purple-advantage-9669
11/18/2023, 2:48 AMadamant-kite-43734
11/18/2023, 2:48 AMpurple-advantage-9669
11/18/2023, 2:48 AMpurple-advantage-9669
11/18/2023, 2:49 AMpurple-advantage-9669
11/18/2023, 4:01 AMhappy-minister-65005
11/29/2023, 9:12 PMk3d cluster create --agents 2 -p "80:80@loadbalancer" --k3s-arg "--disable=traefik@server:0" --registry-create k3d-registry:51351
. Pulling the image from the registry works most of the time but i see "Head \"<http://k3d-registry:5000/v2/template/manifests/latest>\": dial tcp: lookup k3d-registry on 10.43.0.10:53: no such host"
error sometime. Any ideas? Any help would be greatly appreciated.adamant-kite-43734
12/12/2023, 2:20 AMadamant-kite-43734
12/18/2023, 5:50 PMmillions-ambulance-88637
12/28/2023, 10:27 AMalert-summer-43059
01/04/2024, 8:28 AMmillions-night-61649
01/12/2024, 1:36 PM# create HA cluster with 3 server (master) nodes and 2 agent (worker) nodes
k3d cluster create local-k8s --servers 3 --agents 2
# Merge the k3d kubeconfig with the default kubeconfig
# The `--kubeconfig-merge` flag will handle this automatically
k3d kubeconfig merge local-k8s --kubeconfig-switch-context
And then the TF to deploy the dashboard..
terraform {
required_providers {
helm = {
source = "hashicorp/helm"
version = "~> 2.4.1"
}
kubernetes = {
source = "hashicorp/kubernetes"
version = "~> 2.7.1"
}
}
}
provider "helm" {
kubernetes {
config_path = "~/.kube/config"
}
}
provider "kubernetes" {
config_path = "~/.kube/config"
}
resource "helm_release" "dashboard" {
name = "dashboard"
repository = "<https://kubernetes.github.io/dashboard>"
chart = "kubernetes-dashboard"
namespace = "kube-system"
set {
name = "extraArgs"
value = "{--enable-insecure-login,--enable-skip-login}"
}
}
output "dashboard_access_command" {
value = "kubectl port-forward -n kube-system service/dashboard-kubernetes-dashboard 8443:443"
description = "Run this command to access the Kubernetes Dashboard"
}
freezing-photographer-84070
01/14/2024, 11:51 PMk3d
as a kubernetes cluster provider to work on a project locally (without paying through the nose for GKE or AKS...). I need that to work on my M1 Macbook Pro (which has its importance). For my services to work, I need to expose several of them through various ingresses, for instance keycloak @ <https://login.test>
or my APIs @ <https://api.test>
. In that sense, I need to expose :
• keycloak
• main API
• Admin API
• Frontend
Each one should have their own subdomain, but everything needs to be local (I can't have my remote domain point to my local machine, it would interfere with collaborating with another dev on the project). Since I'm on Apple Silicon, I can't use minikube
which was my first choice as no matter what I try, no traffic gets routed to the cluster (even with the required plugins and configs) so I'm turning to k3d
.
Now that the preamble is done : how do I actually achieve that? I've read through https://k3d.io/v5.6.0/usage/exposing_services/ and added 127.0.0.1 login.test
to my /etc/hosts
file, but I do not reach the service (traefik
doesn't show any logs when going to <http://login.test>
in my browser, and my browser shows a 404 page). My cluster config includes the following :
ports:
- port: 80:80 # same as `--port '80:80@loadbalancer'`
nodeFilters:
- loadbalancer
- port: 443:443 # same as `--port '443:443@loadbalancer'`
nodeFilters:
- loadbalancer
And the cluster creates itself properly. What am I missing ?acceptable-soccer-28720
01/17/2024, 3:23 PMkubectl edit cm -n kube-system coredns
and replace forward . /etc/resolv.conf
with forward . <ip-of-dns>
?
Does not quite work: dial tcp: lookup myhost.company.com on ip:port: read udp some-ip:59881->ip:port: read: connection refusedrough-noon-83943
01/23/2024, 12:07 AMspec:
...
template:
metadata:
labels:
app: gallery-api
spec:
imagePullSecrets:
- name: reg2
containers:
- name: ...
rough-noon-83943
01/23/2024, 12:08 AMacceptable-soccer-28720
01/23/2024, 2:38 PMloud-dress-14564
02/07/2024, 10:38 PMadorable-orange-51420
02/08/2024, 5:41 PMboundless-toothbrush-17093
02/16/2024, 7:07 PM-p "30000-32767:30000-32767@server:0"
when creating a cluster.
There is a warning that the command might take a very long time and possibly even cause the system to freeze.
I'm experiencing this. It's a linux system with 2 cpus and 4 gig of memory. The command hasn't completed yet and I've had to reboot a few times. Is there a way to slow this command down, or to use less threads, something to allow the command to complete?boundless-toothbrush-17093
02/16/2024, 7:11 PMboundless-toothbrush-17093
02/16/2024, 7:12 PMboundless-toothbrush-17093
02/16/2024, 7:32 PMproud-notebook-24661
02/20/2024, 8:24 AMfreezing-photographer-84070
02/24/2024, 10:21 PMk3d
for local development on my Macbook (Pro, M1 Pro chip)
• I have /etc/hosts
rules in place to map 127.0.0.1
to *.mydomain.local
(where * can be api
or db
etc)
• I have mapped ports 80
, 8000
, 443
, 8443
, 22
and 5432
from the host to the cluster (with the loadbalancer filter)
• For HTTP traffic, I'm using the regular kubernetes ingress resource, using the traefik
ingress class, it works fine (I can access my services through api.domain.local
for instance, which is great)
Now to my question : I want to expose TCP ports (namely 22 for an SFTP server, and 5432 for PostgreSQL databases), so I was thinking of using the IngressRouteTCP
resource from traefik to access those (since it's not available through HTTP). I've been reading some documentation here and there, and I think I need to patch the build-in traefik
deployment/service to add dedicated entrypoints for that. My IngressRouteTCP below :
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
name: product-api-db
namespace: prod
spec:
entryPoints:
- postgres
routes:
- match: HostSNI(`*`)
services:
- name: product-api-db-rw
port: 5432
And I want to patch traefik with a JSON patch using kustomize (though if there is a better way, I'm all ears!)
patches:
- target:
kind: Deployment
name: traefik
namespace: kube-system
patch: |-
- op: add
path: /spec/template/spec/containers/0/args/-
value: --entrypoints.postgres.address=:5432
- op: add
path: /spec/template/spec/containers/0/args/-
value: --entrypoints.ssh.address=:22
- op: add
path: /spec/template/spec/containers/0/ports/-
value:
containerPort: 5432
name: postgres
protocol: TCP
- op: add
path: /spec/template/spec/containers/0/ports/-
value:
containerPort: 22
name: ssh
protocol: TCP
- target:
kind: Service
name: traefik
namespace: kube-system
patch: |-
- op: add
path: /spec/ports/-
value:
name: postgres
port: 5432
protocol: TCP
targetPort: postgres
nodePort: ???
- op: add
path: /spec/ports/-
value:
name: ssh
port: 22
protocol: TCP
targetPort: ssh
nodePort: ???
Note that I do not know what to put as the node port when patching the service...damp-bear-99312
02/28/2024, 5:57 PMripe-restaurant-90224
03/04/2024, 7:29 AMcold-secretary-29315
03/06/2024, 9:30 AM--servers-memory
option via a config-file?
Unfortunately, I cannot find this parameter mentioned in the documentation within the all options example.
Thanks!cold-secretary-29315
03/06/2024, 9:33 AMelegant-horse-39787
03/11/2024, 10:07 PMkubectl cluster-info
) within the first few seconds of it being online. Once it's online for a few seconds I get timeouts or unable to connect to server like so:
alcha at LINCLER-MKII in ~
$ kubectl cluster-info
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
Unable to connect to the server: EOF
Does anyone have any suggestions?
Note: I'm familiar with k8s and am a DevOps Engineer by trade so I'm not a complete noob 😅agreeable-monkey-88182
03/12/2024, 12:13 PMexternalTrafficPolicy: Local
and --flannel-backend=host-gw
but a pod in the cluster still returns no headers and an IP that i suspect to be the nginx-proxy or the metallb.