google-kubernetes-engine

I am trying to setup ingress load balancer. Basically, I have a single backend service with multiple paths. Let's say my backend NodePort service name is hello-app. The pod associated with this service exposes multiple paths like /foo and /bar. Below is the example NodePort service and associated deployment apiVersion: v1 kind: Service metadata: name: hello-app spec: selector: app: hello-app type: NodePort ports: - protocol: "TCP" port: 7799 targetPort: 7799 --- apiVersion: apps/v1 kind: Deployment metadata: name: hello-app labels: app: hello-app spec: replicas: 1 selector: matchLabels: app:

I am trying to further understand what exactly is happening when I provision a private cluster in Google's Kubernetes Engine. Google provides this example here of provisioning a private cluster where the control plane services (e.g. Kubernetes API) live on the 172.16.0.16/28 subnet. https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters gcloud beta container clusters create pr-clust-1 \ --private-cluster \ --master-ipv4-cidr 172.16.0.16/28 \ --enable-ip-alias \ --create-subnetwork "" When I run this command, I see that: I now have a few gke subnets in my VPC belong to the

Our project recently migrated away from Stackdriver Logging. However, I cannot figure out how to get rid of the fluentd-cloud-logging-* pods in the kube-system namespace. If I delete the individual pods, they come right back. How do I kill them off for good? It's not clear to me how they're getting recreated; there is certainly no DaemonSet bringing them back. I already set monitoringService to none in the configuration described by gcloud container clusters describe . The fluentd-cloud-logging pods in the kube-system namespace are defined in the /etc/kubernetes/manifests/ folder of each host

A little bit of background: I have a Go service that uses gRPC to communicate with client apps. gRPC uses HTTP2, so I can't use Google App Engine or the Google Cloud HTTP Load Balancer. I need raw TCP load balancing from the internet to my Go application. I went through the GKE tutorials and read the various docs and I can't find any way to give my application a static IP address. So how do you get a static IP attached to something running in GKE? This is not supported in kubernetes v1.0.x but in v1.1.x it will be available as service.spec.loadBalancerIP . As long as you actually own that IP

Let's say I'm using an GCE ingress to handle traffic from outside the cluster and terminate TLS ( https://example.com/api/items ), from here the request gets routed to one of two services that are only available inside the cluster. So far so good. What if I have to call service B from service A, should I go all the way and use the cluster's external IP/domain and use HTTPS ( https://example.com/api/user/1 ) to call the service or could I use the internal IP of the service and use HTTP ( http://serviceb/api/user/1 )? Do I have to encrypt the data or is it "safe" as long as it isn't leaving the