google-kubernetes-engine

Kubernetes NodePort Custom Port

阅读更多关于 Kubernetes NodePort Custom Port

问题 Is there way to specify a custom NodePort port in a kubernetes service YAML definition? I need to be able to define the port explicitly in my configuration file. 回答1: You can set the type NodePort in your Service Deployment. Note that there is a Node Port Range configured for your API server with the option --service-node-port-range (by default 30000-32767 ). You can also specify a port in that range specifically by setting the nodePort attribute under the Port object, or the system will

Resize instance types on Container Engine cluster

阅读更多关于 Resize instance types on Container Engine cluster

Some of our containers run better with memory above the instance type currently deployed in our Container Engine cluster. Is there a recommended practice to rebuild the container engine template for larger instances after the container engine cluster has been created? For example, go from GCE instances n1-standard-2 to n1-highmem-8 for running containers with above 8GB RAM? There is an official GKE tutorial for this: Migrating workloads to different machine types " This tutorial demonstrates how to migrate workloads running on a GKE cluster to a new set of nodes within the same cluster without

Why can't I access my Kubernetes service via its IP?

阅读更多关于 Why can't I access my Kubernetes service via its IP?

问题 I have a Kubernetes service on GKE as follows: $ kubectl describe service staging Name: staging Namespace: default Labels: <none> Selector: app=jupiter Type: NodePort IP: 10.11.246.27 Port: <unnamed> 80/TCP NodePort: <unnamed> 31683/TCP Endpoints: 10.8.0.33:1337 Session Affinity: None No events. I can access the service from a VM directly via one of its endpoints ( 10.8.0.21:1337 ) or via the node port ( 10.240.251.174:31683 in my case). However, if I try to access 10.11.246.27:80 , I get

what does Unknown user “client” mean?

阅读更多关于 what does Unknown user “client” mean?

问题 When I run a simple command on my local shell with gcloud sdk. $ kubectl get pod I get such error: Error from server (Forbidden): pods is forbidden: User "client" cannot list pods at the cluster scope: Unknown user "client" The same command runs fine on GCP cloud shell, and the output of $ gcloud auth list is as expected: Credentialed Accounts ACTIVE ACCOUNT * foo@bar.com I also tried to create clusterrolebinding, but get similar error. 回答1: This happens when you disable Legacy Authorisation

How to call a service exposed by a Kubernetes cluster from another Kubernetes cluster in same project

阅读更多关于 How to call a service exposed by a Kubernetes cluster from another Kubernetes cluster in same project

问题 I have two service, S1 in cluster K1 and S2 in cluster K2. They have different hardware requirements. Service S1 needs to talk to S2. I don't want to expose Public IP for S2 due to security reasons. Using NodePorts on K2 cluster's compute instances with network load-balancing takes the flexibility out as I would have to add/remove K2's compute instances in target pool each time a node is added/removed in K2. Is there something like "service-selector" for automatically updating target-pool? If

How to force SSL for Kubernetes Ingress on GKE

阅读更多关于 How to force SSL for Kubernetes Ingress on GKE

问题 Is there a way to force an SSL upgrade for incoming connections on the ingress load-balancer? Or if that is not possible with, can I disable port :80? I haven\'t found a good documentation pages that outlines such an option in the YAML file. Thanks a lot in advance! 回答1: https://github.com/kubernetes/ingress-gce#frontend-https You can block HTTP through the annotation kubernetes.io/ingress.allow-http: "false" or redirect HTTP to HTTPS by specifying a custom backend. Unfortunately GCE doesn't

How can I keep a container running on Kubernetes?

阅读更多关于 How can I keep a container running on Kubernetes?

问题 I\'m now trying to run a simple container with shell (/bin/bash) on a Kubernetes cluster. I thought that there was a way to keep a container running on a Docker container by using pseudo-tty and detach option ( -td option on docker run command). For example, $ sudo docker run -td ubuntu:latest Is there an option like this in Kubernetes? I\'ve tried running a container by using a kubectl run-container command like: kubectl run-container test_container ubuntu:latest --replicas=1 But the

Resize instance types on Container Engine cluster

阅读更多关于 Resize instance types on Container Engine cluster

问题 Some of our containers run better with memory above the instance type currently deployed in our Container Engine cluster. Is there a recommended practice to rebuild the container engine template for larger instances after the container engine cluster has been created? For example, go from GCE instances n1-standard-2 to n1-highmem-8 for running containers with above 8GB RAM? 回答1: There is an official GKE tutorial for this: Migrating workloads to different machine types " This tutorial