Re: [kubernetes-users] pod creation fails

The user you are authenticating with doesn't have proper permissions. In particular it looks like you are trying to use a kubectl from a node which generally aren't allowed to create deployments. Learn more here: https://kubernetes.io/docs/admin/authorization/rbac/ Good luck. Brandon On Fri, Ja

Re: [kubernetes-users] Waiting for all pods to start before running the container commands

The general advice is to just have your applications crash loop on whatever invariant you are waiting on. Does that now work for some reason? On Thu, Jan 18, 2018 at 3:41 PM Karthik wrote: > Hi all, > > I created a StatefulSet service (yb-master) with 3 pods (yb-master-0,1,2). > The cname of th

Re: [kubernetes-users] what are differences between hostpath and local volume?

Both use local disks available on a machine. But! Imagine you have a cluster of three machines and have a Deployment with a replica of 1. If your pod is scheduled on node A, writes to a host path, then the pod is destroyed. At this point the scheduler will need to create a new pod, and this pod mig

Re: [kubernetes-users] Vagrant/Ansible/VirtualBox Cluster on Mac

FWIW, the Tectonic Sandbox is also using VirtualBox + Vagrant. Just download and `vagrant up`. Brandon On Thu, Dec 14, 2017 at 8:40 AM Kris Dockery wrote: > Matt, > > I'm running three VirtualBox VMs: > > Master: 1 vCPU, 4

Re: [kubernetes-users] unable to mount a folder inside container(pod) to host folder in kubernetes .

It looks like the volumes section is not indented correctly. It should be indented to the same level as containers as it is part of the PodSpec[1]. [1] https://v1-6.docs.kubernetes.io/docs/api-reference/v1.6/#podspec-v1-core Brandon On Mon, Nov 13, 2017 at 2:00 PM wrote: > Hi i am trying to mo

Re: [kubernetes-users] Getting informations from my Kubernetes

Hello Matheus- I would suggest you run kube-state-metrics and the Prometheus Node Exporter . For example, we run these as Daemon Sets on CoreOS Tectonic and then scrape the

[kubernetes-users] [ANNOUNCE] Prometheus 2.0 Released

Hello Everyone- ICYMI Prometheus, a fellow CNCF project for container monitoring, has released their v2.0 today. You can learn more from the release from these links: 1. CoreOS post with in-depth benchmarks 2. Project blog

Re: [kubernetes-users] K8s LoadBalancer services Metrics ?

You would need to have a protocol aware in between your app and your load balancer like https://istio.io/ OR have your app export metrics to something like Prometheus (example ). Brandon On Mon, Oct 23, 2017 at 10:07 AM V

Re: [kubernetes-users] Unable to connect to to Oracle DB which is running on host from Kuberenetes POD

What is the connection string you are using? You will need to use a URL that gets forwarded out of the pod. Localhost will go to the pods localhost for example. You could do a test of things by using hostNetwork=true in the pod spec: https://kubernetes.io/docs/api-reference/v1.6/#podspec-v1-core

Re: [kubernetes-users] Kubernetes Job Opportunity- Michigan

Aside: There is https://groups.google.com/forum/#!forum/kubernetes-jobs and #kubernetes-careers on Slack for these sort of discussions. Brandon On Thu, Sep 21, 2017 at 3:32 PM Rodrigo Campos wrote: > Sorry, but please don't use the Kubernetes users mailing list to recruit > people. The topic of

Re: [kubernetes-users] Re: Kubernetes pulled image with digital instead of tag

An image tag is resolved to a concrete content addressable identifier. So, 1.7.9 is just an easy human understandable shortcut to the content address of f01bde0. The OCI spec sort of explains it here: https://github.com/opencontainers/image-spec/blob/master/image-layout.md#indexjson-file Brandon

Re: [kubernetes-users] RollingUpdate strategy on statefulsets

Can you `kubectl describe statefulset foo`? There might be details there. Also, did you upgrade from 1.6? https://groups.google.com/forum/#!topic/kubernetes-announce/5T8Ah5xuFz8 On Fri, Sep 8, 2017 at 5:51 AM wrote: > Hi, > > currently I am using Kubernetes (v 1.7.4) to deploy a Lagom microserv

Re: [kubernetes-users] How to get access to the Heapster's Grafana dashboard after clean Kubernetes installation using Rancher

Hello Parth- This isn't a general Kuberentes question so you might get help on the Rancher forums: https://forums.rancher.com/ Brandon On Fri, Sep 8, 2017 at 6:21 AM Parth Gandhi wrote: > I have just installed 3 node kubernetes cluster using rancher. I am trying > to access the grafana dashboa

Re: [kubernetes-users] Overriding kube-dns settings using the config map

You can do lots of interesting things with kube-dns or a custom dns. See this talk too: https://www.youtube.com/watch?v=VUCyrY7pHeE Mark (cc'd) has experience doing the custom DNS setups. Brandon On Fri, Sep 8, 2017 at 11:54 AM wrote: > I see that kube-dns now has support for a config map, as

Re: [kubernetes-users] FQDN's for pods?

That won't do what he wants, I don't think. $ kubectl run -i -t busybox --image=busybox --restart=Never -n team-tectonic --overrides='{ "apiVersion": "v1", "spec": {"hostname": "hello", "subdomain": "example"}}' If you don't see a command prompt, try pressing enter. / # hostname -f hello.example.t

[kubernetes-users] [ANNOUNCE] CoreOS Tectonic 1.7.1 with Azure Support, Calico, and more

Hello Everyone- CoreOS Tectonic v1.7.1 has been released! This brings new Azure support, Calico policy, and much more. You can learn more about the release on the blog post: https://coreos.com/blog/announcing-tectonic-1.7.1 As part of this release the Tectonic Installer project gained stable Azu

Re: [kubernetes-users] Generally speaking, separate apps = separate clusters, right?

Great overview Tim! This should be an FAQ item somewhere. On Fri, Aug 11, 2017 at 4:55 PM 'Tim Hockin' via Kubernetes user discussion and Q&A wrote: > This is not an easy question to answer without opining. I'll try. > > Kubernetes was designed to model Borg. This assumes a smaller number > of

Re: [kubernetes-users] Can't view logs in python pod/container

Great! I would argue your application isn't behaving properly and there is some code that expects a TTY that should be fixed. On Thu, Aug 10, 2017 at 1:52 PM David Rosenstrauch wrote: > Yep, that did the trick! > > Thanks, > > DR > > On 2017-08-10 4:43 pm, Brandon P

Re: [kubernetes-users] Can't view logs in python pod/container

n I launch it on k8s like so: > > kubectl run custom-django-app > --image=":5000/custom-django-app" > kubectl expose deployments custom-django-app --port 8080 --type NodePort > > Any idea where I'm going wrong? > > Thanks, > > DR > > On 2017-08-10

Re: [kubernetes-users] Can't view logs in python pod/container

Hello David- Can you share the code to your app? Something about the app requires a TTY to print out logs. Alternatively, add `tty: True` to the PodSpec https://kubernetes.io/docs/api-reference/v1.7/#podspec-v1-core Brandon On Wed, Aug 9, 2017 at 9:30 AM David Rosenstrauch wrote: > I'm runnin

Re: [kubernetes-users] Running kubectl on "self cluster" from a container

I don't quite understand what you are trying to do, but I think you need host networking. Try adding: --net=host Brandon On Thu, Aug 3, 2017 at 2:19 AM Itamar O wrote: > Hi, > > I have a Jenkins slave pod running on GKE. > In that pod, I can run kubectl commands and they seem to automagically >

Re: [kubernetes-users] Re: Create K8S with my own certificates

Yes, similarly the Tectonic Installer has docs and the ability to provide your own CA. On Thu, Jul 20, 2017 at 9:37 PM 'Robert Bailey' via Kubernetes user dis

Re: [kubernetes-users] How to install Kubernetes on CoreOS

y, July 6, 2017 at 4:05:49 PM UTC-7, Brandon Philips wrote: > > There are various install methods for Kubernetes on CoreOS Container > Linux[1]. Where are you looking to install? > > > > > > If you are looking to install on AWS, Bare Metal, or Azure try out the &g

Re: [kubernetes-users] How to install Kubernetes on CoreOS

There are various install methods for Kubernetes on CoreOS Container Linux[1]. Where are you looking to install? If you are looking to install on AWS, Bare Metal, or Azure try out the Tectonic Free Tier and the Tectonic Installer

Re: [kubernetes-users] How kubectl be authorized ?

Authorization can be done with https://kubernetes.io/docs/admin/authorization/rbac/ In Tectonic we use OIDC authentication which gives you a User to key off of. But, you can use x509 certificates with O/CN's to key off of too. HTH, Brandon On Wed, Jun 28, 2017 at 2:41 AM Shafreeck Sea wrote:

Re: [kubernetes-users] Use minikube in windows subsystem for linux?

use of the > docker-daemon which is running outside of WSL via TCP channel or something > like that. > > WSL does support running windows executables, but that isn't without its > problems. > > > > On Wednesday, June 21, 2017 at 5:51:17 PM UTC-5, Brandon Philips wro

Re: [kubernetes-users] Use minikube in windows subsystem for linux?

; like all that would be needed would be to add a special driver type to the > linux version to get this to work? I'm not sure how long hyperkube will be > around or supported (unless minikube makes use of it internally or > something). > > > > On Wednesday, June 21,

Re: [kubernetes-users] Use minikube in windows subsystem for linux?

Subscribe to this bug report to track my progress; https://github.com/kubernetes/minikube/issues/1627 On Wed, Jun 21, 2017 at 2:53 PM Brandon Philips wrote: > Aside: NAT setups also work but Windows inexplicably doesn't have a > built-in DHCP server. I had to write one in Go

Re: [kubernetes-users] Use minikube in windows subsystem for linux?

Aside: NAT setups also work but Windows inexplicably doesn't have a built-in DHCP server. I had to write one in Go to get NAT + minikube to work. Anyways, I will have a guide in the next week or two. On Wed, Jun 21, 2017 at 2:51 PM Brandon Philips wrote: > Hyperkube should work w

Re: [kubernetes-users] Use minikube in windows subsystem for linux?

Hyperkube should work with some caveats. I have a few notes from my work but this is a good starting point: https://github.com/kubernetes/minikube/issues/1598 Also, you have to setup an external network switch and use that as described here: https://blogs.msdn.microsoft.com/wasimbloch/2017/01/23/

Re: [k8s-sig-net] Re: [kubernetes-users] Accessing kafka from outside kubernetes

ure via annotations > here: > > https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typeloadbalancer > > Bowei > > On Wed, Jun 7, 2017 at 10:31 AM, Brandon Philips < > brandon.phil...@coreos.com> wrote: > >> Try the source ip prese

Re: [kubernetes-users] Setting up my POD YML file to access my AppDynamics installation not working

Can you include the entire yaml? It is hard to tell without more context. On Wed, Jun 7, 2017 at 10:35 AM Homer Najafi wrote: > Hi All, > > > > I am getting this error when I try to kubectl my yml file: > > [root@mx1605 ~]# kubectl create -f my-pod.yml > > [root@mx1605 ~]# kubectl logs my-pod >

Re: [kubernetes-users] Accessing kafka from outside kubernetes

fixed in version 1.7. I > will try out the alpha version. > > NodePort is working fine, the only drawback of it for my use case is that > it opens a port on all kubernetes nodes. > > Thanks for the help! > > On Tuesday, June 6, 2017 at 6:23:24 PM UTC+2, Brandon Philips wrote: &g

Re: [kubernetes-users] Can I know when will be the Kubernetes Cron Jobs beta/GA release?

Hello Amalka- We track features in the github.com/kubernetes/features repo. You can find the issue for CronJobs here: https://github.com/kubernetes/features/issues/19 It looks like CronJobs will, at the soonest, hit beta in 1.8: https://github.com/kubernetes/kubernetes/issues/41039#issuecomment-3

Re: [kubernetes-users] Accessing kafka from outside kubernetes

ePort to open a port on the nodes > where kafka is running. However, this seems not to work properly see > https://github.com/kubernetes/kubernetes/issues/23920. > > Thanks, > George > > > On Tuesday, June 6, 2017 at 2:24:19 AM UTC+2, Brandon Philips wrote: > > Fin

Re: [kubernetes-users] Accessing kafka from outside kubernetes

Find a Kubernetes Pod by Label Selector and Port-forward Locally Given a namespace "your-namespace" and a label query that identifies the pods you are interested in connect to a particular pod instance. If the label selector doesn't find a unique pod it will connect to the first pod by name. Ensur

Re: [kubernetes-users] Running a Kubernetes cluster using VirtualBox

Any reason to not use https://github.com/kubernetes/minikube? On Wed, May 31, 2017 at 9:02 AM Mike Cico wrote: > Hi all, > > I'm experimenting with Kubernetes on my local laptop (RHEL 7), and trying > to set up a k8s cluster using VirtualBox. Here's my configuration so far: > > - kubeadm/kubect

Re: [kubernetes-users] kubernetes headless service FQDN for pods

Hrm, the svc.namespace resolution _should_ work. Can you test the zk-2.zk-headless record? See the troubleshooting tips on this page for how: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ If you can't get those instructions to work we there are some more DNS / networking

[kubernetes-users] Re: SIG-Azure proposal

I 100% agree they shouldn't be the primary form of user support but it is really common to send people to a SIG mailing list or Slack channel if questions start to look like a bug or feature request. I think this is OK as it gets user feedback into the SIG loop. On Thursday, May 18, 2017 at 10:

[kubernetes-users] Re: SIG-Azure proposal

Hey Everyone- +1 for SIG formation from me. Someone from CoreOS can be involved in this SIG as we rely on the Azure cloud integrations in CoreOS Tectonic. The same folks involved in SIG AWS and pushing AWS features forward can help with cross-cloud SIG comms too. Aside, as it was mentioned dur

Re: [kubernetes-users] Flannel and master-to-slave node communication problems

What instructions did you follow to setup flannel? Link? Output from `ip addr`, `route -n`, `iptables -L -t nat`, and `iptables -L` is helpful as well. This reminds me we need a better set of docs that lists these things out for filing issues. Thanks, Brandon On Wed, May 17, 2017 at 11:31 PM S

Re: [kubernetes-users] services and namespaces

Sort of, see the services without selectors: https://kubernetes.io/docs/concepts/services-networking/service/#without-selectors On Tue, May 9, 2017 at 10:21 AM 'Ahmet Alp Balkan' via Kubernetes user discussion and Q&A wrote: > Documentation on DNS records: > https://kubernetes.io/docs/concepts/s

Re: [kubernetes-users] How to enable https and authentication for kubelet?

tem >> >> error: You must be logged in to the server (the server has asked for the >> client to provide credentials) >> >> I have specified " >> --kubelet-client-certificate=/etc/cfc/conf/server.cert >> --kubelet-client-key=/etc/cfc/conf/server.key&

Re: [kubernetes-users] How to enable https and authentication for kubelet?

Oh, there are docs here too: https://kubernetes.io/docs/admin/kubelet-authentication-authorization/ On Wed, May 3, 2017 at 1:35 PM Brandon Philips wrote: > Hello Qian- > > 10255 is the "read-only" port, to disable it remove --read-only-port from > kubelet co

Re: [kubernetes-users] How to enable https and authentication for kubelet?

Hello Qian- 10255 is the "read-only" port, to disable it remove --read-only-port from kubelet config. To configure authentication on the kubelet port use --client-ca-file. The API server has flags to authenticate using these CAs: https://github.com/coreos/tectonic-installer/blob/master/modules/b

[kubernetes-users] [ANNOUNCE] AWS ALB Ingress Controller for Kubernetes

Hey all, CoreOS & Ticketmaster have been working together on an AWS ALB ingress controller that is self-contained and easy to deploy. Specifically, one that can be used in place of the default ELB integration and provides more flexibility around its layer 7 routing capabilities and Route 53 DNS re

Re: [kubernetes-users] Access to etcd API within a GKE cluster

If you want to deploy etcd _on top_ of an existing Kubernetes cluster checkout the etcd operator: https://github.com/coreos/etcd-operator#etcd-operator On Tue, May 2, 2017 at 2:53 PM Strickland, Michael < michael.strickl...@nytimes.com> wrote: > Thanks Daniel, that makes perfect sense - glad to h

Re: [kubernetes-users] Longer graceful termination of pods

over to kubernetes-sig-node On Wed, Apr 26, 2017 at 8:44 AM wrote: > Hey! > > The kind of work that we're doing in Kubernetes is not safely > interruptible so we've been planning to set longer > `terminationGracePeriodSeconds` to allow pods to keep running for another > hour after they've been s

Re: [kubernetes-users] Kubernetes setup with flannel

Hello Ravisalamani- The information there is a bit out of date. These days flannel has a Kubernetes backend so you can deploy it as a daemonset (yaml , rbac

Re: [kubernetes-users] Ingress Controller for client-side authentication HTTPS on GCE

There is a catalog of Ingress controllers and I know some are missing: https://github.com/kubernetes/ingress/blob/master/docs/catalog.md On Tue, Apr 18, 2017 at 5:30 PM Paul Mazzuca wrote: > Noob to Google Container Engine and Kubernetes... Does Kubernetes have an > ingress controller that suppo

Re: [kubernetes-users] What happens when I stop & start kubelet?

To help you we need more details. Can you include the output of kubectl describe node $NODENAME? Also, the kubelet logs as well. On Tue, Apr 18, 2017 at 7:16 AM wrote: > Hi all, > > > http://stackoverflow.com/questions/43465434/what-happens-when-i-stop-start-kubelet > > If I stop kublet, the po

Re: [kubernetes-users] YUM repositories empty

Adding SIG Cluster Lifecycle. On Thu, Apr 13, 2017 at 4:45 AM wrote: > Is there any problem with YUM repos for Kubernetes today, or perhaps some > automated build/release process failed? > > There's still the "repodata" directory and meta files, but actual packages > are gone. They are in fact g

Re: [kubernetes-users] SSL endpoints: certs w/o IP SANs ok?

Hello John- Today, etcd will not enforce IP SANs but we just merged a change where it will enforce them IF they exist. Expect this change in a future release of etcd v3.2.[1] I forget the exact details on why IP SANs are necessary in the certificates. However, IIRC there are some places in Kubern

Re: [kubernetes-users] pods not running

What do the logs say on the kube controller manager? On Mon, Apr 10, 2017 at 2:34 AM YOUSSEF ASSATA wrote: > hi please It looks like my Azure cluster is failing to mount persistent > volumes what's the problem and here's my pods : > thanks > > ᐧ > > 2017-04-08 21:38 GMT+01:00 YOUSSEF ASSATA :

Re: [kubernetes-users] Multiple nginx ingress controllers.

You are looking for the Ingress Class annotation. See: https://github.com/kubernetes/ingress/tree/master/docs/faq#how-do-i-disable-an-ingress-controller Cheers, Brandon On Sun, Apr 9, 2017 at 7:57 AM wrote: > If anyone can point me to documentation on this I would be much > appreciative. How

[kubernetes-users] KubeCon EU 2017 Video Playlist

Hello Everyone- I saw this posted on /r/kubernetes and figured many would be interested: KubeCon EU 2017 Video Playlist . If you want help navigating the list you can reference conference

Re: [kubernetes-users] How long will it be another verify on the user token after pass the last authentication?

Hello Winston- I am not following your question. So, you are using webhook authn and want to know when it hits the webhook? If so, my understanding is that the webhook is hit on every API request. > When a client att

Re: [kubernetes-users] Is it possible to pass a custom AWS launch configuration in kops

Hey Jon- I can't speak to kops in particular but there might be a few ideas to workaround this: 1) If having the scripts post-install is OK then create a daemonset that deploys the scripts and mounts in the hostPath needed 2) Use Terraform or something else that is easier to customize, maybe chec

Re: [kubernetes-users] Service Account Token

That service account needs to have a mountable secret attached to it for that to work. Currently it has 0 secrets. How did you create this namespace? What version is your cluster? On Sat, Mar 25, 2017 at 6:33 PM wrote: > Hi All, > > I have couple of pods failing with the below error > > ``` > /

Re: [kubernetes-users] Re: Evicted pods policy

It is likely that no one has responded because we need more specifics on why the pods are evicted. Can you describe the pods? This doc should help you diagnose the issue: https://kubernetes.io/docs/concepts/cluster-administration/out-of-resource/#eviction-thresholds Brandon On Wed, Mar 22, 2017

Re: [kubernetes-users] kubectl can't connect to cluster after creating daemonset that logs too much

Can you get logs from etcd to figure out what is wrong? On Wed, Mar 22, 2017 at 11:15 AM wrote: > Hi all, > I just created a daemonset on one of my Kubernetes clusters which is just > a busybox logging to stdout. Unfortunately I think it is logging too much > and I now can't connect to the clust

Re: [kubernetes-users] Mutliple NIC on nodes

al IP > but we don't want 20 workers since each proxy pod have very small footprint. > > > Vadim > > On 21 Mar 2017, at 0:22, Brandon Philips > wrote: > > I don't quite understand your request. Can you just rely on the Linux > route table to handle this? > >

Re: [kubernetes-users] Prometheus, Kubernetes with service discovery for every App

Use the Prometheus Operator, it will glue Prometheus to the Kubernetes service discovery system enabling you to use label queries to find and scrape your applications. https://github.com/coreos/prometheus-operator Cheers, Brandon On Mon, Mar 20, 2017 at 7:28 PM wrote: > Hello > > I'm trying t

Re: [kubernetes-users] Mutliple NIC on nodes

I don't quite understand your request. Can you just rely on the Linux route table to handle this? On Mon, Mar 20, 2017 at 1:27 PM wrote: > Hi Guys, > > I've been going over the documents and couldn't find a a clear answer. > > We have a k8s service that require accessing an external service API,

Re: [kubernetes-users] Pod in minion cannot reach the DNS in Master. But Pod in master works fine!

How did you install Kubernetes? Everything looks OK. Can you grab the logs from flannel? Anything odd there? What is the network configuration of hte master? Where is the DNS pod scheduled? On Fri, Mar 17, 2017 at 6:59 AM ilter P wrote: > Hi, > > I have an kubernetes installation with 2 Nodes (

Re: [kubernetes-users] Issues with documentation

The examples can be helpful: https://github.com/kubernetes/client-go/tree/master/examples Talking directly via net/http is fine too. Some other simpler bindings have emerged as well too: https://github.com/ericchiang/k8s Brandon On Wed, Mar 15, 2017 at 3:04 AM Jaipradeesh Janarthanan wrote: >

Re: [kubernetes-users] Backing up master etcd

On Wed, Mar 8, 2017 at 10:17 AM 'Daniel Smith' via Kubernetes user discussion and Q&A wrote: > It's a bit of a shame that we don't have a "insert your backup code here" > spot for this in the default setup scripts, if you're running only one etcd > replica this is fairly important. It's worth not

Re: [kubernetes-users] Exec a shell command on k8s master node

Something like this? https://twitter.com/BrandonPhilips/status/831997779723513856 https://github.com/coreos/coreos-kubernetes/pull/835 On Thu, Mar 9, 2017 at 11:03 PM wrote: > How to execute a custom shell command on kubernetes master node via API? > My use case is to list docker containers ru

Re: [kubernetes-users] Migrating flannel aws-vpc from etcd coodination to kube-subnet-mgr

Hello Matthias- This is not something we planned a migration for. In general trying to do some sort of networking migration on a running Kubernetes cluster is going to lead to a bad time. Adding Casey and Tom in case they have any brilliant ideas. Brandon On Mon, Mar 6, 2017 at 7:18 AM Matthias

Re: [kubernetes-users] Kubectl OpenID and Server Configuration Caching

then you're not > exercising the plugin. At least that's what the code would do if there > isn't a bug. > > Does your kubectl still send the bearer token despite not hitting the > well-known endpoint? > > Eric > > [0] > https://github.com/kuber

Re: [kubernetes-users] How to define a DaemonSet to create slightly different pods?

, etc Hope that helps. Brandon On Wed, Feb 22, 2017 at 11:56 AM Brandon Philips wrote: > adding Tom and Casey for Flannel help > > > On Wed, Feb 22, 2017 at 12:11 AM Dongwon Kim > wrote: > > How can I define a single definition of DaemonSet to create slightly > differen

Re: [kubernetes-users] How to define a DaemonSet to create slightly different pods?

adding Tom and Casey for Flannel help On Wed, Feb 22, 2017 at 12:11 AM Dongwon Kim wrote: > How can I define a single definition of DaemonSet to create slightly > different pods from it? > What I mean by different pods is that pods created from different commands. > I currently make two differen

Re: [kubernetes-users] Kubectl OpenID and Server Configuration Caching

cc'ing Eric Chiang who worked on the caching code. On Mon, Feb 20, 2017 at 7:09 AM Rudy Bonefas wrote: > We have decided to use OpenID Connect with Kubectl and I have been in the > process if writing an OpenID Connect server using the nimbusds java sdk. > When kubectl first connects to my server

Re: [kubernetes-users] PaaS based on kubernetes and docker

Have you looked at the existing PaaS options that exist on top of Kubernetes like https://deis.com/? On Fri, Feb 17, 2017 at 6:18 AM YASMINE CHEIKHROUHOU < yasmine.cheikhrou...@enis.tn> wrote: > Hi > I want to develop a Cloud PaaS based on kubernetes and dockers to > instantiate applications as

Re: [kubernetes-users] Containers in the same pod

If you ever need more details see the Pod lifecycle guide: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/ Brandon On Thu, Feb 16, 2017 at 9:40 AM YASMINE CHEIKHROUHOU < yasmine.cheikhrou...@enis.tn> wrote: > Thank you Sir > > 2017-02-16 17:23 GMT+01:00 'Tim Hockin' via Kuberne

[kubernetes-users] Re: Run a job on all nodes in the cluster

I made a cute integration with the ol' SSH standby tool Fabric to accomplish something like this: https://github.com/coreos/coreos-kubernetes/pull/835 https://twitter.com/BrandonPhilips/status/831997779723513856 Brandon On Tuesday, January 24, 2017 at 7:54:34 AM UTC-8, Justin Garrison wrote: >

Re: [kubernetes-users] Re: The Resurrection of SIG-big-data

+1 to this. The etcd team has been working on an interesting project called zetcd which emulates the Zookeeper API ontop of the etcd data store. When combined with the etcd Operator it should create nice

Re: [kubernetes-users] Issue with iSCSI volumes

The minikube image has a very stripped down Kernel and I don't think it support iSCSI nor does the userspace have the necessary utilities. What are you trying to do? Brandon On Thu, Feb 2, 2017 at 5:53 AM Akhil Reddy wrote: > Hello, > I tried to use a iSCSI volume in the minikube environment a

Re: [kubernetes-users] Support for upstream version of Kubernetes

On Fri, Jan 20, 2017 at 11:21 AM Amlan wrote: > Who can provide consultancy and support for in-premise deployment of > upstream version (community version) of Kubernetes? > CoreOS Tectonic uses un-patched upstream Kubernetes and we have installation and guides for on-premise. You can get access

Re: [kubernetes-users] Run a job on all nodes in the cluster

-completion DaemonSet which I think covers > the > > use cases you mentioned as well as the one from Mayank. > > > > > > > > On Fri, Jan 20, 2017 at 10:26 AM, Brandon Philips > > wrote: > >> > >> I think this would be a nice thing to have. I have seen a few

Re: [kubernetes-users] Run a job on all nodes in the cluster

I think this would be a nice thing to have. I have seen a few users wanting to do things like run a quick script against all nodes in a cluster that say tweaks a sysctl across the entire fleet. Or, gathers up some setting and pushes the results to some service. I think it would be worthwhile to ga

Re: [kubernetes-users] Best way to cache data on Kubernetes

On Wed, Jan 18, 2017 at 10:12 AM Vincent Coquart wrote: > We are migrating our micro service on Kubernetes. > > I have some questions about what is the best way to cache data on a > Kubernetes Cluster. > > I see two solutions : > - Create a Redis (or Aerospike, or Couchbase ..) cluster in a Kuber

Re: [kubernetes-users] setup kubedns failed (kubernetes 1.5.1)

Hello Karl- How did you deploy Kubernetes? In nearly all environments DNS should be installed on your behalf. Can you paste in here the final kube-dns deployment you got after templating? Seems like something went wrong. Brandon On Mon, Dec 19, 2016 at 1:23 AM Karl Vito Lam wrote: > Hello, >

Re: [kubernetes-users] Re: nginx ingress controller configuration on Kubernetes vagrant

On Thu, Dec 15, 2016 at 3:30 PM Mugdho Debnath wrote: > This works pretty well if you move from using CoreOS to Ubuntu (or any > other linux distro) VMs. From the bit of digging that I did, it seems that > nginx / traefix is not opening the required port on CoreOS for some reason. > Odd. Adding

Re: [kubernetes-users] What to examine to understand an existing kubernetes install?

Also, ensure that etcd is being backed up as you poke around and ideally in a clustered configuration. On Mon, Dec 12, 2016 at 8:52 AM Rodrigo Campos wrote: > Tim++, and see if the k8s version is not vulnerable to a security bug > (it's been one like 1/2 months ago, can't easily search for the l

Re: [kubernetes-users] Kuburnetes on Mesos?

On Friday, December 9, 2016 at 11:06:51 AM UTC-8, kvch...@gmail.com wrote: > > On Thursday, December 8, 2016 at 9:30:03 PM UTC-8, David Oppenheimer > wrote: > > I know there are some people using Kubernetes-on-Mesos, but we haven't > really heard any details on the exact use cases they're addres

Re: [kubernetes-users] remote deployment

On Fri, Dec 2, 2016 at 1:28 PM Ben Kochie wrote: > Kubernetes requires all nodes that run pods to have the kubelet running to > manage the containers. This also means that everything in the cluster > needs to be part of the same overlay network. > Just to be clear you don't need to be using an

Re: [kubernetes-users] Re: Running Calico on GKE

Aside: kube-flannel takes care of dropping the CNI plugin on the root filesystem in this way today . But, yes, the kubelet needs to be in CNI mode first. On Wed, Nov 30, 2016 at 10:13 AM 'Tim Hockin' via Kubernetes u

Re: [kubernetes-users] Have anyone successfully registered more than 120 nodes with Kube-master 1.4.x?

:53 PM UTC-8, Brandon Philips wrote: > > How are you running the API server? If you are running it in a container > your shell ulimits won't match. Find the API server PID and do: > > > > > > cat /proc/$PID/limits to check > > > > > > On Tue, Nov 29

Re: [kubernetes-users] Have anyone successfully registered more than 120 nodes with Kube-master 1.4.x?

How are you running the API server? If you are running it in a container your shell ulimits won't match. Find the API server PID and do: cat /proc/$PID/limits to check On Tue, Nov 29, 2016 at 5:11 PM wrote: > On Tuesday, November 29, 2016 at 4:34:19 PM UTC-8, Daniel Smith wrote: > > You need to

Re: [kubernetes-users] kube-dns still up for a while and dies

On Mon, Nov 21, 2016 at 5:45 AM wrote: > E1121 13:05:10.957270 1 reflector.go:136] Failed to list > *api.Service: Get https://10.104.25.85:443/api/v1/services: x509: failed > to load system roots and no roots provided > This doesnt' seem right. Can you include the output of the kube-dns se

[kubernetes-users] KubeCon Video Recordings Playlist on Youtube

Hey Everyone- Videos from KubeCon Seattle are now available: https://www.youtube.com/playlist?list=PLj6h78yzYM2PqgIGU1Qmi8nY7dqn9PCr4 Thank you to the speakers, KubeCon program committee, and the CNCF and LF for putting together an overwhelmingly successful event. Cheers, Brandon -- You recei

Re: [kubernetes-users] Is it possible to route Kubernetes service based on Metadata ?

ce"; it will loadbalance across all the 4 pods . > > I need to specific to forward the request to the pods which has the label > "app=xyz" > > > like http://testservice. > > > > > On Wednesday, November 16, 2016 at 12:50:01 PM UTC+5:30, Brandon Phil

Re: [kubernetes-users] Is it possible to route Kubernetes service based on Metadata ?

Yes, create a service with a label selector for each combination: http://kubernetes.io/docs/user-guide/labels/#label-selectors http://kubernetes.io/docs/user-guide/services/#defining-a-service On Tue, Nov 15, 2016 at 11:12 PM Vinoth Narasimhan wrote: > Our aim is to replace the Netflix Discove

Re: [kubernetes-users] Request service from minion only forward to local deployed pod in that minion

All of those releases are quite old for community support. Can you try something newer? On Tue, Nov 15, 2016 at 10:21 PM Mootez Bessifi wrote: > @Brandon Philips: Thank you very much for you answer. > Yesterday after doing some advanced research i found out a bug > <https://bugzill

Re: [kubernetes-users] Request service from minion only forward to local deployed pod in that minion

It sounds like your Pod Network isn't working. How is your network setup? Read more about Kubernetes networking here: https://github.com/kubernetes/kubernetes/blob/master/docs/design/networking.md On Mon, Nov 14, 2016 at 11:34 PM wrote: > Hi everybody, > sorry but i am in very strange state s

Re: [kubernetes-users] kube-dns not able to connect to kubernetes service

the deployments to new cluster without any downtime and without > loosing data of statefull application. > > Any tips for this goal are most welcome. > > BR, Manoj > > On Mon, Nov 14, 2016, 9:37 AM Brandon Philips > wrote: > > Did you try deleting the pod? Can you try lau

Re: [kubernetes-users] Is there any influencing factor has an influence on the time costed by "kubectl get" and "kubectl delete" ?

Add `-v 9` to get a debug log of requests and their time to complete. e.g. `kubectl get deployments -v 9` On Fri, Nov 4, 2016 at 12:50 AM wrote: > Is there any influencing factor has an influence on the time costed by > "kubectl get" and "kubectl delete" ? > > -- > You received this message beca

Re: [kubernetes-users] Minikube: Kubectl could not connect to kubernetes-cluster in windows 7

Have you tried using the hyperv driver instead? Otherwise, see if there might be a relevant issue on the minikube repo: https://github.com/kubernetes/minikube/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aopen%20windows On Fri, Nov 4, 2016 at 8:57 AM Soms wrote: > Hi > > I'm trying to run Minikube

Re: [kubernetes-users] Performance issue with an application on GKE and in Vagrant

My first suggested step of debugging would be running the frontend and middleware containers in the same pod and have them connect to each other over localhost. If that works then I would try and see if behavior changes with kube-proxy --proxy-mode userspace as it might be something with the iptabl

  1   2   >