Kubernetes

Deploying Helm workloads with Terraform on GKE cluster

假装没事ソ 提交于 2021-02-19 06:19:06
问题 I am trying to use Terraform Helm provider (https://www.terraform.io/docs/providers/helm/index.html) to deploy a workload to GKE cluster. I am more or less following Google's example - https://github.com/GoogleCloudPlatform/terraform-google-examples/blob/master/example-gke-k8s-helm/helm.tf, but I do want to use RBAC by creating the service account manually. My helm.tf looks like this: variable "helm_version" { default = "v2.13.1" } data "google_client_config" "current" {} provider "helm" {

How do I properly HTTPS secure an application when using Istio?

≯℡__Kan透↙ 提交于 2021-02-19 06:06:10
问题 I'm currently trying to wrap my head around how the typical application flow looks like for a kubernetes application in combination with Istio. So, for my app I have an asp.net application hosted within a Kubernetes cluster, and I added Istio on top. Here is my gateway & VirtualService: apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: appgateway spec: selector: istio: ingressgateway servers: - port: number: 80 name: http protocol: HTTP hosts: - "*" tls: httpsRedirect:

How do I properly HTTPS secure an application when using Istio?

情到浓时终转凉″ 提交于 2021-02-19 06:04:38
问题 I'm currently trying to wrap my head around how the typical application flow looks like for a kubernetes application in combination with Istio. So, for my app I have an asp.net application hosted within a Kubernetes cluster, and I added Istio on top. Here is my gateway & VirtualService: apiVersion: networking.istio.io/v1alpha3 kind: Gateway metadata: name: appgateway spec: selector: istio: ingressgateway servers: - port: number: 80 name: http protocol: HTTP hosts: - "*" tls: httpsRedirect:

Helm + Kubernetes, load and enable extensions or modules in PHP

六月ゝ 毕业季﹏ 提交于 2021-02-19 05:59:05
问题 i've problem when i run a php deployment with kubernetes becouse don't load the modules or extensions libraries. My deployment file is this: apiVersion: apps/v1 kind: Deployment metadata: name: php labels: app: php spec: selector: matchLabels: app: php replicas: 1 template: metadata: labels: app: php spec: containers: - name: php image: php:7-fpm env: - name: PHP_INI_SCAN_DIR value: :/usr/local/etc/php/conf.custom ports: - containerPort: 9000 lifecycle: postStart: exec: command: ["/bin/sh","

How to use proxy in Minikube on Ubuntu VM?

落花浮王杯 提交于 2021-02-19 05:32:41
问题 On an Ubuntu VM (running on Windows) I would like to install Minikube. My PC in running behind a corporate proxy. Using Proxifier I manage to access Internet and run Docker on Ubuntu. Unfortunately it looks like Minikube can't reach the internet... minikube start Starting local Kubernetes v1.9.4 cluster... Starting VM... Downloading Minikube ISO The ISO can't be downloaded but it runs into a TLS handshake timeout... 回答1: You mentioned you could establish proxy using Proxifier. So, you could

How to use proxy in Minikube on Ubuntu VM?

巧了我就是萌 提交于 2021-02-19 05:32:37
问题 On an Ubuntu VM (running on Windows) I would like to install Minikube. My PC in running behind a corporate proxy. Using Proxifier I manage to access Internet and run Docker on Ubuntu. Unfortunately it looks like Minikube can't reach the internet... minikube start Starting local Kubernetes v1.9.4 cluster... Starting VM... Downloading Minikube ISO The ISO can't be downloaded but it runs into a TLS handshake timeout... 回答1: You mentioned you could establish proxy using Proxifier. So, you could

Cannot understand the deadlock scenario in `When should you use a startup probe` of kubernetes?

試著忘記壹切 提交于 2021-02-19 05:26:37
问题 In kubernetes official docs, I was reading this page (about the container probes and why we should use startup-probe ) when-should-you-use-a-startup probe, they stated like: If your container usually starts in more than initialDelaySeconds + failureThreshold × periodSeconds , you should specify a startup probe that checks the same endpoint as the liveness probe. The default for periodSeconds is 10s. You should then set its failureThreshold high enough to allow the container to start, without

Cannot understand the deadlock scenario in `When should you use a startup probe` of kubernetes?

允我心安 提交于 2021-02-19 05:26:11
问题 In kubernetes official docs, I was reading this page (about the container probes and why we should use startup-probe ) when-should-you-use-a-startup probe, they stated like: If your container usually starts in more than initialDelaySeconds + failureThreshold × periodSeconds , you should specify a startup probe that checks the same endpoint as the liveness probe. The default for periodSeconds is 10s. You should then set its failureThreshold high enough to allow the container to start, without

《云原生语境下,如何重新解读微服务?》

陌路散爱 提交于 2021-02-19 05:03:26
简介: 由阿里云主办的首届“云原生微服务大会”将于 2020 年 8 月 18-19 日在线上召开。本次大会聚焦微服务架构前沿发展和业界最佳实践,重点探讨云原生语境下微服务的挑战和技术趋势,帮助企业技术决策者、架构师、开发者们迎接云原生时代的到来。 最近,O’Reilly 公布了一份关于企业微服务市场现状的数据调研。报告显示,在访问了全球 1,502 名软件工程师、系统和技术架构师、工程师以及决策者后,有 77% 的组织反馈采用了微服务,其中 92% 的组织成功使用了微服务。 如果以这份报告为依据,微服务在企业的普及率已接近八成。看起来,企业对微服务的兴趣可能已经接近顶峰。 云原生的基础设施从设计上保证了它是微服务部署的最佳平台,但是也对现有的微服务框架带来了新的挑战 ,在云原生大行其道的今天: 我们对微服务还应该继续投入精力关注吗? 云原生和微服务之间的关系是什么? 随着 Serviece Mesh 等技术的不断成熟,微服务的体系和思想会产生怎样的演化? Spring Cloud、Dubbo 还会继续作为微服务开发框架的继续流行下去吗? 容器、Kubernetes、ServiceMesh、Serverless 这些云原生时代的主角,会如何助力下一代微服务架构为业务发展赋能? 这些问题值得每一位技术从业人员去思考,并发现由此带来的企业数字化转型升级新挑战、新机遇。也许有同学会说:

Kubernetes Scaling up pods by time based trigger

為{幸葍}努か 提交于 2021-02-19 04:14:58
问题 I have a server running on Kubernetes to handle hourly processing jobs. Thinking of using a service to expose the pods, and using an (external) cron job to hit the load balancer so that kubernetes can autoscale to handle the higher load as required. However in implementation, if the cron job sends, say, 100 requests at the same time while there's only 1 pod, all the traffic will go to that pod whereas subsequently spun up pods will still not have any traffic to handle. How can I get around
订阅 Kubernetes