google-kubernetes-engine

问题 We have a GKE cluster with: master nodes with version 1.6.13-gke.0 2 node pools with version 1.6.11-gke.0 We have Stackdriver Monitoring and Logging activated. On 2018-01-22, masters where upgraded by Google to version 1.7.11-gke.1. After this upgrade, we have a lot of errors like these: I 2018-01-25 11:35:23 +0000 [error]: Exception emitting record: No such file or directory @ sys_fail2 - (/var/log/fluentd-buffers/kubernetes.system.buffer..b5638802e3e04e72f.log, /var/log/fluentd-buffers

问题 I'd like to know the current limit on the RAM. (No limit/request was explicitly configured.) How do I see the current configuration of an existing pod? [Edit] That configuration would include not only how much memory is now in use, but also the max-limit, the point at which it would be shut down. (If I blow up the heap with huge strings, I see a limit of approx 4 GB, and the Google Cloud Console shows a crash at 5.4 GB (which of course includes more than the Python interpreter), but I don't

问题 I have installed Kubernetes in Ubuntu server using instructions here. I am trying to create pods using kubectl run hello-minikube --image=gcr.io/google_containers/echoserver:1.4 --hostport=8000 --port=8080 as listed in the example. However, when I do kubectl get pod I get the status of the container as pending . I further did kubectl describe pod for debugging and I see the message: FailedScheduling pod (hello-minikube-3383150820-1r4f7) failed to fit in any node fit failure on node

问题 I try to install ElasticSearch (latest) on a cluster nodes on Google Container Engine but ElasticSearch needs the variable : vm.max_map_count to be >= 262144. If I ssh to every nodes and I manually run : sysctl -w vm.max_map_count=262144 All goes fine then, but any new node will not have the specified configuration. So my questions is : Is there a way to load a system configuration on every nodes at boot time ? Deamon Set would not be the good solution because inside a docker container, the

问题 I'm using kubernetes ingress-nginx and this is my Ingress spec. http://example.com works fine as expected. But when I go to https://example.com it still works, but pointing to default-backend with Fake Ingress Controller certificate. How can I disable this behaviour? I want to disable listening on https at all on this particular ingress, since there is no TLS configured. kind: Ingress apiVersion: extensions/v1beta1 metadata: name: http-ingress annotations: kubernetes.io/ingress.class: "nginx"

问题 We're using GKE with our Kubernetes cluster. One of the apps we're running is Jenkins for CI. Unfortunately, Jenkins slaves need to use Docker to mount their host's docker.sock . This is, potentially, an escalation exploit. The solution is to set up your Admission Controller in the API server to use DenyEscalatingExec . But I can't, for the life of me, figure out how to get at that setting through GKE. It could even be set by default, but I can't figure out how to even get at the default

问题 "spec": { "containers": [ { "name": "test", "image": "gcr.io/helloworldnodejs-1119/mytetest", "resources": { "requests": { "cpu": "500m", "memory": "128Mi" } }, "env": [ { "name": "GET_HOSTS_FROM", "value": "dns" } ], "ports": [ { "name": "middleware-server", "containerPort": 8000, "hostPort": 8000 } ] } ] } RajRajen:mytetest rajrajen$ kubectl describe pod lbmiddleware-6e1hi Name: lbmiddleware-6e1hi Namespace: default Image(s): gcr.io/helloworldnodejs-1119/mytetest Node: / Labels: app

问题 Background I'd like to connect Wordpress docker container to a Google Could SQL instance. By default Google Cloud SQL only expose an IPv6 address and preferably I'd like to connect Wordpress to this address but I can't find a way to do so (see my other stackoverflow post for details). Question I'd like to know if it's possible to connect to an IPv6 address from a pod running in Kubernetes (GKE)? If so how? 回答1: Currently, Google Cloud Platform Networks only support IPv4, so connecting to IPv6

问题 I have a Kubernetes cluster with auto-provisioning enabled on GKE. gcloud beta container clusters create "some-name" --zone "us-central1-a" \ --no-enable-basic-auth --cluster-version "1.13.11-gke.14" \ --machine-type "n1-standard-1" --image-type "COS" \ --disk-type "pd-standard" --disk-size "100" \ --metadata disable-legacy-endpoints=true \ --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth

问题 I'm trying via Jenkins to push an image to the container repository. It was working at first, but now, I got "access denied" docker -- push gcr.io/xxxxxxx-yyyyy-138623/myApp:master.1 The push refers to a repository [gcr.io/xxxxxxx-yyyyy-138623/myApp] bdc3ba7fdb96: Preparing 5632c278a6dc: Waiting denied: Access denied. the Jenkinsfile look like : sh("gcloud docker --authorize-only") sh("docker -- push gcr.io/xxxxxxx-yyyyy-138623/hotelpro4u:master.1") Remarks: Jenkins is running in Google Cloud