Kubernetes

Mac terminal command input too long it does not fit?

为君一笑 提交于 2021-02-10 21:12:37
问题 I need to run the command: kubectl get pvc --field-selector metadata.name!=dataX********************************,******************************************************************,************************************************************************************************,************************************************************************************************,************************************************,*************************************************,************************

Mac terminal command input too long it does not fit?

冷暖自知 提交于 2021-02-10 21:12:30
问题 I need to run the command: kubectl get pvc --field-selector metadata.name!=dataX********************************,******************************************************************,************************************************************************************************,************************************************************************************************,************************************************,*************************************************,************************

Message-passing between all pods in a replica set

落花浮王杯 提交于 2021-02-10 19:58:23
问题 I'm writing an application to be deployed to Kubernetes where I want each pod to hold a TCP connection to all the other pods in the replica set so any container can notify the other containers in some use case. If a pod is added, a new connection should be created between it and all the other pods in the replica set. From a given pod, how do I open a TCP connection to all the other pods? I.e., how do I discover all their IP addresses? I have a ClusterIP Service DNS name that points to these

Is it possible --from-file ConfigMap using kubernetes_config_map resource?

被刻印的时光 ゝ 提交于 2021-02-10 19:41:36
问题 I want to deploy metallb using terraform. metallb configuration is as follows. apiVersion: v1 kind: ConfigMap metadata: namespace: metallb-system name: config data: config: | address-pools: - name: default protocol: layer2 addresses: - 172.16.99.1-172.16.99.255 Is it possible deploy such --from-file configuration using kubernetes_config_map resource? 回答1: You can use the file() interpolation function to read the file contents. That might look like: resource "kubernetes_config_map" "config" {

Kubernetes - communication between services

匆匆过客 提交于 2021-02-10 18:23:02
问题 I'm currently working on a kubernetes cluster. Cluster is working properly. I need to establish communication between services without using proxy. For example I have services below: worker app1 app2 app3 Worker needs to login to app containers directly via SSH and do some commands. In docker-compose file it was easy by using links and then ssh app1, ssh app2. How to do it in Kubernetes ? 回答1: You'll want to create a headless Service ( spec.clusterIP: None ) selecting your app Pods. This will

How to route traffic from pysical server's port to minikube cluster?

一个人想着一个人 提交于 2021-02-10 18:15:36
问题 I want to sent traffic from one port through kubernetes cluster (using minikube) to another physical port. I don't know how to route traffic from physical port to cluster and from cluster to the second physical port. I'm exposing cluster via ingress (and I tested service solution also), i have one service to send external tarffic to pod and another to sent traffic from first pod to second pod. But I really don't know how to send this traffic from port to cluster and how to sent from cluster

How to route traffic from pysical server's port to minikube cluster?

一世执手 提交于 2021-02-10 18:11:56
问题 I want to sent traffic from one port through kubernetes cluster (using minikube) to another physical port. I don't know how to route traffic from physical port to cluster and from cluster to the second physical port. I'm exposing cluster via ingress (and I tested service solution also), i have one service to send external tarffic to pod and another to sent traffic from first pod to second pod. But I really don't know how to send this traffic from port to cluster and how to sent from cluster

how can I iteratively create pods from list using Helm?

半城伤御伤魂 提交于 2021-02-10 18:02:34
问题 I'm trying to create a number of pods from a yaml loop in helm. if I run with --debug --dry-run the output matches my expectations, but when I actually deploy to to a cluster, only the last iteration of the loop is present. some yaml for you: {{ if .Values.componentTests }} {{- range .Values.componentTests }} apiVersion: v1 kind: Pod metadata: name: {{ . }} labels: app: {{ . }} chart: {{ $.Chart.Name }}-{{ $.Chart.Version | replace "+" "_" }} release: {{ $.Release.Name }} heritage: {{ $

kubernetes RBAC

南楼画角 提交于 2021-02-10 17:45:53
Role: kind : Role apiVersion : rbac.authorization.k8s.io/v1 metadata : namespace : gauss name : gauss-op rules : - apiGroups : [ "*" ] resources : [ "*" ] verbs : [ "*" ] RoleBinding: kind : RoleBinding apiVersion : rbac.authorization.k8s.io/v1 metadata : name : bach-gauss-rb namespace : gauss subjects : - kind : ServiceAccount name : bach-gauss roleRef : kind : Role name : gauss-op apiGroup : rbac.authorization.k8s.io ClusterRole: apiVersion : rbac.authorization.k8s.io/v1alpha1 kind : ClusterRole metadata : name : cluster-read-all rules : - apiGroups : - "" - apps - autoscaling - batch -

Kubernetes的RBAC是啥

怎甘沉沦 提交于 2021-02-10 16:59:50
[toc] RBAC: Role-Based Access Control,基于角色的权限控制,有以下三种角色 Role:角色,定义了一组API对象的操作权限 Subject:被作用者,可以是人,也可以是机器,也可以是k8s的用户,最常使用的就是ServiceAccoun RoleBinding:定义了Subject和Role的绑定关系 简单地说,RoleBinding指定ServiceAccount对应的Role,Pod绑定这个ServiceAccount获得挂载的secret访问APIServrer,ApiServer验证相应的权限 Pod使用RBAC示例 演示pod使用绑定了Roler的ServiceAccount示例 1.创建一个ServiceAccount apiVersion: v1 kind: ServiceAccount metadata: namespace: default name: cqh 2.创建一个Role kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: namespace: default name: cqh rules: - apiGroups: [""] resources: ["pods"] verbs: ["get", "watch", "list"]
订阅 Kubernetes