google-kubernetes-engine

问题 I have a mongo database in the gce . (config see below) when i deploy it to a 1.7.12-gke.1 everything works fine. Which means the sidecar resolves the pods and links then now when i deploy the same konfiguration to 1.8.7-gke.1 resultes in missing permissions to list pods see below. I don't get the point what has changed . I assume i need to assign specific permissions to the user account is that right ? What am I missing? Error log message: 'pods is forbidden: User "system:serviceaccount

问题 I followed all the google documentation to deploy a docker image into goole compute (this one) but I can't find more informations about google-container-manifest options. For example I can't add a port range. I tried that without success : ports: - containerPort: 80 hostPort: 80 - containerPort: 443 hostPort: 443 - containerPort: "10000-20000" hostPort: "10000-20000" Where can we find all parameters we can use for google container manifest ? And is it possible to add a port range mapping ?

问题 I am trying to use Cloud run with private GKE cluster. I created the cluster using the below command: gcloud beta container clusters create cluster-name \ --create-subnetwork name=cloud-run-subnet \ --enable-master-authorized-networks \ --enable-ip-alias \ --enable-private-nodes \ --enable-private-endpoint \ --master-ipv4-cidr 172.16.0.32/28 \ --no-enable-basic-auth \ --no-issue-client-certificate \ --addons=HorizontalPodAutoscaling,HttpLoadBalancing,Istio,CloudRun \ --machine-type=n1

问题 When I a Docker image to Kubernetes I get this permission denied error I'm using Google Container-Registry/ to store docker image that was build with cloud build 回答1: This totally looks like backend doesn't have 'execute' permissions in the container. On your Dockerfile just try adding it execute permissions. Something like this: RUN chmod 755 /backend Hope it helps. 来源： https://stackoverflow.com/questions/52488927/permission-denied-when-deploying-docker-image-to-kubernetes-engine

问题 I've a Kubernetes cluster on GKE that has a nginx ingress controller sitting on top to mapping the RStudio Server endpoint under /rstudio/. This works quite well. Unfortunately, one of my deployments (RStudio Server) doensn't work properly because it uses client-side redirects during the login/logout which end ups in 404 error when trying to access /auth-login (it should be /rstudio/auth-login) In the past, when using a non-containerized install of RStudio Server, I used to sit an Apache

问题 I'm following the "hello wordpress" example: https://cloud.google.com/container-engine/docs/tutorials/hello-wordpress, but it stops with: henrik_ormasen_gmail_com@k8s-test2-master:~$ gcloud alpha container kubectl create -f wordpress.json Traceback (most recent call last): File "/usr/local/bin/../share/google/google-cloud-sdk/./lib/googlecloudsdk/gcloud/gcloud.py", line 209, in <module> main() File "/usr/local/bin/../share/google/google-cloud-sdk/./lib/googlecloudsdk/gcloud/gcloud.py", line

问题 I am trying to invoke kubectl from within my CI system. I wish to use a google cloud service account for authentication. I have a secret management system in place that injects secrets into my CI system. However, my CI system does not have gcloud installed, and I do not wish to install that. It only contains kubectl. Is there any way that I can use a credentials.json file containing a gcloud service account (not a kubernetes service account) directly with kubectl? 回答1: The easiest way to skip

问题 The supported versions are listed here: https://cloud.google.com/container-engine/supported-versions but I'm wondering if there is a way to programatically get this list (besides scraping that page, I guess) via gcloud or some similar tool? I find that hard-coding a single version breaks often because Google keeps updating the supported versions. At the same time, I /would/ like to specify at least the large version (e.g., 1.7.x) because it appears that 1.8.x introduces some breaking changes,

问题 I have a very simple web app based on HTML, javascript + little bit jquery, angularjs. It is tested locally on eclipse Jee and on Tomcat and working fine. And its image is working fine on docker locally. I can access on browser using localhost:8080/xxxx , 127.0.0.1:8080/xxxx , 0.0.0.0:8080 . But when I deploy to google Kubernetes, I'm getting "This site can not be reached" if I use the external IP on the browser. I can ping my external IP, but curl is not working. It's not a firewall issue

问题 I am running a Kubernetes cluster on Google container engine. My metrics are not getting pushed to Stackdriver by default. Do I need to start Heapster service explicitly or is it automatically managed by container engine itself? 回答1: If there isn't a Heapster pod running in your cluster, then your cluster was created before we started enabling cluster monitoring by default. We are working on adding a way for users to retroactively turn on monitoring, but if you want metrics pushed into stack