google-kubernetes-engine

问题 So on GKE I have a Node.js app which for each pod uses about: CPU(cores): 5m, MEMORY: 100Mi However I am only able to deploy 1 pod of it per node. I am using the GKE n1-standard-1 cluster which has 1 vCPU, 3.75 GB per node. So in order to get 2 pods of app up total = CPU(cores): 10m, MEMORY: 200Mi , it requires another entire +1 node = 2 nodes = 2 vCPU, 7.5 GB to make it work. If I try to deploy those 2 pods on the same single node, I get insufficient CPU error. I have a feeling I should

问题 I created a Kubernetes cluster with the following CLI command: gcloud container clusters create some-cluster --tags=some-tag --network=some-network I would now like to: Disable the --tags option, so that new nodes/VMs are created without the tag some-tag . (Optional: Remove the tag from existing machines, which should be possible through gcloud compute instances remove-tags .) Disable the --network flag, returning the cluster to the default GCP network. Are either of these operations possible

问题 I've created a cluster on Google Kubernetes Engine (previously Google Container Engine) and installed the Google Cloud SDK and the Kubernetes tools with it on my Windows machine. It worked well for some time, and, out of nowhere, it stopped working. Every command I'm issuing with kubectl provokes the following: Unable to connect to the server: net/http: TLS handshake timeout I've searched Google, the Kubernetes Github Issues, Stack Overflow, Server Fault ... without success. I've tried the

问题 Let's say I'm using an GCE ingress to handle traffic from outside the cluster and terminate TLS ( https://example.com/api/items ), from here the request gets routed to one of two services that are only available inside the cluster. So far so good. What if I have to call service B from service A, should I go all the way and use the cluster's external IP/domain and use HTTPS ( https://example.com/api/user/1 ) to call the service or could I use the internal IP of the service and use HTTP ( http:

问题 Let's say I'm using an GCE ingress to handle traffic from outside the cluster and terminate TLS ( https://example.com/api/items ), from here the request gets routed to one of two services that are only available inside the cluster. So far so good. What if I have to call service B from service A, should I go all the way and use the cluster's external IP/domain and use HTTPS ( https://example.com/api/user/1 ) to call the service or could I use the internal IP of the service and use HTTP ( http:

问题 I have made a Dockerfile for deploying my node.js application into google container engine .It looks like as below FROM node:0.12 COPY google-cloud-sdk /google-cloud-sdk RUN /google-cloud-sdk/bin/gcloud init COPY bpe /bpe CMD cd /bpe;npm start I should use gcloud init inside Dockerfile because my node.js application is using gcloud-node module for creating buckets in GCS . When i am using the above dockerfile and doing docker built it is failing with following errors sudo docker build -t gcr

问题 I followed the load balancer tutorial: https://cloud.google.com/container-engine/docs/tutorials/http-balancer which is working fine when I use the Nginx image, when I try and use my own application image though the backend switches to unhealthy. My application redirects on / (returns a 302) but I added a livenessProbe in the pod definition: livenessProbe: httpGet: path: /ping port: 4001 httpHeaders: - name: X-health-check value: kubernetes-healthcheck - name: X-Forwarded-Proto value: https -

问题 I have a project with Appengine part and Google Containers cluster. Appengine app needs to make http calls to a Service deployed to Google Containers. I know that I can assign an external IP to the Service, hardcode it into my Appengine app, and then make UrlFetch requests agains such IP. That works. But I don't want to use public network for such communication. I wondering maybe I can also get access like it's done inside Kubernetes cluster between Pods? by specifying a service host name,

问题 I want to expose a HTTP service running in Google Container Engine over HTTPS only load balancer. How to define in ingress object that I want HTTPS only load balancer instead of default HTTP? Or is there a way to permanently drop HTTP protocol from created load balancer? When I add HTTPS protocol and then drop HTTP protocol, HTTP is recreated after few minutes by the platform. Ingress: apiVersion: extensions/v1beta1 kind: Ingress metadata: name: myapp-ingress spec: backend: serviceName: myapp

问题 I want to limit the permissions to the following service account, created it as follows: kubectl create serviceaccount alice --namespace default secret=$(kubectl get sa alice -o json | jq -r .secrets[].name) kubectl get secret $secret -o json | jq -r '.data["ca.crt"]' | base64 -d > ca.crt user_token=$(kubectl get secret $secret -o json | jq -r '.data["token"]' | base64 -d) c=`kubectl config current-context` name=`kubectl config get-contexts $c | awk '{print $3}' | tail -n 1` endpoint=`kubectl