Re: [kubernetes-users] independent custom kubernetes - best solution to Publish services ?

['Tim Hockin' via Kubernetes user discussion and Q]

Nodeports are published on all nodes, so any one node going away is not a
problem, per se.  but... Nodeports alone require you to use a specific node
IP, which is a problem.  Nodeports were designed to be hidden behind
load-balancers  or proxies with stable VIPs, which is what it sounds like
you are doing.

On Wed, Apr 4, 2018 at 1:06 PM Gabriel Sousa 
wrote:

>
> https://kubernetes.io/docs/setup/independent/high-availability/
>
> "able to contact the NodePort service, from outside the cluster, by
> requesting :"
>
>
> if we  Publish a service using nodeport we have the access using
> node/master ip , and if that node/master dies ?
> we lose the access to the service...
>
> with pacemaker or keepalived i will use the VIP ( that is configured
> on pacemaker/keepalived )
>
> On Wednesday, 4 April 2018 17:47:33 UTC+1, Rodrigo Campos wrote:
>>
>> On Wed, Apr 04, 2018 at 09:33:28AM -0700, Gabriel Sousa wrote:
>> >
>> > Now i know what i have to do,
>> >
>> > Create a cluster with 3 masters and will use pacemaker/virtual ip and
>> use
>> > nodeport to Publish services .
>>
>> Really, can you please elaborate?
>>
>> >
>> > can i have only 3 masters without workers ?
>>
>> Yes
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Kubernetes user discussion and Q" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to kubernetes-users+unsubscr...@googlegroups.com.
> To post to this group, send email to kubernetes-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/kubernetes-users.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

Re: [kubernetes-users] independent custom kubernetes - best solution to Publish services ?

[Gabriel Sousa]

https://kubernetes.io/docs/setup/independent/high-availability/

"able to contact the NodePort service, from outside the cluster, by 
requesting :"


if we  Publish a service using nodeport we have the access using 
node/master ip , and if that node/master dies ?
we lose the access to the service...

with pacemaker or keepalived i will use the VIP ( that is configured 
on pacemaker/keepalived )

On Wednesday, 4 April 2018 17:47:33 UTC+1, Rodrigo Campos wrote:
>
> On Wed, Apr 04, 2018 at 09:33:28AM -0700, Gabriel Sousa wrote: 
> > 
> > Now i know what i have to do, 
> > 
> > Create a cluster with 3 masters and will use pacemaker/virtual ip and 
> use 
> > nodeport to Publish services . 
>
> Really, can you please elaborate? 
>
> > 
> > can i have only 3 masters without workers ? 
>
> Yes 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

Re: [kubernetes-users] Load balancer drops backend while leaving frontend connected

[Tyler Johnson]

No this is during regular operation.

On Wed, Apr 4, 2018 at 11:39 AM, 'Nicks' via Kubernetes user discussion and
Q  wrote:

> Did you remove a node from the cluster? Even if a node was in the cluster
> and didn't run any workload, it could still be used to proxy connections
> from the LB and the service pod.
>
> On Friday, March 30, 2018 at 7:42:42 AM UTC-7, Tyler Johnson wrote:
>>
>> Environment: GKE 1.7.12-gke.1
>> I believe the ingress controller is GLBC[1]
>>
>> [1] https://github.com/kubernetes/ingress-gce
>>
>> On Thu, Mar 29, 2018 at 11:56 PM, 'Tim Hockin' via Kubernetes user
>> discussion and Q  wrote:
>>
>>> Which environment and which Ingress controller?
>>>
>>> On Thu, Mar 29, 2018 at 8:42 PM Tyler Johnson 
>>> wrote:
>>>
 Is it possible that an HTTP load balancer (auto-configured as part of
 an Ingress) could occasionally drop backend connections while leaving the
 frontend connected?

 I'm running a websocket backend service (the backend-service timeout is
 high) and on very rare occasions I'll see the service pod log that the
 client dropped connection, while on the client side the HTTP connection is
 still ESTABLISHED. So I'm guessing it must be the LB.

 Is there a recommended way to troubleshoot the LB?

 Any other potential scenarios that could cause this problem?

 --
 You received this message because you are subscribed to the Google
 Groups "Kubernetes user discussion and Q" group.
 To unsubscribe from this group and stop receiving emails from it, send
 an email to kubernetes-use...@googlegroups.com.
 To post to this group, send email to kubernet...@googlegroups.com.
 Visit this group at https://groups.google.com/group/kubernetes-users.
 For more options, visit https://groups.google.com/d/optout.

>>> --
>>> You received this message because you are subscribed to a topic in the
>>> Google Groups "Kubernetes user discussion and Q" group.
>>> To unsubscribe from this topic, visit https://groups.google.com/d/to
>>> pic/kubernetes-users/LQJCmd3SYDE/unsubscribe.
>>> To unsubscribe from this group and all its topics, send an email to
>>> kubernetes-use...@googlegroups.com.
>>> To post to this group, send email to kubernet...@googlegroups.com.
>>> Visit this group at https://groups.google.com/group/kubernetes-users.
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Kubernetes user discussion and Q" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/
> topic/kubernetes-users/LQJCmd3SYDE/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> kubernetes-users+unsubscr...@googlegroups.com.
> To post to this group, send email to kubernetes-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/kubernetes-users.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

Re: [kubernetes-users] how can i configure a clusterIP ?

[Rodrigo Campos]

What docs have you follow and where it didn't work? So we can better guide
you

On Wednesday, April 4, 2018, Gabriel Sousa 
wrote:

> how can i configure a clusterIP ?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Kubernetes user discussion and Q" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to kubernetes-users+unsubscr...@googlegroups.com.
> To post to this group, send email to kubernetes-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/kubernetes-users.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

Re: [kubernetes-users] independent custom kubernetes - best solution to Publish services ?

[Rodrigo Campos]

On Wed, Apr 04, 2018 at 09:33:28AM -0700, Gabriel Sousa wrote:
> 
> Now i know what i have to do, 
> 
> Create a cluster with 3 masters and will use pacemaker/virtual ip and use 
> nodeport to Publish services .

Really, can you please elaborate?

> 
> can i have only 3 masters without workers ?

Yes

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

Re: [kubernetes-users] independent custom kubernetes - best solution to Publish services ?

[Gabriel Sousa]

Now i know what i have to do, 

Create a cluster with 3 masters and will use pacemaker/virtual ip and use 
nodeport to Publish services .

can i have only 3 masters without workers ?



On Wednesday, 4 April 2018 17:25:25 UTC+1, Rodrigo Campos wrote:
>
> I'm not sure what you mean. Can you please elaborate?
>
> On Wednesday, April 4, 2018, Gabriel Sousa  > wrote:
>
>> whats the best solution to Publish services in a independent custom 
>> kubernetes cluster ?
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Kubernetes user discussion and Q" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to kubernetes-use...@googlegroups.com .
>> To post to this group, send email to kubernet...@googlegroups.com 
>> .
>> Visit this group at https://groups.google.com/group/kubernetes-users.
>> For more options, visit https://groups.google.com/d/optout.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

Re: [kubernetes-users] Load balancer drops backend while leaving frontend connected

['Nicks' via Kubernetes user discussion and Q]

Did you remove a node from the cluster? Even if a node was in the cluster 
and didn't run any workload, it could still be used to proxy connections 
from the LB and the service pod. 

On Friday, March 30, 2018 at 7:42:42 AM UTC-7, Tyler Johnson wrote:
>
> Environment: GKE 1.7.12-gke.1
> I believe the ingress controller is GLBC[1]
>
> [1] https://github.com/kubernetes/ingress-gce
>
> On Thu, Mar 29, 2018 at 11:56 PM, 'Tim Hockin' via Kubernetes user 
> discussion and Q  wrote:
>
>> Which environment and which Ingress controller?
>>
>> On Thu, Mar 29, 2018 at 8:42 PM Tyler Johnson > > wrote:
>>
>>> Is it possible that an HTTP load balancer (auto-configured as part of an 
>>> Ingress) could occasionally drop backend connections while leaving the 
>>> frontend connected?
>>>
>>> I'm running a websocket backend service (the backend-service timeout is 
>>> high) and on very rare occasions I'll see the service pod log that the 
>>> client dropped connection, while on the client side the HTTP connection is 
>>> still ESTABLISHED. So I'm guessing it must be the LB.
>>>
>>> Is there a recommended way to troubleshoot the LB?
>>>
>>> Any other potential scenarios that could cause this problem?  
>>>
>>> -- 
>>> You received this message because you are subscribed to the Google 
>>> Groups "Kubernetes user discussion and Q" group.
>>> To unsubscribe from this group and stop receiving emails from it, send 
>>> an email to kubernetes-use...@googlegroups.com .
>>> To post to this group, send email to kubernet...@googlegroups.com 
>>> .
>>> Visit this group at https://groups.google.com/group/kubernetes-users.
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>> -- 
>> You received this message because you are subscribed to a topic in the 
>> Google Groups "Kubernetes user discussion and Q" group.
>> To unsubscribe from this topic, visit 
>> https://groups.google.com/d/topic/kubernetes-users/LQJCmd3SYDE/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to 
>> kubernetes-use...@googlegroups.com .
>> To post to this group, send email to kubernet...@googlegroups.com 
>> .
>> Visit this group at https://groups.google.com/group/kubernetes-users.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

[kubernetes-users] Re: GCE ingress not working with nodeport service

['Nicks' via Kubernetes user discussion and Q]

You must have a pre-existing ingress which is pointing to several services 
that are type ClusterIP when they should be NodePort.  If that ingress is 
being used by nginx ingress, make sure you're setting the class 
correctly: https://github.com/kubernetes/ingress-nginx#annotation-ingressclass


On Saturday, March 31, 2018 at 3:04:54 PM UTC-7, strzelec...@gmail.com 
wrote:
>
> Hi, a kuberentes cluster created on google cloud, cluster is 1.9.2 version.
>
> Ingress never creates, service is nodeport. Why?
>
> kubectl describe ing my-echo-ingress
> Name: my-echo-ingress
> Namespace:default
> Address:  
> Default backend:  my-echo-svc:my-http-port (10.32.0.124:80)
> Rules:
>   Host  Path  Backends
>       
>   * * my-echo-svc:my-http-port (10.32.0.124:80)
> Annotations:
> Events:
>   Type Reason  Age From Message
>    --   ---
>   Normal   ADD 11m loadbalancer-controller 
>  default/my-echo-ingress
>   Warning  GCE 10m (x3 over 11m)   loadbalancer-controller  googleapi: 
> Error 400: Invalid value for field 'namedPorts[2].port': '0'. Must be 
> greater than or equal to 1, invalid
>   Warning  GCE 9m (x3 over 11m)loadbalancer-controller  googleapi: 
> Error 400: Invalid value for field 'namedPorts[1].port': '0'. Must be 
> greater than or equal to 1, invalid
>   Warning  GCE 59s (x13 over 11m)  loadbalancer-controller  googleapi: 
> Error 400: Invalid value for field 'namedPorts[0].port': '0'. Must be 
> greater than or equal to 1, invalid
>
> Below the super simple yaml used for testing. 
>
> ---
> apiVersion: apps/v1beta1
> kind: Deployment
> metadata:
>   name: helloweb
>   labels:
> app: hello
> spec:
>   template:
> metadata:
>   labels:
> app: hello
> tier: web
> spec:
>   containers:
>   - name: hello-app
> image: gcr.io/google-samples/hello-app:1.0
> ports:
> - containerPort: 8080
> ---
> apiVersion: extensions/v1beta1
> kind: Ingress
> metadata:
>   name: helloweb
>   annotations:
> kubernetes.io/ingress.global-static-ip-name: kubernetes-ingress-1
>   labels:
> app: hello
> spec:
>   backend:
> serviceName: helloweb-backend
> servicePort: 8080
> ---
> apiVersion: v1
> kind: Service
> metadata:
>   name: helloweb-backend
>   labels:
> app: hello
> spec:
>   type: NodePort
>   selector:
> app: hello
> tier: web
>   ports:
>   - port: 8080
> targetPort: 8080
>
>
> (the example deployment/service/ingress from 
> https://cloud.google.com/kubernetes-engine/docs/tutorials/http-balancer 
> does not work either. Same ingress error as above).
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

[kubernetes-users] independent custom kubernetes - best solution to Publish services ?

[Gabriel Sousa]

whats the best solution to Publish services in a independent custom 
kubernetes cluster ?

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

Re: [kubernetes-users] I cannot start service dashboard kubernetes. Pls help me!!

[Kris Dockery]

You won't be able to access it through the master IP because it's a
ClusterIP Service rather than a NodePort Service. If you run `kubectl
proxy` it will forward to 127.0.0.1:8001 and you should be able to reach it
at
http://127.0.0.1:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
in your browser.





Kris Dockery
CRE
Heptio

On Wed, Apr 4, 2018 at 12:30 AM, Trinai Kaewkruewan 
wrote:

> Dear All,
>
> I have a problem about install dashboard kubernetes. I cannot start this
> service for testing on our enverment. How to check about this issue?
>
> I've attached files for infomation kubernetes below.
>
>
>
> 
>
>
> 
>
>
> 
>
>
>
> Kindly suggest me about this issue
>
>
> Trinai
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Kubernetes user discussion and Q" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to kubernetes-users+unsubscr...@googlegroups.com.
> To post to this group, send email to kubernetes-users@googlegroups.com.
> Visit this group at https://groups.google.com/group/kubernetes-users.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

[kubernetes-users] how can i configure a clusterIP ?

[Gabriel Sousa]

how can i configure a clusterIP ?

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.

[kubernetes-users] TLS Authentification

[drupi1994]

Hello, 
Do any of you configured the TLS auth on the newest nginx ingress controller ?

-- 
You received this message because you are subscribed to the Google Groups 
"Kubernetes user discussion and Q" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.