Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [kubernetes]

Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions. Using the concepts of "labels" and "pods", it groups the containers which make up an application into logical units for easy management and discovery.

Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions. Using the concepts of "labels" and "pods", it groups the containers which make up an application into logical units for easy management and discovery.

For more details, visit the official Kubernetes page.

2075 questions
7
votes
1 answer

SECURITY: Should containers run TLS or can they rely on its sidecar?

I wonder how security experts think about making container traffic secure. Let's take a simple K8S cluster as an example. I guess we all agree that running HTTPS instead of HTTP within each container is more secure. I would normally configure a TLS…
xpepermint
  • 267
  • 3
  • 9
7
votes
1 answer

400 Error with nginx-ingress to Kubernetes Dashboard

I have an ingress that connects to Kubernetes Dashboard, but I'm getting a 400 error when trying to access it. --- apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: kubernetes-dashboard namespace: kubernetes-dashboard …
cclloyd
  • 583
  • 1
  • 13
  • 24
7
votes
2 answers

Kubernetes pod /etc/resolv.conf has the wrong nameserver

I have a 4-node cluster setup at home that I am playing with, and ran into a problem when I started trying to do pod-to-pod communications. I used Kubespray to install the nodes (1 "server/controller" and 3 "nodes"). The issue is that I can't…
CodeChimp
  • 273
  • 1
  • 6
  • 15
6
votes
1 answer

Kubernetes pod has unbound immediate PersistentVolumeClaims (eks)

I have following StorageClass defined for aws eks cluster (3 nodes) kind: StorageClass apiVersion: storage.k8s.io/v1 metadata: name: aws-gp2 annotations: storageclass.kubernetes.io/is-default-class: "true" provisioner:…
roy
  • 119
  • 1
  • 2
  • 12
6
votes
1 answer

Is it possible to change the location of emptyDir volumes?

My kubernetes clusters' nodes all have small root partitions. Is it possible to configure k8s to use an alternate location for emptyDir volumes?
DjPadz
  • 61
  • 3
6
votes
1 answer

Docker images vs Helm Charts

First of all I apologies because I am developer trying to understand some server stuffs. I request the moderators please don't be harsh if this question doesn't make any sense here. From my understanding we have docker images inside docker hub which…
user960567
  • 329
  • 2
  • 9
  • 17
6
votes
1 answer

Ungracefully terminating pods

To test that the high-availability mode does what it should, I need to kill the instances during testing, and I need to kill them in such way that they can't report they are disconnecting or similar. For practical reasons I need to do the testing on…
Jan Hudec
  • 265
  • 3
  • 11
6
votes
1 answer

kubectl patch: add port to deployment's pod template

I have a deployment running one pod consisting of an unique container. The deployment is currently up & running, and I want to modify its pod template to add a port to the container. Here are the currently defined ports: $ kubectl get deployment -o…
Elouan Keryell-Even
  • 453
  • 2
  • 8
  • 20
6
votes
2 answers

Kubernetes Ingress: How can I expose two ports on one path?

I have a GCE Ingress configured and working with SSL on port 443. I'm trying to get port 28080 pointing to my standalone actionable server. I currently have this for my Ingress yaml: # web-ingress.yaml apiVersion: extensions/v1beta1 kind:…
Archonic
  • 314
  • 2
  • 5
  • 13
6
votes
2 answers

Kubernetes: relation between Service IP's and pod IP's

I'm trying to understand a bit more about Kubernetes networking. That's why I've deployed a cluster in google cloud and checked the networking: gcloud container clusters describe cluster0 | grep -i cidr clusterIpv4Cidr: 10.20.0.0/14 #…
DenCowboy
  • 283
  • 3
  • 6
  • 14
6
votes
1 answer

Connect AWS route53 domain name with K8s LoadBalancer Service

What I'm trying to do Create a Kubernetes environment with a single API gateway service that is mapped to a DNS address. What I have done: 1) I went to AWS Route53 service and created a subdomain. 2) That subdomain seems to have a static IP. I…
Roman
  • 163
  • 1
  • 6
6
votes
2 answers

Intermittent DNS failures in Google Container Engine

[Question rewritten with details of findings.] I am running a Google Container Engine cluster with about 100 containers which perform about 100,000 API calls a day. Some of the pods started getting 50% failure in DNS resolution. I dug into this and…
jwadsack
  • 201
  • 1
  • 8
6
votes
1 answer

How to secure a docker host to not allow rooting

I am trying to make docker on a server more secure. The main problem is that most people say "if a person has access to docker, they can be root too" for an administrator point of few this is not something you would want. To elaborate, they can use…
Erik-Jan Riemers
  • 235
  • 1
  • 2
  • 7
6
votes
2 answers

Unable to run Hyperkube (kubernetes) locally via Docker

I have followed this tutorial in order to run kubernetes cluster locally in a Docker container. When I run kubectl get nodes, I get: The connection to the server localhost:8080 was refused - did you specify the right host or port? I have noticed…
Héctor
  • 187
  • 1
  • 4
  • 15
6
votes
3 answers

Can I run a single-node K3S cluster?

I am aware of the consequences and issues with running a single-node cluster. However, I'm still curious if it's possible. I plan on setting everything up myself. In other words, can I run the control plane and a worker node on the same physical…
Mathias Lykkegaard Lorenzen
  • 341
  • 2
  • 4
  • 10
1 2 3
99 100