Kubernetes

Kubernetes job to delete a single pod every minute

╄→尐↘猪︶ㄣ 提交于 2021-02-11 06:43:38
问题 I'd like to create a Job to kill the following pod every single minute or any time when is created. My testing pod is: apiVersion: v1 kind: Pod metadata: name: myapp-pod labels: app: myapp spec: containers: - name: myapp-container image: busybox command: ['sh', '-c', 'echo Hello && sleep 3600'] Is it possible to do that? 回答1: Yes, you can delete the pods with kubectl within the cluster. First, you need to create a set of RBAC(Role-based access control) object. Here is the sample. apiVersion:

Why don't I have a default serviceAccount on kubernetes?

此生再无相见时 提交于 2021-02-11 05:55:35
问题 I'm trying to get Kubernetes running on some local machines running CoreOS. I'm loosely following this guide. Everything seems to be up and running, and I'm able to connect to the api via kubectl. However, when I try to create a pod, I get this error: Pod "redis-master" is forbidden: Missing service account default/default: <nil> Doing kubectl get serviceAccounts confirms that I don't have any ServiceAccounts: NAME SECRETS According to the documentation, each namespace should have a default

Service Mesh对比:Istio与Linkerd

纵饮孤独 提交于 2021-02-11 05:39:28
根据CNCF的最新年度调查,很多组织对Service Mesh表现出很高的兴趣,并且有一部分已经在生产环境中使用它们。你可能不知道Linkerd是市场上第一个Service Mesh,但是Istio使Service Mesh更受欢迎。这两个项目都是最前沿的项目,而且竞争非常激烈,因此很难选择一个项目。 在本篇文章中,我们将和你一起了解Istio和Linkerd架构,组件,并比较它们的产品以帮助你做出明智的决定。 Service Mesh简介 在过去的几年中,微服务架构已成为软件设计中流行的样式。在这种架构中,我们将应用程序分解为可独立部署的服务。这些服务通常是轻量级的,多语言的,并且通常由各种职能团队进行开发部署。 当某些服务数量增加,难以管理且越来越复杂时,微服务架构将一直有效。但这也在管理安全性,网络流量控制和可观察性等各个方面带来了挑战。 Service Mesh可以很好地帮助应对这些挑战。 Service Mesh 用于描述组成应用程序的微服务及其之间的交互。随着服务数量的增加和复杂性的增加,扩展和管理变得越来越困难。Service Mesh可以为微服务架构提供服务发现,负载均衡,故障恢复,指标和监视。 Service Mesh 通常还能够满足更复杂的需求,例如A/B测试,金丝雀发布,速率限制,访问控制和端到端身份验证。 Service Mesh

How to route test traffic through kubernetes cluster (minikube)?

生来就可爱ヽ(ⅴ<●) 提交于 2021-02-11 04:33:10
问题 I have a minikube cluster with two pods (with ubuntu containers). What I need to do is route test traffic from one port to another through this minikube cluster. This traffic should be sent through these two pods like in the picture. I am a beginner in this Kubernetes stuff so I really don't know how to do this and which way to go... Please, help me or give me some hints. I am working on ubuntu server ver. 18.04. enter image description here 回答1: I agree with an answer provided by @Harsh

Can Kubernetes manage LXC containers without LXD daemon?

ぐ巨炮叔叔 提交于 2021-02-11 02:00:45
问题 I am running several LXC containers on Oracle Linux (host) and running EBS application inside those containers. Now I have more than 10 containers on every 5 hosts. I am looking for a solution for managing these containers. The research told me that Kubernetes is a solution for managing containers and perform several other activities with it like autoscaling ..etc. But Kubernetes works with LXD for lxc containers. Is there any way through which I can manage lxc container directly with

Can Kubernetes manage LXC containers without LXD daemon?

孤街醉人 提交于 2021-02-11 02:00:21
问题 I am running several LXC containers on Oracle Linux (host) and running EBS application inside those containers. Now I have more than 10 containers on every 5 hosts. I am looking for a solution for managing these containers. The research told me that Kubernetes is a solution for managing containers and perform several other activities with it like autoscaling ..etc. But Kubernetes works with LXD for lxc containers. Is there any way through which I can manage lxc container directly with

kubelet failed to pull image - x509: certificate signed by unknown authority

拜拜、爱过 提交于 2021-02-10 21:32:54
问题 I am trying to install Kubernetes 1.9.0 on a cluster of CentOS 7.3 systems running in VMware Workstation on Windows 7, following the "kubernetes-the-hard-way tutorial". When I get to the verification stage in the tutorial and try to start the busybox deployment (https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/12-dns-addon.md), the pod status remains stuck at "ContainerCreating". The kubelet log for the node that the pod supposed to run on shows these error messages

kubelet failed to pull image - x509: certificate signed by unknown authority

心不动则不痛 提交于 2021-02-10 21:30:27
问题 I am trying to install Kubernetes 1.9.0 on a cluster of CentOS 7.3 systems running in VMware Workstation on Windows 7, following the "kubernetes-the-hard-way tutorial". When I get to the verification stage in the tutorial and try to start the busybox deployment (https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/12-dns-addon.md), the pod status remains stuck at "ContainerCreating". The kubelet log for the node that the pod supposed to run on shows these error messages

kubelet failed to pull image - x509: certificate signed by unknown authority

牧云@^-^@ 提交于 2021-02-10 21:25:00
问题 I am trying to install Kubernetes 1.9.0 on a cluster of CentOS 7.3 systems running in VMware Workstation on Windows 7, following the "kubernetes-the-hard-way tutorial". When I get to the verification stage in the tutorial and try to start the busybox deployment (https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/12-dns-addon.md), the pod status remains stuck at "ContainerCreating". The kubelet log for the node that the pod supposed to run on shows these error messages

kubelet failed to pull image - x509: certificate signed by unknown authority

巧了我就是萌 提交于 2021-02-10 21:24:27
问题 I am trying to install Kubernetes 1.9.0 on a cluster of CentOS 7.3 systems running in VMware Workstation on Windows 7, following the "kubernetes-the-hard-way tutorial". When I get to the verification stage in the tutorial and try to start the busybox deployment (https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/12-dns-addon.md), the pod status remains stuck at "ContainerCreating". The kubelet log for the node that the pod supposed to run on shows these error messages
订阅 Kubernetes