   edit   deselect   + to AI

 

<p>For reference, my config file is as follows:

   edit   deselect   + to AI

 

root /var/www/html;

   edit   deselect   + to AI

 

types {

   edit   deselect   + to AI

 

fastcgi_split_path_info ^(.+\.php)(/.+)$;

   edit   deselect   + to AI

 

fastcgi_param PATH_INFO $fastcgi_path_info;

   edit   deselect   + to AI

 

<ul>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

- port: 80

   edit   deselect   + to AI

 

targetPort: 443

   edit   deselect   + to AI

 

<p>Here are some logs in case it can tell anything about the problem (I couldn't find much with that regards):</p>

   edit   deselect   + to AI

 

Warning: Unable to load '/usr/share/zoneinfo/iso3166.tab' as time zone. Skipping it.<br>

   edit   deselect   + to AI

 

mysql: [Warning] Using a password on the command line interface can be insecure.<br>

   edit   deselect   + to AI

 

<p>[11:15:03 +0000] "GET /robots.txt HTTP/1.1" 500 262 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +<a href="http://www.google.com/bot.html" rel="nofollow noreferrer">http://www.google.com/bot.html&lt;/a&gt;)"<br>

   edit   deselect   + to AI

 

<p><strong>Wordpress container logs</strong></p>

   edit   deselect   + to AI

 

<p>I personally think there is something simple missing here, but I haven't been able to point it out in the past few days. Anyone know what I'm missing here?</p><p>When I use this command: "kubectl get nodes" I get the below errors:</p>

   edit   deselect   + to AI

 

<p><strong>Environment</strong>

   edit   deselect   + to AI

 

<p><strong>Incident instance timeline</strong></p>

   edit   deselect   + to AI

 

*The affected node is healthy according to Kubernetes. Looking with kubectl describe nodes, the affected node has more than enough resources to run pods</li>

   edit   deselect   + to AI

 

Mar 16 08:29:54 ip-172-20-85-48 kubelet[1346]: I0316 08:29:54.512934 1346 reconciler.go:217] operationExecutor.VerifyControllerAttachedVolume started for volume "ssl-certs" (UniqueName: "kubernetes.io/secret/8ead64a3-28f3-11e8-b520-025c267c6ea8-ssl-certs") pod "broker-0" (UID: "8ead64a3-28f3-11e8-b520-025c267c6ea8")

   edit   deselect   + to AI

 

Mar 16 08:29:54 ip-172-20-85-48 kubelet[1346]: I0316 08:29:54.613329 1346 reconciler.go:262] operationExecutor.MountVolume started for volume "broker-prometheus-config" (UniqueName: "kubernetes.io/configmap/8ead64a3-28f3-11e8-b520-025c267c6ea8-broker-prometheus-config") pod "broker-0" (UID: "8ead64a3-28f3-11e8-b520-025c267c6ea8")

   edit   deselect   + to AI

 

Mar 16 08:29:54 ip-172-20-85-48 kubelet[1346]: I0316 08:29:54.616720 1346 operation_generator.go:522] MountVolume.SetUp succeeded for volume "broker-prometheus-config" (UniqueName: "kubernetes.io/configmap/8ead64a3-28f3-11e8-b520-025c267c6ea8-broker-prometheus-config") pod "broker-0" (UID: "8ead64a3-28f3-11e8-b520-025c267c6ea8")

   edit   deselect   + to AI

 

Mar 16 08:29:55 ip-172-20-85-48 kubelet[1346]: I0316 08:29:55.014972 1346 reconciler.go:217] operationExecutor.VerifyControllerAttachedVolume started for volume "pvc-b673d6da-26e3-11e8-aa99-02cd3728faaa" (UniqueName: "kubernetes.io/aws-ebs/aws://eu-central-1b/vol-04145a1c9d1a26280") pod "broker-0" (UID: "8ead64a3-28f3-11e8-b520-025c267c6ea8")

   edit   deselect   + to AI

 

Mar 16 08:29:58 ip-172-20-85-48 kubelet[1346]: E0316 08:29:58.023871 1346 nestedpendingoperations.go:263] Operation for "\"kubernetes.io/aws-ebs/aws://eu-central-1b/vol-04145a1c9d1a26280\"" failed. No retries permitted until 2018-03-16 08:30:02.023814124 +0000 UTC m=+40.875939520 (durationBeforeRetry 4s). Error: "Volume has not been added to the list of VolumesInUse in the node's volume status for volume \"pvc-b673d6da-26e3-11e8-aa99-02cd3728faaa\" (UniqueName: \"kubernetes.io/aws-ebs/aws://eu-central-1b/vol-04145a1c9d1a26280\") pod \"broker-0\" (UID: \"8ead64a3-28f3-11e8-b520-025c267c6ea8\") "

   edit   deselect   + to AI

 

Mar 16 08:30:10 ip-172-20-85-48 kubelet[1346]: I0316 08:30:10.156111 1346 reconciler.go:262] operationExecutor.MountVolume started for volume "pvc-b673d6da-26e3-11e8-aa99-02cd3728faaa" (UniqueName: "kubernetes.io/aws-ebs/aws://eu-central-1b/vol-04145a1c9d1a26280") pod "broker-0" (UID: "8ead64a3-28f3-11e8-b520-025c267c6ea8")

   edit   deselect   + to AI

 

Mar 16 08:30:12 ip-172-20-85-48 kubelet[1346]: I0316 08:30:12.672408 1346 kuberuntime_manager.go:385] No sandbox for pod "broker-0(8ead64a3-28f3-11e8-b520-025c267c6ea8)" can be found. Need to start a new one

   edit   deselect   + to AI

 

Mar 16 08:34:12 ip-172-20-85-48 kubelet[1346]: E0316 08:34:12.673020 1346 pod_workers.go:186] Error syncing pod 8ead64a3-28f3-11e8-b520-025c267c6ea8 ("broker-0(8ead64a3-28f3-11e8-b520-025c267c6ea8)"), skipping: failed to "CreatePodSandbox" for "broker-0(8ead64a3-28f3-11e8-b520-025c267c6ea8)" with CreatePodSandboxError: "CreatePodSandbox for pod \"broker-0(8ead64a3-28f3-11e8-b520-025c267c6ea8)\" failed: rpc error: code = DeadlineExceeded desc = context deadline exceeded"

   edit   deselect   + to AI

 

<li><p>Reproduced the problem with another pod (adapter-mqtt-vertx) by forcing it to be rescheduled on the "affected node" AFTER docker daemon and kubelet restart, produces similar result</p></li>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

.withNewMetadata()

   edit   deselect   + to AI

 

.withReplicas(1)

   edit   deselect   + to AI

 

.withNewSpec()

   edit   deselect   + to AI

 

.addNewContainer()

   edit   deselect   + to AI

 

.endTemplate()

   edit   deselect   + to AI

 

<p>I have checked:</p>

   edit   deselect   + to AI

 

<li>that there aren't any name conflicts / etc. in minikube. I delete the deployments, replica sets, and pods between attempts, and I recreate the namespace, just to be safe. However, I've found that it doesn't make a difference which I do, as my code cleans up existing pods/replica sets/deployments as needed</li>

   edit   deselect   + to AI

 

<li>run kubernetes locally (as opposed to minikube), as the AUR package for kubernetes takes an unbelievably long time to build on my machine</li>

   edit   deselect   + to AI

 

Error syncing pod, skipping: failed to "StartContainer" for "YYY" with ImageInspectError: "Failed to inspect image \"registry_domain/XXX/YYY:latest\": Id or size of image \"registry_domain/XXX/YYY:latest\" is not set"

   edit   deselect   + to AI

 

<p>Looking up the error message provided leads me to <a href="https://github.com/kubernetes/minikube/issues/947" rel="nofollow noreferrer">https://github.com/kubernetes/minikube/issues/947&lt;/a&gt;, but this is not the same issue, as <code>kube-dns</code> is working as expected. This is the only relevant search result, as the other results that come up are </p>

   edit   deselect   + to AI

 

</ul>

   edit   deselect   + to AI

 

<pre><code>kind: StorageClass

   edit   deselect   + to AI

 

volumeBindingMode: WaitForFirstConsumer

   edit   deselect   + to AI

 

labels:

   edit   deselect   + to AI

 

capacity:

   edit   deselect   + to AI

 

volumeMode: Filesystem

   edit   deselect   + to AI

 

nodeSelectorTerms:

   edit   deselect   + to AI

 

apiVersion: v1

   edit   deselect   + to AI

 

name: grafana-pv-volume

   edit   deselect   + to AI

 

persistentVolumeReclaimPolicy: Retain

   edit   deselect   + to AI

 

path: "/grafana-volume"

   edit   deselect   + to AI

 

- key: node-role.kubernetes.io/monitoring

   edit   deselect   + to AI

 

volumeClaimTemplate:

   edit   deselect   + to AI

 

name: prometheus-pv-volume

   edit   deselect   + to AI

 

<p>Everything works fine.</p>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

<p>Why do they appear? How can i fix this?</p>"FindExpandablePluginBySpec err:no volume plugin matched" messages in logs while volumes are working<p>When I create kubernetes cluster with gcloud container clusters create command, a permission error occurs as follows:</p>

   edit   deselect   + to AI

 

ERROR: (gcloud.container.clusters.create) ResponseError: code=403, message=Required "container.clusters.create" permission for "projects/test-project".

   edit   deselect   + to AI

 

ERROR: (gcloud.container.clusters.create) ResponseError: code=403, message=Google

   edit   deselect   + to AI

 

<p>I have a kubernetes pod stuck in "Terminating" state that resists pod deletions</p>

   edit   deselect   + to AI

 

<h1>What I have tried</h1>

   edit   deselect   + to AI

 

- also tried with <code>--force --grace-period=0</code>, same outcome with extra warning</p>

   edit   deselect   + to AI

 

<p>Outcome: <code>Error from server (NotFound): nodes "ip-xxx.yyy.compute.internal" not found</code></p>

   edit   deselect   + to AI

 

<h3>EDIT 1</h3>

   edit   deselect   + to AI

 

location / {

   edit   deselect   + to AI

 

<p>I'm getting an error before I even get to the Couchbase part. I successfully created a resource group (which I called "cb_ask_spike", and yes it does appear on the Portal) from the command line, but then I try to create an AKS cluster:</p>

   edit   deselect   + to AI

 

<blockquote>

   edit   deselect   + to AI

 

<p>I'm using azure-cli v2.0.31.</p>"Incorrect padding" when trying to create managed Kubernetes cluster on Azure with AKS<p>I'm trying to report Node.js errors to Google Error Reporting, from one of our kubernetes deployments running on a GCP/GKE cluster with RBAC. (i.e. permissions defined in a service account associated to the cluster)</p>

   edit   deselect   + to AI

 

<p>This works only in certain environments:</p>

   edit   deselect   + to AI

 

</ul>

   edit   deselect   + to AI

 

<p>It feels like the job did pick up the permission changes of the cluster's service account, whereas my deployment did not.</p>

   edit   deselect   + to AI

 

</blockquote>"insufficient authentication scopes" from Google API when calling from K8S cluster<p>using a standard istio deployment in a kubernetes cluster I am trying to add an initContainer to my pod deployment, which does additional database setup.</p>

   edit   deselect   + to AI

 

- name: create-database

   edit   deselect   + to AI

 

psql "postgresql://$DB_USER:$DB_PASSWORD@db-host:5432" -c "CREATE DATABASE fusionauth ENCODING 'UTF-8' LC_CTYPE 'en_US.UTF-8' LC_COLLATE 'en_US.UTF-8' TEMPLATE template0"

   edit   deselect   + to AI

 

<p>The error message in the init-container is:</p>

   edit   deselect   + to AI

 

<p>The same command from fully initialized pod works just fine.</p><p>I tried <code>kubectl exec</code> on a k8s 1.6.4 RBAC-enabled cluster and the error returned was: <code>error: unable to upgrade connection: Unauthorized</code>. <code>docker exec</code> on the same container succeeds. Otherwise, <code>kubectl</code> is working. <code>kubectl</code> tunnels through an SSH connection but I don't think this is the issue.</p>

   edit   deselect   + to AI

 

<pre><code>I0614 16:50:11.003677 64104 round_trippers.go:398] curl -k -v -XPOST -H "X-Stream-Protocol-Version: v4.channel.k8s.io" -H "X-Stream-Protocol-Version: v3.channel.k8s.io" -H "X-Stream-Protocol-Version: v2.channel.k8s.io" -H "X-Stream-Protocol-Version: channel.k8s.io" https://localhost:6443/api/v1/namespaces/monitoring/pods/alertmanager-main-0/exec?command=%2Fbin%2Fls&amp;amp;container=alertmanager&amp;amp;container=alertmanager&amp;amp;stderr=true&amp;amp;stdout=true

   edit   deselect   + to AI

 

I0614 16:50:11.169500 64104 round_trippers.go:426] Content-Length: 12

   edit   deselect   + to AI

 

I0614 16:50:11.169545 64104 round_trippers.go:426] Content-Length: 12

   edit   deselect   + to AI

 

<pre><code>kube-system po/kubernetes-dashboard-5569448c6d-w2bdb 1/1 Running 0 16h

   edit   deselect   + to AI

 

<pre><code>kube-system kubernetes-dashboard-5569448c6d-w2bdb 1/1 Running 0 16h

   edit   deselect   + to AI

 

<p>What is different? The cluster is the same, so it should be returning the same data. The first machine is kubectl version 1.9.2, second machine is 1.10.0. The cluster is running 1.8.7.</p>"kubectl get all --all-namespaces" has different output against the same cluster<p>Could anybody help how I can change the version number shown from "kubectl get nodes"? The binaries are compiled from source. "kubectl version" shows the correct version, but "kubectl get nodes" not.</p>

   edit   deselect   + to AI

 

<p><a href="https://i.stack.imgur.com/ijlGO.png" rel="nofollow noreferrer">kubectl get nodes</a></p>

   edit   deselect   + to AI

 

<pre><code>KUBELET_ADDRESS="--address=0.0.0.0"

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

</blockquote>

   edit   deselect   + to AI

 

KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"

   edit   deselect   + to AI

 

KUBE_LOG_LEVEL="--v=0"

   edit   deselect   + to AI

 

<blockquote>

   edit   deselect   + to AI

 

<p>So i still do not know what is missing. </p>"kubectl get nodes" shows NotReady always even after giving the appropriate IP<p>I am following the document <a href="https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/" rel="nofollow noreferrer">https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/&lt;/a&gt; to try to create a kubernetes cluster with 3 vagrant ubuntu vm in my local mac. But I can only see the master by running "kubectl get nodes" in master node after "kubeadm join" successfully. After tried several possible ways googled from internet, still the same issue.</p>

   edit   deselect   + to AI

 

--> kubeadm init --ignore-preflight-errors Swap --apiserver-advertise-address=192.168.101.101

   edit   deselect   + to AI

 

</blockquote>

   edit   deselect   + to AI

 

<p><a href="https://i.stack.imgur.com/L23UY.jpg" rel="nofollow noreferrer"><img src="https://i.stack.imgur.com/L23UY.jpg" alt="screenshot for kubelet log"></a></p>

   edit   deselect   + to AI

 

<pre><code>Failed to pull image "localhost:5000/dev/customer:v1": rpc error: code = Unknown desc

   edit   deselect   + to AI

 

<pre><code>Type Reason Age From Message

   edit   deselect   + to AI

 

Normal Pulling 15m (x3 over 16m) kubelet, minikube pulling image "localhost:5000/dev/customer:v1"

   edit   deselect   + to AI

 

PS C:\Sunny\Projects\NodeApps\Nodejs-Apps\Customer&gt; docker pull localhost:5000/dev/customer:v1

   edit   deselect   + to AI

 

<p>Is it because <code>kubectl logs</code> under the hood using ssh? Is there any workaround to see the pod log?</p>"kubectl logs" not working after adding NAT gateways in GCE<p>Very often when I want to deploy new image with "kubectl set image" it's failing with ErrImagePull status, and then fixes itself after some time (up to few hours). These are events from "kubectl describe pod":</p>

   edit   deselect   + to AI

 

31m 11m 6 {kubelet gke-xxxxxxxxxx-staging-default-pool-ac6a32f4-09h5} spec.containers{zzz-staging} Warning Failed Failed to pull image "us.gcr.io/yyyy-staging/zzz:latest": net/http: request canceled

   edit   deselect   + to AI

 

24m 7m 5m 6 {kubelet gke-xxxxxxxxxx-staging-default-pool-ac6a32f4-09h5} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "zzz-staging" with ImageInspectError: "Failed to inspect image \"us.gcr.io/yyyy-staging/zzz:latest\": operation timeout: context deadline exceeded"

   edit   deselect   + to AI

 

- name: service

   edit   deselect   + to AI

 

cpu: "20m"

   edit   deselect   + to AI

 

<p>But it keeps taking 120m. <strong>Why is "limits" property being ignored?</strong> Everything else is working correctly. If I request 200m, 200m are being reserved, but limit keeps being ignored.</p>

   edit   deselect   + to AI

 

<p>kubectl describe namespace default</p>

   edit   deselect   + to AI

 

Status: Active

   edit   deselect   + to AI

 

</code></pre>"Limits" property ignored when deploying a container in a Kubernetes cluster<p>I successfully deployed with kubernetes a custom container based on the official docker-vault image, but when using the <code>vault init</code> command I get the following error:</p>

   edit   deselect   + to AI

 

WORKDIR /app

   edit   deselect   + to AI

 

<p>What I'm trying to achieve is to execute a shell script after the container is started in order to configure the vault. I have a configuration script that starts like this:</p>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

- image: // my image

   edit   deselect   + to AI

 

name: vaultport

   edit   deselect   + to AI

 

securityContext:

   edit   deselect   + to AI

 

- name: vault-volume

   edit   deselect   + to AI

 

command: ["/bin/sh", "./configure_vault.sh"]

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

<p>c) I downloaded <code>opensuse:latest</code> image from docker hub, tagged it and uploaded to the registry. Docker push succeeded. I deleted from docker local cache and tried docker pull to verify if image push was successful and yes, it was successful. </p>

   edit   deselect   + to AI

 

<pre><code>$ ps -ef | grep kubelet

   edit   deselect   + to AI

 

<pre><code>apiVersion: v1

   edit   deselect   + to AI

 

containers:

   edit   deselect   + to AI

 

command: ["/bin/bash"]

   edit   deselect   + to AI

 

<pre><code>$ kubectl get pods

   edit   deselect   + to AI

 

<pre><code>Error from server (BadRequest): container "utest1" in pod "test1" is waiting to start: ContainerCreating

   edit   deselect   + to AI

 

<p>l) I further went ahead and checked the <code>/var/log/messages</code>. It specified that kubelet was able to receive the required arguments: </p>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

docker.io/registry 2 28525f9a6e46 10 days ago 33.2 MB

   edit   deselect   + to AI

 

abc.def.com:1234/s5678 test 54ae12a89367 8 days ago 108 MB

   edit   deselect   + to AI

 

<pre><code>CMD cd /opt/app/jar \

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

&lt;encoder&gt;

   edit   deselect   + to AI

 

&lt;fileNamePattern&gt;${user.dir}/../log/archived/debug.%d{yyyy-MM-dd}.%i.log&lt;/fileNamePattern&gt;

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

kubernetes v1.7.6+a08f5eeb62

   edit   deselect   + to AI

 

API version: 1.24

   edit   deselect   + to AI

 

OS/Arch: linux/amd64

   edit   deselect   + to AI

 

Go version: go1.8.3

   edit   deselect   + to AI

 

<p>My base Promethues config is :</p>

   edit   deselect   + to AI

 

- api_server: http://172.29.219.102:8080

   edit   deselect   + to AI

 

regex: (.*)

   edit   deselect   + to AI

 

<p>When I do a simple curl command from anywhere, I see :</p>

   edit   deselect   + to AI

 

<pre><code>level=warn ts=2017-12-15T16:40:48.301741927Z caller=scrape.go:673 component="target manager" scrape_pool=kubernetes_pods target=http://172.29.219.110:8080/auth/health msg="append failed" err="no token found"

   edit   deselect   + to AI

 

<p>Error starting host: Error creating host: Error executing step: Running pre

   edit   deselect   + to AI

 

<pre><code>docker-machine sshdocker-machine active-N -L 8080:localhost:8080

   edit   deselect   + to AI

 

<p>CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES b1e95e26f46d

   edit   deselect   + to AI

 

<p>So it means kubernete is running</p>

   edit   deselect   + to AI

 

<p>Anything wrong here?

   edit   deselect   + to AI

 

ERROR: Network consul_istiomesh declared as external, but could not be found. Please create the network manually using `docker network create consul_istiomesh` and try again.

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

Creating consul_details-v1_1

   edit   deselect   + to AI

 

Traceback (most recent call last):

   edit   deselect   + to AI

 

log.error(e.msg)

   edit   deselect   + to AI

 

<li>A "main" container which contains a build job</li>

   edit   deselect   + to AI

 

Here is the pod's yaml file:</p>

   edit   deselect   + to AI

 

spec:

   edit   deselect   + to AI

 

- mountPath: /test-ebs

   edit   deselect   + to AI

 

awsElasticBlockStore:

   edit   deselect   + to AI

 

<pre><code>SetUp failed for volume "kubernetes.io/aws-ebs/8e830149-9c95-11e6-b969-0691ac4fce05-test-volume" (spec.Name: "test-volume") pod "8e830149-9c95-11e6-b969-0691ac4fce05" (UID: "8e830149-9c95-11e6-b969-0691ac4fce05") with: mount failed: exit status 32 Mounting arguments: /var/lib/kubelet/plugins/kubernetes.io/aws-ebs/mounts/aws/us-west-2a/vol-xxxxxxxx /var/lib/kubelet/pods/8e830149-9c95-11e6-b969-0691ac4fce05/volumes/kubernetes.io~aws-ebs/test-volume [bind]

   edit   deselect   + to AI

 

<p>I wanted to test the <code>/metrics</code> API.<br>

   edit   deselect   + to AI

 

-vv -H "Content-Type: application/json" https://172.31.29.121:10250/metrics

   edit   deselect   + to AI

 

<pre><code>* Trying 172.31.29.121...

   edit   deselect   + to AI

 

* successfully set certificate verify locations:

   edit   deselect   + to AI

 

* TLSv1.2 (IN), TLS handshake, Certificate (11):

   edit   deselect   + to AI

 

curl: (60) SSL certificate problem: self signed certificate in certificate chain

   edit   deselect   + to AI

 

</code></pre><p><a href="https://marketplace.visualstudio.com/items?itemName=ballerina.ballerina" rel="nofollow noreferrer">Ballerina extension</a> was installed successfully in visual code.

   edit   deselect   + to AI

 

<pre><code>import ballerina/http;

   edit   deselect   + to AI

 

name: "ballerina-abdennour-demo"

   edit   deselect   + to AI

 

sayHello (endpoint caller, http:Request request) {

   edit   deselect   + to AI

 

<p>VisualCode reports an error :</p>

   edit   deselect   + to AI

 

<p>Or is it a package that is missing and should be installed inside Ballerina SDK/ Platform?</p>

   edit   deselect   + to AI

 

<p>When I run a client sanity test, the only exception returned is this:</p>

   edit   deselect   + to AI

 

kube-dns (dns.go:48] version: 1.14.4-2-g5584e04) seems to be working as expected:</p>

   edit   deselect   + to AI

 

Address 1: 10.60.3.3 zk-0.zk-svc.default.svc.cluster.local

   edit   deselect   + to AI

 

Address 1: 10.60.4.3 zk-2.zk-svc.default.svc.cluster.local

   edit   deselect   + to AI

 

Address 1: 10.60.2.5 zk-1.zk-svc.default.svc.cluster.local

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa)

   edit   deselect   + to AI

 

waiting for tearing down pods

   edit   deselect   + to AI

 

waiting for tearing down pods

   edit   deselect   + to AI

 

waiting for tearing down pods

   edit   deselect   + to AI

 

waiting for tearing down pods

   edit   deselect   + to AI

 

<p>I'm using a slightly modified version of the controller and worker install scripts from <a href="https://github.com/coreos/coreos-kubernetes/tree/master/multi-node/generic" rel="nofollow noreferrer">https://github.com/coreos/coreos-kubernetes/tree/master/multi-node/generic&lt;/a&gt;&lt;/p&gt;

   edit   deselect   + to AI

 

export WORKER_IP=10.79.218.3

   edit   deselect   + to AI

 

openssl req -new -key apiserver-key.pem -out apiserver.csr -subj "/CN=kube-apiserver" -config openssl.cnf

   edit   deselect   + to AI

 

openssl genrsa -out admin-key.pem 2048

   edit   deselect   + to AI

 

<p>and this is <code>openssl.cnf</code></p>

   edit   deselect   + to AI

 

[ v3_req ]

   edit   deselect   + to AI

 

DNS.1 = coreos-2.tux-in.com

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

[req_distinguished_name]

   edit   deselect   + to AI

 

[alt_names]

   edit   deselect   + to AI

 

<p>my worker machine is <code>coreos-3.tux-in.com</code> which resolves to lan ip <code>10.79.218.3</code></p>

   edit   deselect   + to AI

 

Nov 08 21:24:07 coreos-2.tux-in.com kubelet-wrapper[2018]: E1108 21:24:07.461340 2018 reflector.go:203] pkg/kubelet/kubelet.go:403: Failed to list *api.Node: Get https://coreos-2.tux-in.com:443/api/v1/nodes?fieldSelector=metadata.name%3D10.79.218.2&amp;amp;resourceVersion=0: x509: certificate signed by unknown authority

   edit   deselect   + to AI

 

</code></pre><pre><code>root@master2:/home/osboxes# kubectl get pods --all-namespaces -o wide

   edit   deselect   + to AI

 

kube-system coredns-78fcdf6894-s4l8n 1/1 Running 1 18h 10.244.0.14 master2

   edit   deselect   + to AI

 

kube-system kube-flannel-ds-4br99 1/1 Running 1 18h 10.0.2.15 node

   edit   deselect   + to AI

 

root@master2:/home/osboxes# kubectl exec -it hello-kubernetes-55857678b4-4xbgd sh

   edit   deselect   + to AI

 

<p>Verbose:</p>

   edit   deselect   + to AI

 

I0703 08:44:01.255808 10307 round_trippers.go:386] curl -k -v -XGET -H "Accept: application/json, */*" -H "User-Agent: kubectl/v1.11.0 (linux/amd64) kubernetes/91e7b4f" 'https://192.168.0.33:6443/api/v1/namespaces/default/pods/hello-kubernetes-55857678b4-4xbgd'

   edit   deselect   + to AI

 

I0703 08:44:01.273967 10307 round_trippers.go:414] Content-Length: 2725

   edit   deselect   + to AI

 

I0703 08:44:01.290627 10307 round_trippers.go:386] curl -k -v -XPOST -H "X-Stream-Protocol-Version: v4.channel.k8s.io" -H "X-Stream-Protocol-Version: v3.channel.k8s.io" -H "X-Stream-Protocol-Version: v2.channel.k8s.io" -H "X-Stream-Protocol-Version: channel.k8s.io" -H "User-Agent: kubectl/v1.11.0 (linux/amd64) kubernetes/91e7b4f" 'https://192.168.0.33:6443/api/v1/namespaces/default/pods/hello-kubernetes-55857678b4-4xbgd/exec?command=sh&amp;container=hello-kubernetes&amp;container=hello-kubernetes&amp;stdin=true&amp;stdout=true&amp;tty=true'

   edit   deselect   + to AI

 

I0703 08:44:01.317951 10307 round_trippers.go:414] Content-Type: text/plain; charset=utf-8

   edit   deselect   + to AI

 

(1045, "Access denied for user 'root'@'cloudsqlproxy~[cloudsql instance ip]' (using password: NO)")</p>

   edit   deselect   + to AI

 

connection.settings_dict

   edit   deselect   + to AI

 

&gt;&gt; import os

   edit   deselect   + to AI

 

'default': {

   edit   deselect   + to AI

 

'HOST': os.getenv('DB_HOST'),

   edit   deselect   + to AI

 

'TEST': {

   edit   deselect   + to AI

 

<pre><code>apiVersion: extensions/v1beta1

   edit   deselect   + to AI

 

app: aesh-web

   edit   deselect   + to AI

 

labels:

   edit   deselect   + to AI

 

image: gcr.io/[my-project]/aesh_web:1.0.0

   edit   deselect   + to AI

 

value: [service ip]

   edit   deselect   + to AI

 

- name: DB_NAME

   edit   deselect   + to AI

 

name: cloudsql-db-credentials

   edit   deselect   + to AI

 

name: cloudsql-db-credentials

   edit   deselect   + to AI

 

"-instances=[instance-connection-name]:aesh-web-db=tcp:3306",

   edit   deselect   + to AI

 

readOnly: true

   edit   deselect   + to AI

 

</code></pre><p>We have a fairly large kubernetes deployment on GKE, and we wanted to make our life a little easier by enabling auto-upgrades. The <a href="https://cloud.google.com/kubernetes-engine/docs/how-to/node-auto-upgrades" rel="nofollow noreferrer">documentation on the topic</a> tells you how to enable it, but not how it actually <strong>works</strong>.</p>

   edit   deselect   + to AI

 

<h1>What I did:</h1>

   edit   deselect   + to AI

 

<li>Nodepools had version <code>1.11.5-gke.X</code></li>

   edit   deselect   + to AI

 

<li>The nodepool would be updated to either <code>1.11.7-gke.3</code> (the default cluster version) or <code>1.11.7-gke.6</code> (the most recent version)</li>

   edit   deselect   + to AI

 

<ul>

   edit   deselect   + to AI

 

<ul>

   edit   deselect   + to AI

 

<p>So is Teleport a parallell technology to Container / Kubernetes / Immutable Infrastructure or is it orthogonal, as in, can be used in addition?</p>(How) Does Gravitational Teleport fit into container/Kubernetes environment?<p>I am new to Kops and a bit to kubernetes as well. I managed to create a cluster with Kops, and run a deployment and a service on it. everything went well, and an ELB was created for me and I could access the application via this ELB endpoint.</p>

   edit   deselect   + to AI

 

name: django-app-service

   edit   deselect   + to AI

 

domainName: "my.personal-site.de"

   edit   deselect   + to AI

 

ports:

   edit   deselect   + to AI

 

kind: Deployment

   edit   deselect   + to AI

 

minReadySeconds: 15

   edit   deselect   + to AI

 

maxUnavailable: 1

   edit   deselect   + to AI

 

spec:

   edit   deselect   + to AI

 

ports:

   edit   deselect   + to AI

 

2- docker run -d -p 5000:5000 --name registry registry:2

   edit   deselect   + to AI

 

<p>all above steps are working fine with no problems at all.</p>

   edit   deselect   + to AI

 

3- minikube ssh

   edit   deselect   + to AI

 

<p>curl: (7) Failed to connect to 127.0.0.1 port 5000: Connection refused</p>

   edit   deselect   + to AI

 

<p>I am using this yaml file (i named it <em>ConsolePre.yaml</em>) to deploy my image using kubernetes</p>

   edit   deselect   + to AI

 

labels:

   edit   deselect   + to AI

 

targetPort: 9080

   edit   deselect   + to AI

 

type: NodePort

   edit   deselect   + to AI

 

labels:

   edit   deselect   + to AI

 

template:

   edit   deselect   + to AI

 

spec:

   edit   deselect   + to AI

 

- containerPort: 9080

   edit   deselect   + to AI

 

<p>sudo kubectl apply -f /PATH_TO_YAML_FILE/ConsolePre.yaml</p>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

<p>i found next message in description result</p>

   edit   deselect   + to AI

 

</blockquote>

   edit   deselect   + to AI

 

<p>No relations/tables or whatsoever appear on my DB:</p>

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

drwx------ 2 999 docker 4096 Oct 30 11:22 global

   edit   deselect   + to AI

 

-rw------- 1 999 docker 1636 Oct 30 11:21 pg_ident.conf

   edit   deselect   + to AI

 

drwx------ 2 999 docker 4096 Oct 30 11:21 pg_serial

   edit   deselect   + to AI

 

drwx------ 2 999 docker 4096 Oct 30 11:21 pg_tblspc

   edit   deselect   + to AI

 

-rw------- 1 999 docker 22205 Oct 30 11:21 postgresql.conf

   edit   deselect   + to AI

 

<pre><code>root@information-system-deployment-5dccfcb7c9-54trz:/var/lib/postgresql/data# ls -l

   edit   deselect   + to AI

 

drwx------ 2 postgres postgres 4096 Oct 30 11:21 pg_commit_ts

   edit   deselect   + to AI

 

drwx------ 4 postgres postgres 4096 Oct 30 11:21 pg_multixact

   edit   deselect   + to AI

 

drwx------ 2 postgres postgres 4096 Oct 30 11:21 pg_stat

   edit   deselect   + to AI

 

-rw------- 1 postgres postgres 4 Oct 30 11:21 PG_VERSION

   edit   deselect   + to AI

 

-rw------- 1 postgres postgres 85 Oct 30 11:21 postmaster.pid

   edit   deselect   + to AI

 

metadata:

   edit   deselect   + to AI

 

app: information-system-deployment

   edit   deselect   + to AI

 

labels:

   edit   deselect   + to AI

 

name: information-system-db

   edit   deselect   + to AI

 

valueFrom:

   edit   deselect   + to AI

 

valueFrom:

   edit   deselect   + to AI

 

- containerPort: 5432

   edit   deselect   + to AI

 

- image: my-registry:5000/information-system-test:latest

   edit   deselect   + to AI

 

command: ["bash", "-c", "python main.py"]

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

name: information-system-db-pv-volume

   edit   deselect   + to AI

 

capacity:

   edit   deselect   + to AI

 

path: "/tmp/data/postgres"

   edit   deselect   + to AI

 

metadata:

   edit   deselect   + to AI

 

- ReadWriteOnce

   edit   deselect   + to AI

 

<p><code>"Get http://localhost:8080/api/v1/namespaces/kube-system/configmaps?labelSelector=OWNER%!D(MISSING)TILLER: dial tcp 127.0.0.1:8080: connect: connection refused".</code></p>

   edit   deselect   + to AI

 

etcd-minikube 1/1 Running 0 6h

   edit   deselect   + to AI

 

kube-proxy-j28zs 1/1 Running 0 6h

   edit   deselect   + to AI

 

storage-provisioner 1/1 Running 8 1d

   edit   deselect   + to AI

 

This is not a supported version skew and may lead to a malfunctional cluster.

   edit   deselect   + to AI

 

<p>Many Thanks

   edit   deselect   + to AI

 

Jan 3 21:28:47 master kubelet: I0103 21:28:47.015478 8726 kubelet_node_status.go:74] Attempting to register node master

   edit   deselect   + to AI

 

<p>My Linux version is:</p>

   edit   deselect   + to AI

 

<pre><code>[root@master ~]# docker -v

   edit   deselect   + to AI

 

kubeadm version: version.Info{Major:"1", Minor:"6+", GitVersion:"v1.6.0-alpha.0.2074+a092d8e0f95f52", GitCommit:"a092d8e0f95f5200f7ae2cba45c75ab42da36537", GitTreeState:"clean", BuildDate:"2016-12-13T17:03:18Z", GoVersion:"go1.7.4", Compiler:"gc", Platform:"linux/amd64"}

   edit   deselect   + to AI

 

f9d197b32eeb gcr.io/google_containers/kube-controller-manager-amd64:v1.5.1 "kube-controller-mana" 8 minutes ago Up 8 minutes k8s_kube-controller-manager.c989015b_kube-controller-manager-master_kube-system_403e1523940e3f352d70e32c97d29be5_812fd5f5

   edit   deselect   + to AI

 

434d49024d1f gcr.io/google_containers/pause-amd64:3.0 "/pause" 8 minutes ago Up 8 minutes k8s_POD.d8dbe16c_kube-scheduler-master_kube-system_3bfbd36dfb8c8f71984a0d812e4dad33_f8d4ad55

   edit   deselect   + to AI

 

<pre><code>[root@master ~]# yum list |grep kubernetes-cni.x86_64

   edit   deselect   + to AI

 

<pre><code>kubectl logs --follow -n kube-system deployment/nginx-ingress

   edit   deselect   + to AI

 

<pre><code>2018/08/27 21:13:35 Creating in-cluster Heapster client

   edit   deselect   + to AI

 

2018/08/27 21:15:17 Metric client health check failed: the server is currently unable to handle the request (get services heapster). Retrying in 30 seconds.

   edit   deselect   + to AI

 

osmsku---kubemaster02..local Ready &lt;none&gt; 140d v1.11.2

   edit   deselect   + to AI

 

77.5 is the docker interface ip</p>

   edit   deselect   + to AI

 

kibana-logging NodePort 10.99.101.8 &lt;none&gt; 5601:30275/TCP 4h k8s-app=kibana-logging

   edit   deselect   + to AI

 

NAME STATUS ROLES AGE VERSION EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME

   edit   deselect   + to AI

 

k get pods -n=kube-system

   edit   deselect   + to AI

 

etcd-osmsku--prod-kubemaster01..local 1/1 Running 15 2h

   edit   deselect   + to AI

 

kube-apiserver-osmsku--prod-kubemaster01..local 1/1 Running 2 2h

   edit   deselect   + to AI

 

kube-flannel-ds-jbsfm 1/1 Running 3 2h

   edit   deselect   + to AI

 

kube-scheduler-osmsku--prod-kubemaster01..local 1/1 Running 2 2h

   edit   deselect   + to AI

 

</code></pre>*4 connect() failed (113: No route to host) while connecting to kubernetes dashboard upstream<p>When I deploy the following I get this error:</p>

   edit   deselect   + to AI

 

kind: Ingress

   edit   deselect   + to AI

 

helm.sh/chart: {{ include "marketplace.chart" . }}

   edit   deselect   + to AI

 

{{- toYaml . | nindent 4 }}

   edit   deselect   + to AI

 

{{- range .Values.front.ingress.tls }}

   edit   deselect   + to AI

 

secretName: {{ .secretName }}

   edit   deselect   + to AI

 

- host: {{ . | quote }}

   edit   deselect   + to AI

 

backend:

   edit   deselect   + to AI

 

{{- end }}

   edit   deselect   + to AI

 

<p><code>marketplace.name</code> is defined in _helpers.tpl: </p>

   edit   deselect   + to AI

 

<p><code>.Chart.Name</code> is an internal variable and the order of preference is explained <a href="https://github.com/helm/helm/issues/2913#issuecomment-328609510" rel="nofollow noreferrer">here</a> but even setting <code>nameOverride</code> the error is the same.</p>

   edit   deselect   + to AI

 

enabled: true

   edit   deselect   + to AI

 

paths:

   edit   deselect   + to AI

 

When I upgrade the kubernetes version to 1.6.3, it not work. There is no log file created under /var/log. How to get the kubernetes log file?

   edit   deselect   + to AI

 

Warning: Tiller is already installed in the cluster.

   edit   deselect   + to AI

 

Error: cannot connect to Tiller

   edit   deselect   + to AI

 

<p><a href="https://kubernetes.io/docs/getting-started-guides/ubuntu/troubleshooting/" rel="nofollow noreferrer">https://kubernetes.io/docs/getting-started-guides/ubuntu/troubleshooting/&lt;/a&gt;&lt;/p&gt;

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

kind: DaemonSet

   edit   deselect   + to AI

 

metadata:

   edit   deselect   + to AI

 

serviceAccountName: my-sa-account

   edit   deselect   + to AI

 

securityContext:

   edit   deselect   + to AI

 

kind: DaemonSet

   edit   deselect   + to AI

 

metadata:

   edit   deselect   + to AI

 

serviceAccountName: my-sa-account

   edit   deselect   + to AI

 

securityContext:

   edit   deselect   + to AI

 

<pre><code>...

   edit   deselect   + to AI

 

SigCgt: 0000000000014002

   edit   deselect   + to AI

 

CapAmb: 0000000000000000

   edit   deselect   + to AI

 

<code>

   edit   deselect   + to AI

 

<pre><code>apiVersion: v1

   edit   deselect   + to AI

 

selector:

   edit   deselect   + to AI

 

port: 80

   edit   deselect   + to AI

 

name: busybox1

   edit   deselect   + to AI

 

subdomain: default-subdomain

   edit   deselect   + to AI

 

kind: Pod

   edit   deselect   + to AI

 

spec:

   edit   deselect   + to AI

 

name: busybox

   edit   deselect   + to AI

 

<p>In the kb8-master2 </p>

   edit   deselect   + to AI

 

mv /home/${USER}/sa.key /etc/kubernetes/pki/

   edit   deselect   + to AI

 

mv /home/${USER}/admin.conf /etc/kubernetes/admin.conf

   edit   deselect   + to AI

 

[certificates] Generated etcd/server certificate and key.

   edit   deselect   + to AI

 

[certificates] Generated etcd/healthcheck-client certificate and key.

   edit   deselect   + to AI

 

kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.240.0.33]

   edit   deselect   + to AI

 

&gt;`sudo kubeadm alpha phase kubelet config write-to-disk --config kubeadm-config.yaml`

   edit   deselect   + to AI

 

Output:-

   edit   deselect   + to AI

 

[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"

   edit   deselect   + to AI

 

<p>Output:-

   edit   deselect   + to AI

 

<p>No output</p>

   edit   deselect   + to AI

 

<p>I am really stuck here. Further </p>

   edit   deselect   + to AI

 

apiServerCertSANs:

   edit   deselect   + to AI

 

extraArgs:

   edit   deselect   + to AI

 

initial-cluster: "kb8-master1=https://10.240.0.4:2380,kb8-master2=https://10.240.0.33:2380"

   edit   deselect   + to AI

 

peerCertSANs:

   edit   deselect   + to AI

 

</code></pre>

   edit   deselect   + to AI

 

Please hold the Shift key and click the Refresh button to try again. https://docs.google.com/spreadsheets/d/1Ee2xEd43NQZcF0LeIcTkD4ZitIhETl5HX1_JPuuzm7E/edit?usp=sharing

   edit   deselect   + to AI

 

@olivierboukili: I just published A GCP / Kubernetes production migration retrospective (pa 1) https://t.co/RngsmtMwor

   edit   deselect   + to AI

 

@OracleDevs: Get Hands-on Microservices on Kubernetes and Autonomous Database! Failure of any microservice limits downtime to a portion…

   edit   deselect   + to AI

 

@CloudExpo: OpsRamp’s to Present AI &amp; AIOps Education Track at CloudEXPO @OpsRamp #HybridCloud #AI #IoT #AIOps #DevOps #Blockchain #Cl…

   edit   deselect   + to AI

 

@Azure: Public Preview now supported for Windows Server containers on #Azure #Kubernetes Service. Modernize Windows workloads to get the…

   edit   deselect   + to AI

 

@azureflashnews: Announcing the preview of Windows Server containers suppo in Azure Kubernetes Service https://t.co/lqmAJZgCbR #Azur…

   edit   deselect   + to AI

 

@_precompiled: Interested in meeting some nice ppl and talk about Prometheus and/or Kubernetes? Then this @Meetup might be for you! (Als…

   edit   deselect   + to AI

 

@Taylorb_msft: I am excited and honored to be announcing the public preview of Windows Server containers suppo in Azure Kubernetes Ser…

   edit   deselect   + to AI

 

@OpenAtMicrosoft: Interested in real-time sentiment analysis of tweets? Check out this sample KEDA (Kubernetes-based event-driven auto…

   edit   deselect   + to AI

 

Announcing the preview of Windows Server containers suppo in Azure Kubernetes Service https://t.co/E90N6qj05w

   edit   deselect   + to AI

 

@CloudExpo: Exhibitor Directory Published ! https://t.co/hmkGxHT58m #Cloud #CIO #HybridCloud #AI #IoT #IIoT #AIOps #DevOps #CloudNativ…

   edit   deselect   + to AI

 

@CloudExpo: It's 4:00 AM in Silicon Valley! Do You Know Where Your Data Is? #HybridCloud #AI #AIOps #CIO #IoT #DevOps #SDN #CloudNative…

   edit   deselect   + to AI

 

@kinvolkio: Announcing Lokomotive, our @kubernetesio distribution and engine to drive cutting-edge #Linux technologies into Kubernetes.…

   edit   deselect   + to AI

 

HNews: Lokomotive: An engine to drive cutting-edge Linux technologies into Kubernetes https://t.co/0LIZvhtKfU #linux

   edit   deselect   + to AI

 

@Azure: Public Preview now supported for Windows Server containers on #Azure #Kubernetes Service. Modernize Windows workloads to get the…

   edit   deselect   + to AI

 

Announcing the preview of Windows Server containers suppo in Azure Kubernetes Service https://t.co/6qsgGeoGAO

   edit   deselect   + to AI

 

Missed our hybrid #cloud strategies webinar this week? Watch the recording now. #MariaDB #Kubernetes https://t.co/WzPQsCcmva

   edit   deselect   + to AI

 

@CloudExpo: Join CloudEXPO Silicon Valley June 24-26 at Biggest Expo Floor in 5 Years ! #BigData #HybridCloud #Cloud #CloudNative #Serv…

   edit   deselect   + to AI

 

@Kingwulf: #ApacheSpark on K8S by Palantir engineering https://t.co/sTlkBvweTA

   edit   deselect   + to AI

 

@danveloper: This shouldn’t have to be said, but do not put your Kubernetes API Server on the public internet.

   edit   deselect   + to AI

 

#Windows on @kubernetesio went stable on 1.14 in March and in May as promised AKS enables Windows and 1.14 as publi… https://t.co/e94E4YhjAo

   edit   deselect   + to AI

 

5 things I wish I'd known about Kubernetes before I started

   edit   deselect   + to AI

 

9 Lessons Learned Migrating from Heroku to Kubernetes with Zero Downtime

   edit   deselect   + to AI

 

10 open-source Kubernetes tools for highly effective SRE and Ops Teams

   edit   deselect   + to AI

 

065: Change, Dropbox, GitHub DDoS, Kubernetes, Docker, and More

   edit   deselect   + to AI

 

076: Hiring in DevOps, Security, Kubernetes, and More

   edit   deselect   + to AI

 

085: Ansible, Kubernetes, Jr Engineers, Prime Disaster, Awesome TUIs, and More

   edit   deselect   + to AI

 

090: DevOps, GitOps, Commons Clause, NotPetya, Kubernetes, Prometheus, More

   edit   deselect   + to AI

 

098: Open Source, Kubernetes, Vote, Ansible, Serverless, Amazon HQ2 and More

   edit   deselect   + to AI

 

106: KubeKhan, KubeCon, Etcd, Licenses, Securing Kubernetes, JFrog, More

   edit   deselect   + to AI

 

116: OSS Licenses, Kubernetes, .dev Grossness, Hashicorp, Ansible, Knative, More

   edit   deselect   + to AI

 

"cyber-” comes from "cybernetics”, which comes from "Kubernetes”

   edit   deselect   + to AI

 

[podcast] the Impact and Future of Kubernetes

   edit   deselect   + to AI

 

[Webinar] Kubernetes Monitoring Best Practices from KubeCon

   edit   deselect   + to AI

 

A comparison of all Kubernetes ingresses

   edit   deselect   + to AI

 

A complete guide to the new Kubernetes Operator SDK released today

   edit   deselect   + to AI

 

A developer onramp to Kubernetes with GKE

   edit   deselect   + to AI

 

A few things I've learned about Kubernetes

   edit   deselect   + to AI

 

A Guide to the Kubernetes Networking Model

   edit   deselect   + to AI

 

A Kubernetes quick start for people who know just enough about Docker to get by

   edit   deselect   + to AI

 

A Multitude of Kubernetes Deployment Tools: Kubespray, Kops, and Kubeadm

   edit   deselect   + to AI

 

A reason for unexplained connection timeouts on Kubernetes/Docker

   edit   deselect   + to AI

 

A short, concise and high-level introduction to Kubernetes

   edit   deselect   + to AI

 

A Stronger Foundation for Creating and Managing Kubernetes Clusters

   edit   deselect   + to AI

 

A Text to Speech Server with gRPC and Kubernetes [video]

   edit   deselect   + to AI

 

A VPN for Minikube: transparent networking access to your Kubernetes cluster

   edit   deselect   + to AI

 

Accelerate Kubernetes at CoreOS (YC S13) as a Field Eng, Eng, or Product Manager

   edit   deselect   + to AI

 

Adopting Kubernetes step by step

   edit   deselect   + to AI

 

Adventures in High Availability Logging – ELK Stack on Kubernetes

   edit   deselect   + to AI

 

All the Fun in Kubernetes 1.9 – The New Stack

   edit   deselect   + to AI

 

Amazon EKS – Highly available and scalable Kubernetes service

   edit   deselect   + to AI

 

Amazon joins the rush to Kubernetes

   edit   deselect   + to AI

 

AMD GPU device plugin for Kubernetes

   edit   deselect   + to AI

 

An open source operator for Kafka on Kubernetes

   edit   deselect   + to AI

 

Analysis of Open Source Kubernetes Operators

   edit   deselect   + to AI

 

Announcing Dotmesh 0.5 the Dotmesh Kubernetes Operator

   edit   deselect   + to AI

 

Announcing Limited Availability of DigitalOcean Kubernetes

   edit   deselect   + to AI

 

Announcing Terraform Support for Kubernetes Service on AWS

   edit   deselect   + to AI

 

Anthos: Kubernetes Infrastructure to Make Developers More Productive

   edit   deselect   + to AI

 

Apache Spark on Kubernetes

   edit   deselect   + to AI

 

Application Tracing on Kubernetes with AWS X-Ray

   edit   deselect   + to AI

 

Are you learning Kubernetes/Docker? What resources are you using?

   edit   deselect   + to AI

 

As Kubernetes grows, a startup ecosystem develops in its wake

   edit   deselect   + to AI

 

Ask HN: Are you learning Kubernetes/Docker? What resources are you using?

   edit   deselect   + to AI

 

Ask HN: Could Kubernetes be written to use alternatives?

   edit   deselect   + to AI

 

Ask HN: Docker, Kubernetes, Openshift, etc – how do you deploy your products?

   edit   deselect   + to AI

 

Ask HN: How many pods for Kubernetes should be set at a large scale website?

   edit   deselect   + to AI

 

Ask HN: Kubernetes or ECS

   edit   deselect   + to AI

 

Ask HN: Single node Kubernetes on a VPS?

   edit   deselect   + to AI

 

Ask HN: Who is using Kubernetes or Docker in production and how has it been?

   edit   deselect   + to AI

 

Assholes, SRE, Container and Kubernetes Security, Ansible for Windows, and More

   edit   deselect   + to AI

 

Auto-Discovered Maps for Kubernetes Apps

   edit   deselect   + to AI

 

Automated Testing for Kubernetes and Helm Charts Using Terratest

   edit   deselect   + to AI

 

Automating TLS and DNS with Kubernetes Ingress

   edit   deselect   + to AI

 

Autoscaling for Kubernetes workloads

   edit   deselect   + to AI

 

AWS EKS and OpenFaaS Operator for Serverless on Kubernetes

   edit   deselect   + to AI

 

AWS S3 compatible storage on Kubernetes

   edit   deselect   + to AI

 

Azure brings new Serverless and DevOps capabilities to the Kubernetes community

   edit   deselect   + to AI

 

Azure Kubernetes Service (AKS) Is Now GA

   edit   deselect   + to AI

 

Benchmark results of Kubernetes network plugins over 10Gb/s network

   edit   deselect   + to AI

 

Beyond Kubernetes: building a complete orchestration platform

   edit   deselect   + to AI

 

Bitnami Kubernetes Production Runtime

   edit   deselect   + to AI

 

Boosting Your Kubernetes Productivity

   edit   deselect   + to AI

 

Bootstrapping Kubernetes Google Cloud Platform without scripts

   edit   deselect   + to AI

 

Brigade: Event-driven scripting for Kubernetes

   edit   deselect   + to AI

 

Bringing Kubernetes to Containership

   edit   deselect   + to AI

 

Build AWS S3 Compatible Cloud Storage with Kubernetes and Minio

   edit   deselect   + to AI

 

Build your own multi-node Kubernetes cluster

   edit   deselect   + to AI

 

Building a Control Plane for an Envoy-Powered API Gateway on Kubernetes

   edit   deselect   + to AI

 

Building a Kubernetes Operator for Prometheus and Thanos

   edit   deselect   + to AI

 

Building an Enterprise Kubernetes Strategy Online Training Today 1PM ET

   edit   deselect   + to AI

 

Building Distributed Systems with Kubernetes

   edit   deselect   + to AI

 

Bundle Kubernetes Fundamentals and CKA Certification (Course and Certification)

   edit   deselect   + to AI

 

Canary deployments on kubernetes using Traefik

   edit   deselect   + to AI

 

Canonical Distribution of Kubernetes: Dev Summary 2017 (Week 32)

   edit   deselect   + to AI

 

Canonical's Web and Design team use Kubernetes to deploy their sites

   edit   deselect   + to AI

 

Centralized logging on Kubernetes using fluentd and fluent-bit

   edit   deselect   + to AI

 

Checking Out the Kubernetes Service Catalog

   edit   deselect   + to AI

 

CI/CD Pipeline with Auto Deploy to Kubernetes Using GitLab and Helm

   edit   deselect   + to AI

 

CircleCI's outrageous decision to orchestrate Kubernetes with Nomad

   edit   deselect   + to AI

 

CLI to get overview of resource requests, utilization in Kubernetes cluster

   edit   deselect   + to AI

 

Cloud Foundry adds native Kubernetes support for running containers

   edit   deselect   + to AI

 

Cloud Native Computing Foundation Adopts Kubernetes-Friendly Container Runtime

   edit   deselect   + to AI

 

Cluster Schedulers: Kubernetes and Nomad

   edit   deselect   + to AI

 

CNCF Announces Kubernetes 1.9 – SD Times

   edit   deselect   + to AI

 

Collecting application logs in Kubernetes

   edit   deselect   + to AI

 

Comparing Kubernetes CNI Network Providers

   edit   deselect   + to AI

 

Comparing Mesos and Kubernetes

   edit   deselect   + to AI

 

Comprehensive Container-Based Service Monitoring with Kubernetes and Istio

   edit   deselect   + to AI

 

Configuring permissions in Kubernetes with RBAC

   edit   deselect   + to AI

 

Connecting Elixir Nodes with Libcluster, Locally and on Kubernetes

   edit   deselect   + to AI

 

Container orchestration: Moving from fleet to Kubernetes

   edit   deselect   + to AI

 

Containerd namespaces for Docker, Kubernetes, and beyond

   edit   deselect   + to AI

 

Containership Launches Its Fully Managed Kubernetes Service

   edit   deselect   + to AI

 

Continuous Delivery with Spinnaker and Kubernetes

   edit   deselect   + to AI

 

Continuous Deployment with Google Container Engine and Kubernetes

   edit   deselect   + to AI

 

Convergence to Kubernetes

   edit   deselect   + to AI

 

CoreOS (YC S13) Is Hiring – Help Accelerate Kubernetes (BER/SFO/NYC/remote)

   edit   deselect   + to AI

 

CoreOS Extends Kubernetes to Microsoft Azure

   edit   deselect   + to AI

 

CoreOS Tectonic Now Installs Kubernetes on OpenStack

   edit   deselect   + to AI

 

Create a Kubernetes cron job in OKD

   edit   deselect   + to AI

 

Create, manage, snapshot and scale Kubernetes infrastructure in the public cloud

   edit   deselect   + to AI

 

Creating a Kubernetes Cluster on DigitalOcean with Python and Fabric

   edit   deselect   + to AI

 

Creating Multi-Tenant Moodle Service on Kubernetes Using Operator Pattern

   edit   deselect   + to AI

 

Crossword Puzzles, Kubernetes and CI/CD

   edit   deselect   + to AI

 

Customizing Kubernetes DNS Using Consul

   edit   deselect   + to AI

 

CVE-2018-1002105 – Kubernetes privilege escalation flaw

   edit   deselect   + to AI

 

Data Analytics, Meet Containers: Kubernetes Operator for Apache Spark in Beta

   edit   deselect   + to AI

 

Debug Kubernetes-Based Services with Datawire's Telepresence – The New Stack

   edit   deselect   + to AI

 

Debugging a TCP socket leak in a Kubernetes cluster

   edit   deselect   + to AI

 

Declarative application management in Kubernetes

   edit   deselect   + to AI

 

Deep Dive into Apache Spark Resilience on Kubernetes

   edit   deselect   + to AI

 

Deis Workflow – Open Source Kubernetes PaaS

   edit   deselect   + to AI

 

Deploy a HIG Stack in Kubernetes for Monitoring

   edit   deselect   + to AI

 

Deploy Apps to Kubernetes via REST, Using Helm

   edit   deselect   + to AI

 

Deploy microservices on Kubernetes

   edit   deselect   + to AI

 

Deploy SciKit Learn Model into Kubernetes Production in Under 2 Minutes

   edit   deselect   + to AI

 

Deploying a Node App to Google Cloud with Kubernetes

   edit   deselect   + to AI

 

Deploying Jenkins to a Kubernetes Cluster Using Helm

   edit   deselect   + to AI

 

Deploying Kubernetes On-Premise with RKE and Deploying OpenFaaS on It – Part 2

   edit   deselect   + to AI

 

Deploying Nginx ingress with let’s encrypt on Kubernetes using Helm

   edit   deselect   + to AI

 

Deploying Spark on Kubernetes

   edit   deselect   + to AI

 

Deploying to Kubernetes at ZipRecruiter

   edit   deselect   + to AI

 

Deploying WordPress on GKE Kubernetes

   edit   deselect   + to AI

 

Dev to Production Workflow Coverage by Popular Tools – Kubernetes, Heroku

   edit   deselect   + to AI

 

Developments around Microservices, API Gateways, Kubernetes and Service Mesh

   edit   deselect   + to AI

 

DevOps'ish 083: Survey, Career Advice, No Bastions, Kubernetes, Ansible, Etcd

   edit   deselect   + to AI

 

DevOps’ish 049: Basics, Kubernetes, Intel Is Blowing It, IDEs, Go, and More

   edit   deselect   + to AI

 

Diamanti Offers a Plug-And-Play Kubernetes Deployment

   edit   deselect   + to AI

 

Distributed App Deployment with Kubernetes and MongoDB Atlas

   edit   deselect   + to AI

 

Django on Kubernetes

   edit   deselect   + to AI

 

Docker Clustering Tools Compared: Kubernetes vs. Docker Swarm

   edit   deselect   + to AI

 

Docker embraces Kubernetes, will let customers run it alongside Swarm

   edit   deselect   + to AI

 

Docker Fueled Nostalgia: Building a Retro-Gaming Rig on Kubernetes

   edit   deselect   + to AI

 

Docker orchestration with Kubernetes and Rancher

   edit   deselect   + to AI

 

Docker Swarm vs. Mesos vs. Kubernetes – DZone Cloud

   edit   deselect   + to AI

 

Does invoking AWS CLI through serverless (OpenFaaS on Kubernetes) makes sense?

   edit   deselect   + to AI

 

Draft: A tool for developers to create cloud-native applications on Kubernetes

   edit   deselect   + to AI

 

Drone CI announces native Kubernetes support

   edit   deselect   + to AI

 

Dynamic Kubernetes Client for Ansible

   edit   deselect   + to AI

 

Easily Install Kubernetes on Ubuntu Step by Step

   edit   deselect   + to AI

 

Effective Docker HealthChecks for Node.js to Make Running in Kubernetes Reliable

   edit   deselect   + to AI

 

Embracing failures and cutting costs: Spot instances in Kubernetes

   edit   deselect   + to AI

 

Enforcing Kubernetes network policies with iptables

   edit   deselect   + to AI

 

Episode #126 Kubernetes for Pythonistas – [Talk Python to Me Podcast]

   edit   deselect   + to AI

 

Everything Kubernetes

   edit   deselect   + to AI

 

Experiences porting Heron to Kubernetes

   edit   deselect   + to AI

 

Expose Kubernetes Services Over HTTPS with Ngrok

   edit   deselect   + to AI

 

Extending Docker Enterprise Edition to Support Kubernetes – Docker Blog

   edit   deselect   + to AI

 

FaaS-netes (Functions as a Service) for Kubernetes and Docker Swarm

   edit   deselect   + to AI

 

Fast Serverless Functions for Kubernetes

   edit   deselect   + to AI

 

First Impressions: Docker for Mac with Kubernetes

   edit   deselect   + to AI

 

Fishing for Miners – Cryptojacking Honeypots in Kubernetes

   edit   deselect   + to AI

 

Fission: Serverless Functions for Kubernetes

   edit   deselect   + to AI

 

Forced Evolution: Shopify's Journey to Kubernetes

   edit   deselect   + to AI

 

Frakti – hypervisor-based container runtime for Kubernetes

   edit   deselect   + to AI

 

From bare-metal to Kubernetes

   edit   deselect   + to AI

 

Functions for Kubernetes

   edit   deselect   + to AI

 

Gardener: Manage Kubernetes clusters across multiple cloud providers

   edit   deselect   + to AI

 

Get Kubernetes Cluster Metrics with Prometheus in 5 Minutes

   edit   deselect   + to AI

 

Get Started with OpenFaaS and KinD (Kubernetes in Docker)

   edit   deselect   + to AI

 

Getting Started with DevOps, Containers and Kubernetes

   edit   deselect   + to AI

 

Getting started with Kubernetes: 5 misunderstandings, explained

   edit   deselect   + to AI

 

GitHub actions to deliver on kubernetes

   edit   deselect   + to AI

 

GitHub now uses Kubernetes

   edit   deselect   + to AI

 

GitOps: High Velocity CICD for Kubernetes

   edit   deselect   + to AI

 

GoCD introduces native integrations for Kubernetes

   edit   deselect   + to AI

 

Google Cloud Platform: Cloud Audit Logging for Kubernetes Engine

   edit   deselect   + to AI

 

Google donates money to help run the Kubernetes infrastructure

   edit   deselect   + to AI

 

Google Kubernetes Engine launches multi-master, regional clusters to beta

   edit   deselect   + to AI

 

Google Skaffold – Easy and Repeatable Kubernetes Development

   edit   deselect   + to AI

 

Google's real Kubernetes magic is all about community, not code

   edit   deselect   + to AI

 

GPUs in Kubernetes Engine now available in beta

   edit   deselect   + to AI

 

gRPC Load Balancing Inside Kubernetes

   edit   deselect   + to AI

 

Hacking and Hardening Kubernetes Clusters by Example

   edit   deselect   + to AI

 

HAProxy Ingress Controller for Kubernetes

   edit   deselect   + to AI

 

HashiCorp Consul: Connect Sidecar on Kubernetes

   edit   deselect   + to AI

 

Health checking gRPC servers on Kubernetes

   edit   deselect   + to AI

 

Heptio Comes Out of Stealth Mode with a Kubernetes Configuration Tool, Ksonnet

   edit   deselect   + to AI

 

Heptio launches its Kubernetes undistribution

   edit   deselect   + to AI

 

Highly Effective Kubernetes Deployments with GitOps

   edit   deselect   + to AI

 

Host Serverless Event Gateway on Kubernetes

   edit   deselect   + to AI

 

How Atlassian does Kubernetes

   edit   deselect   + to AI

 

How CloudBoost uses Docker, Kubernetes and Azure to scale 60,000+ apps

   edit   deselect   + to AI

 

How does the Kubernetes scheduler work?

   edit   deselect   + to AI

 

How kubernetes can break: networking

   edit   deselect   + to AI

 

How Kubernetes is making contributing easy

   edit   deselect   + to AI

 

How Nav Moved to Kubernetes with Houston, by Turbine Labs

   edit   deselect   + to AI

 

How Serverless Technologies Impact Kubernetes

   edit   deselect   + to AI

 

How to Build a Kubernetes Cluster with ARM Raspberry Pi Then Run .NET Core

   edit   deselect   + to AI