amazon-eks

问题 I have set up EKS cluser with "private access" enabled and set up one instance in the same VPC to communicate with EKS. The issue is if I enable to the "public access", I can access the api endpoint. But if I disable the public access and enable the private access, I can't access api endpoints. When private access is enabled: kubectl get svc Unable to connect to the server: dial tcp: lookup randomstring.region.eks.amazonaws.com on 127.0.0.53:53: no such host When public access is enabled:

问题 I have set up EKS cluser with "private access" enabled and set up one instance in the same VPC to communicate with EKS. The issue is if I enable to the "public access", I can access the api endpoint. But if I disable the public access and enable the private access, I can't access api endpoints. When private access is enabled: kubectl get svc Unable to connect to the server: dial tcp: lookup randomstring.region.eks.amazonaws.com on 127.0.0.53:53: no such host When public access is enabled:

问题 I want to set up an ingress controller on AWS EKS for several microservices that are accessed from an external system. The microservices are accessed via virtual host-names like svc1.acme.com , svc2.acme.com , ... I set up the nginx ingress controller with a helm chart: https://github.com/helm/charts/tree/master/stable/nginx-ingress My idea was to reserve an Elastic IP Address and bind the nginx-controller to that IP by setting the variable externalIP. This way I should be able to access the

问题 We have a spring boot application running in physical boxes. Planning to migrate to EKS (AWS). We have hazelcast used for multiple purposes listed below. Is it possible to use hazelcast itself in AWS to make use of the same features.? Or should I used any other technology than using hazelcast itself ? Hazelcast is used for: 1. Master Election (of machines) 2. Caching (To keep some files sometimes and mainly to websocket messages and to transmit those whenever required) Master Election : It is

问题 Background: I am using istio 1.2.5 I have deployed istio using helm default profile from the istio documentation by enabling the tracing, kiali and logLevel to "debug". My pods and service in istio system namespace looks like this: (⎈ |cluster-dev:default)➜ istio-1.2.5 git:(master) ✗ k pods -n istio-system NAME READY STATUS RESTARTS AGE grafana-97fb6966d-cv5fq 1/1 Running 0 1d istio-citadel-76f9586b8b-4bbcx 1/1 Running 0 1d istio-galley-78f65c8469-v5cmn 1/1 Running 0 1d istio-ingressgateway

问题 I have an EKS cluster. We want - One LB that will redirect to multiple namespace inside the cluster, - Ingress to avoid the "one load balancer for one service". I want to cut it by namespace. I have been reading a bit of documentation but I can't seem to wrap my head around it. I have this yaml, which I understood would create a LB and the ingress rules. apiVersion: extensions/v1beta1 kind: Ingress metadata: name: simple-fanout-example namespace : default annotations: kubernetes.io/ingress

问题 I have created AWS EKS cluster since I have created using my AWS userID has been added to system:masters group. But when checked ConfigMap aws-auth I don't see my user ID. Why ? I had to give access to another user, so I have to assign appropriate AWS policies to the IAM user, then I edited the ConfigMap aws-auth with the following mapping mapUsers: ---- - userarn: arn:aws:iam::573504862059:user/abc-user username: abc-user groups: - system:masters So far I have understood when a user is part

问题 I have a pod in my AWS EKS Cluster that runs MySQL:5.7. I have an SQL file that initializes and populates the data for it. in a normal docker-compose, I will use a mount point for it in my docker-compose file: volumes: - ./<path-to-my-config-directory>:/etc/mysql/conf.d - ./<path-to-my-persistence-directory>:/var/lib/mysql - ./<path-to-my-init.sql>:/docker-entrypoint-initdb.d/init.sql In EKS, I can create a storage class in which to save MySQL data. How can I use my init.sql file (about 8GB)

问题 I'd like to run a 'job' per node, one pod on a node at a time. I've scheduled a bunch of jobs I have a whole bunch of pending pods now I'd like these pending pods to now trigger a node scaling up event (which does NOT happen) Very much like this issue (made by myself): Kubernetes reports "pod didn't trigger scale-up (it wouldn't fit if a new node is added)" even though it would? However in this case it should indeed fit on a new node. How can I diagnose why Kubernetes has determined that a

问题 I'm having this issue, I have an EKS cluster which sends logs to Cloudwatch, Then Firehose stream the logs to s3 bucket. My goal is to get these logs from s3 and forward them to elasticsearch in bulks. I wrote a python lambda function and its working perfectly when logs are jsons. My problem is some logs are strings or "kind of" JSON. Exmaple : kube-authenticator : time="2019-09-13T09:30:50Z" level=error msg="Watch channel closed." kube-apiserver : E0912 10:19:10.649757 1 watcher.go:208]