google-kubernetes-engine

问题 I'm trying to create a new ClusterRole in a Private Cluster which I'm administering from a Jumpbox but keep hitting the "forbidden: attempt to grant extra privileges" error. I am authenticated with gcloud as the default compute service account and this has the Kubernetes Engine Admin role. I have created a cluster role binding for the gcloud service account using kubectl create ClusterRoleBinding sa-admin-binding --ClusterRole=cluster-admin --User=xxxxxxxx-service-account@xxxx.developer

问题 Is there anyway to propagate all kubernetes events to google cloud log? For instance, a pod creation/deletion or liveness probing failed, I knew I can use kubectl get events in a console. However, I would like to preserve those events in a log file in the cloud log with other pod level logs. It is quite helpful information. 回答1: It seems that OP found the logs, but I wasn't able to on GKE (1.4.7) with Stackdriver. It was a little tricky to figure out, so I thought I'd share for others. I was

问题 The containers in my k8s cluster need to be set to the correct time with high accuracy, meaning that I can only handle 10s of milliseconds difference max. Do I need to setup NTP configuration for the containers on Google Kubernetes Engine to make sure that that clock in the containers is set to the correct time? 回答1: No. You don't need to do any of your own NTP configuration. Google Kubernetes Engine (GKE) runs a timesyncd service in each of the containers. The service is pre-configured to

问题 When I resize a replication controller using kubectl, if the cluster does not have enough resource, there will have one or more pods always in pending. Is there has any tool will auto resize GKE cluster when the resource is running out? 回答1: I had a similar requirement (for the Go build system): wanted to know when scheduled vs. available CPU or memory was > 1, and scale out nodes when that was true (or, more accurately, when it was ~.8). There's not a built-in metric, but as you suggest you

问题 I am new to Google Container Engine (GKE). When run on localhost it's working fine but when I deploy to production with GKE I got websocket error. My node app is develop with Hapi.js and Socket.io and my structure is shown in image below. Application Architecture I'm using Glue to compose Hapi server. Below is my manifest.json { ... "connections": [ { "host": "app", "address": "0.0.0.0", "port": 8000, "labels": ["api"], "routes": { "cors": false, "security": { "hsts": false, "xframe": true,

问题 We want to use an app engine flexible process to update our ElasticSearch index, which is on Google Kubernetes Engine. We need to connect to ElasticSearch via a http(s) address. What's the recommended way to do this? We don't want to expose the cluster to the external networks since we don't have authentication in front of it. I've seen this SO post but both k8s and AE have changed a lot in the 2 years since the question/answer. Thanks for your help! 回答1: The post you linked to was about App

问题 I am getting the error: error validating "mysql.yaml": error validating data: ValidationError(Deployment.spec.template.spec.volumes[0]): unknown field "path" in io.k8s.kubernetes.pkg.api.v1.Volume; ) apiVersion: extensions/v1beta1 kind: Deployment metadata: name: mysql labels: app: mysql spec: replicas: 1 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: containers: - image: mysql:5.6 name: mysql env: - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name:

问题 What's the best way in script to wait for a job or pod to complete in Kubernetes or Google Container Engine? In particular, it would be better to be notified rather than polling for status in kubectl , but I'd be happy with a fairly efficient loop without any slips between the cracks. Essentially, I'd like the equivalent of a plain docker run since that blocks until command termination, but I don't want to use docker directly in this case. I looked at Github Issue #1899 but it looks

问题 I am trying to create a Kubernetes cluster in Google Cloud Platform and I receive the following error when I try to create the cluster from the Web app: An unknown error has occurred in Compute Engine: "EXTERNAL: Google Compute Engine: Required 'compute.zones.get' permission for 'projects/my-project-198766/zones/us-west1-a'". Error code: "18" When I use gcloud I receive this response: (gcloud.container.clusters.create) ResponseError: code=403, message=Google Compute Engine: Required 'compute

问题 TLDR: Is it possible to link two containers with the container manifest? I'm trying to port the Guestbook Sample app from the Google Container Engine docs to a container vm. I'm having troubles to connect the two container vms so the web app can access the redis service. It works, if I'm using the docker command line on the instance: start the instance and ssh into it: gcloud compute instances create guestbook-vm --image container-vm --machine-type g1-small gcloud ssh guestbook-vm create the