Re: Kubernetes Installation with Vagrant & CoreOS behind proxy

Try setting the proxy env vars as system wide defaults. Docs for this have just been proposed, but not merged yet, you can view them here: https://github.com/endocode/coreos-docs/blob/c902eeada11582280311285f49dfe8de22a16aee/os/using-environment-variables-in-systemd-units.md#system-wide-environme

Re: what is a good AWS instance type for a coreos etcd cluster

That should be good. The two main things to think about are: 1. etcd stores keys in RAM (and snapshots to disk), so you need enough of that for your data set 2. etcd doesn’t serve a successful write until it is written to disk on a quorum of machines, which means it is IOP-sensitive. Larger inst

Re: Kube-aws with 1.4 Kubernetes

Here’s a summary of the current situation: - the CoreOS-built hyperkube images are out for 1.4 (v1.4.0_coreos.0) - the docs haven’t been updated on the site to make these the default yet. Will wait for a release of coreos-kubernetes for that. The PR has merged however, if you want to follow th

Re: coreOS hardware monitoring with isinga / nagios

Yes, you should be able to run this within a container. Since you’re using Kubernetes you have two options: 1. Run this container via systemd on each machine 2. Run this container as a DaemonSet with Kubernetes. This will allow you to easily update the container/config/etc. This is a common str

Re: Etcd operator and k8s

Travis is talking about this blog post, which explains “etcd operators”: https://coreos.com/blog/introducing-the-etcd-operator.html Basically, it is a piece of software that encodes human operational knowledge into software. In this c

Re: Work locally on app that is inside CoreOS Docker container, running on Vagrant on Mac.

Have you tried `docker run blah -v /home/core/share:/var/www/html/`? The second path is inside the container. - Rob > On Dec 31, 2016, at 3:04 PM, Michael Chavez wrote: > > Hello CoreOS Dev Google Group, > > I am a super noob. > > I got CoreOS running on my Macbook using Vagrant. I am able

Re: Work locally on app that is inside CoreOS Docker container, running on Vagrant on Mac.

d in $PATH." > > Any ideas what I am missing? > > Cheers, > Michael > > > On Tuesday, January 3, 2017 at 9:40:51 AM UTC-8, Rob Szumski wrote: > Have you tried `docker run blah -v /home/core/share:/var/www/html/`? The > second path is inside the container. > >

Re: Work locally on app that is inside CoreOS Docker container, running on Vagrant on Mac.

the steps to recreate using the CoreOS image of Apache. I am getting > different error now using the cores/apache image: "docker: Error response > from daemon: No command specified.". > > Cheers, > Michael > > On Tuesday, January 3, 2017 at 9:40:51 AM UTC-8, Rob Szums

Re: Issue with mounting EBS volume using cloud-config and coreos-cloudinit command

Can you try adding the highlighted drop in to tell docker to start after mounting? https://github.com/coreos/docs/pull/747/files There is a similar example that uses a Container Linux config as well: https://coreos.com/os/docs/latest/mounting-sto

Re: Tectonic Installer and DigitalOcean?

DigitalOcean is not currently on the CoreOS roadmap, but a PR would be accepted if someone in the community wanted to work on it. A lot of the pieces required are already there - the Ignition profile, generic Terraform variables/plumbing, etc – the remaining work would be hooking that up to the

[ANNOUNCE] Dex 2.4.1 - security bugfix

e able to upgrade directly from their Console’s Cluster Settings screen. All other Tectonic users are encouraged to spin up 1.5.7 clusters and migrate workloads to Tectonic 1.5.7. Rob Szumski Tectonic Product Manager, CoreOS

Re: Tectonic Installer: How should I configure DNS for etcd?

Let’s move this conversation to Github if you don’t mind. That will engage the correct engineers that should be able to answer these questions. Mind opening an issue? Thanks for exploring DO support! - Rob > On May 9, 2017, at 11:32 PM, Arve Knudsen wrote: > > In implementing the Tectonic I

Re: When will Docker 17.x be in beta channel

Alpha is typically promoted to beta every 2-4 weeks. 17.x went into alpha 5 days ago, so it should be a few weeks. - Rob > On May 12, 2017, at 9:21 AM, Lion Vollnhals wrote: > > Hi! > > We are using coreos beta channel on our servers > and would like to use new features from Docker 17.x . >

Re: Currently recommended way of having databases in Kubernetes?

The latest versions of Kubernetes have a few concepts that help you run stateful apps on Kubernetes: PersistentVolumes/Volume Claims: provide a method for apps to claim storage provided by the cluster StatefulSets: an object designed to run stateful apps, which really comes down to being more c

Re: Currently recommended way of having databases in Kubernetes?

no cloud provider support for it in Kubernetes yet. > > Best, > Arve > > On Fri, May 19, 2017 at 5:56 PM Rob Szumski <mailto:rob.szum...@coreos.com>> wrote: > The latest versions of Kubernetes have a few concepts that help you run > stateful apps on Kubernetes:

Re: How much memory does prometheus-k8s-0 pod require?

Its default limit is 2GB, which allows it to keep a decent amount of history. 3-4GB should be good. I use the t2.medium on AWS which has 4GB. > On May 24, 2017, at 8:51 AM, Arve Knudsen wrote: > > How much memory does the prometheus-k8s-0 pod require? I've spun up a > Kubernetes cluster of 4 w

Re: How much memory does prometheus-k8s-0 pod require?

etting me know, Rob. I'm bringing this cluster up for testing > though, so I don't think you'll need much history. How can I configure > Promotheus to use a certain amount of memory? > > Thanks, > Arve > > On Wed, May 24, 2017 at 7:36 PM Rob Szumski <mail

Re: Running on GCE with etcd3 and flannel backend

Answers below. > 1. How do I use etcd v3 on GCE to setup the flannel backend? > > Is there any updated documentation? Once you have an etcd v3 cluster, you will need to use/export this variable for etcdctl: ETCDCTL_API=3. The documented command should work fine after that. > > 2. How do I set

Re: Running on GCE with etcd3 and flannel backend

t; Next steps will be to setup etcd v3 cluster and add then secure cluster. > > When I run etcdctl -v, I still get: > > etcdctl version 2.3.7 > > Even after I run export ETCDCTL_API=3, the value is the same for the version. > > Does this indicate that I am not using v3 or just

Re: How to install Heapster with Tectonic Installer installed cluster?

Sounds like you are hitting an RBAC rule that is insufficient (cant list pods). It looks like your manifest is trying to use the default RBAC role, but it’s different somehow than what Heapster expects. Does the version of Kubernetes match between Tectonic and what the standard config expects?

Re: Docker times out on latest beta Container Linux (v1465.2.0)

This may be due to some Quay system issues at the moment: http://status.quay.io/ > On Jul 26, 2017, at 12:39 PM, Dhawal Patel wrote: > > quay.io/nordstrom/awscli:1.11.30-1 > is a public image > > On Wednesday, July 26, 2017

Re: tectonic console pod

Do you have kubectl set up? Do you see any pods that are unhealthy? What are their logs? > On Sep 5, 2017, at 10:13 PM, Rushi Ns wrote: > > hello team, > > > > need quick help. Sorry to contact you all. > > > > I have deployed 1master 4 worker cluster and tectonic console (worker node

An update about Container Linux

inux offering. Whereas, some of the delivery mechanisms pioneered by Container Linux will be reviewed by a joint integration team and reconciled with Atomic.* Rob Szumski Product Manager - CoreOS

Re: Tectonic Enterprise Kubernetes License Clarification

Hi Joe, Yes, more than one person at your organization can use the 10 free nodes. It’s not a problem until it’s being abused to get around limits, which it sounds like you are definitely not. Enjoy Tectonic! - Rob On Mon, Apr 16, 2018 at 3:16 AM Joe San wrote: > I could see from the CoreOS We

Re: Tectonic Enterprise Kubernetes License Clarification

rprise. Is this correct? > > Thanks and Regards, > Jothi > > On Sat, Apr 21, 2018 at 12:19 AM, Rob Szumski wrote: > >> Hi Joe, >> >> Yes, more than one person at your organization can use the 10 free nodes. >> It’s not a problem until it’s being abused to get

Re: etcd-operator fork to etcd-io conversation

Hi Sam, The etcd-operator is not abandoned, it has just been taking a bit of a back burner as the team has been working to pass on the insights learned during development into the Operator SDK. Instead of a fork, would you (and/or others) be interested in becoming a maintainer? I am happy to star

Re: Prometheus Operator requires helm?

Nope, the Operator talks directly to the Kubernetes API to start and watch the Prometheus instances. Where you see Helm used is to deploy the Operator itself, but that is completely optional and you can just use the Deployment + RBAC role from the docs. If you didn't see a Prometheus cluster start

Re: Roadmap to integrate mysql or any db with Clair

It sounds like that is the latest update, but referencing your request on that PR would be helpful. - Rob On Mon, Aug 20, 2018 at 5:53 AM Changduk Kim wrote: > Hello Sam, > > Thanks for your feedback! > > I already saw this document, but it seems like an old answer (latest reply > is Aug 2017)

Re: WHEN WAS FLEET REMOVED????

That would be 1675.0.1 and was explained in this blog post: https://coreos.com/blog/migrating-from-fleet-to-kubernetes.html The path forward it to consume fleet via container and it should work just the same once you start that container when the machine boo

Re: WHEN WAS FLEET REMOVED????

I messed up the link, but that link has a section on running it on boot: https://coreos.com/fleet/docs/latest/launching-containers-fleet.html#running-fleet-via-a-container-linux-config On Fri, Aug 24, 2018 at 1:58 PM Adarsh J wrote: > 1675.0.1 - https://coreos.com/releases/#1675.0.1 > > pls read

Container Linux updates addressing Fix runc container breakout (CVE-2019-5736)

Hi everyone, Container Linux updates are rolling across all channels for the runc breakout CVE. Versions 2051.0.0, 2023.2.0, and 1967.5.0 are now available. To update immediately, follow these instructions .

Re: Security issue in Clair v2.0.9

Hi there, This is a CVE for musl, which is the libc used in Alpine Linux. The image Red Hat officially supports for Clair is based on RHEL, so it does not have this issue. This dependency will be bumped with the next release of Clair. - Rob On Fri, Oct 18, 2019 at 2:10 PM Brent Borovan wrote:

Re: Security issue in Clair v2.0.9

I believe that is the community image. It should be updated soon. The product images should come from registry.redhat.io. On Mon, Oct 21, 2019 at 2:31 PM Brent Borovan wrote: > Hi Rob, > > Thanks for the info and is appreciated. > > I am using the image quay.io/coreos/clair:v2.0.9 which I assum

Re: In general CoreOS is used for creating cluster . So which ports should be open by default in coreOS ?

Yes, that's correct. If you want to use etcd, those are the ports. On Fri, Nov 1, 2019 at 3:53 AM Parag Gupta wrote: > as far as i know port 2379 and 2380 should be opened if etcd cluster is > being used . am i right ? > Can i launch a cluster without etcd nodes ? i am askng this because if i >

Re: Automating CoreOS provisioning images in AWS

Once you’re able to connect to the API then I would say you can call the cluster operational. Keep in mind that the deployment process downloads ~400 MB of containers so the timing will vary there. Make sure you have a robust backoff loop for that check. - Rob > On Jun 8, 2016, at 1:28 PM, Ga

Re: Kubernetes Installation with Vagrant & CoreOS and insecure Docker registry

Your vagrant box sources two pieces of user data from within the coreos-kubernetes repo, one for a worker and one for a controller. You can edit this user data to add in the insecure registry drop in from the CoreOS docs

Re: kubernetes coreos multi-node

The Vagrant set up assumes you are using kubectl from the same machine running Vagrant and references a bunch of generated TLS assets. You can see which in the provided kubectl config file: https://github.com/coreos/coreos-kubernetes/blob/master/multi-node/vagrant/kubeconfig

Re: How to expose kubernetes service to public

It doesn’t look like you have cloud credentials set up to use Type=LoadBalancer. If it had worked, you’d see a “loadBalancerIP” field. You could also expose this service as a NodePort, which is just a port in the 32xxx range that works on every machine in the cluster. You can then hook this up

Re: How to expose kubernetes service to public

h local Vagrant&CoreOS. > > Thank you, Turgos, > > On Fri, Jun 24, 2016 at 12:59 PM, Rob Szumski <mailto:rob.szum...@coreos.com>> wrote: > It doesn’t look like you have cloud credentials set up to use > Type=LoadBalancer. If it had worked, you’d see a “loadBalancerIP”

Re: How to expose kubernetes service to public

,10.2.97.3:8080 > <http://10.2.97.3:8080/> > Session Affinity: None > > No events. > > > $ curl http://10.3.0.88:31713 <http://10.3.0.88:31713/> > > curl: (7) Failed to connect to 10.3.0.88 port 31713: Operation timed out > > > > > > By the

Re: How to expose kubernetes service to public

f the pod. Not the IP of the virtual machine. > You need to hit the 172.17.4.x address as rob mentions. > > On Fri, Jun 24, 2016 at 12:04 PM Rob Szumski <mailto:rob.szum...@coreos.com>> wrote: > Are you using the coreos-kubernetes Vagrant boxes > <https://coreos.com/ku

Re: 1.3.0 cni using quay

I believe the CNI binaries are being baked into all of the images, starting with 1.3.x. You should be good to go. Shout if that doesn’t work for you. - Rob > On Jul 17, 2016, at 10:53 AM, Osman Ali wrote: > > I would like to install Kubernetes 1.3.0 with the CNI binaires using quay. Is > a v

Re: CoreOS as single standalone machine

You can attach these containers to “host” networking, which will allow you to do simple port addressing, like you would with a non-containerized host. Run X on 8080, run Y on , etc. Applies to both rkt and Docker. rkt networking docs: https://coreos.com/rkt/docs/latest/networking/overview.h

Re: Creating a meta-data service for CoreOS to integrate into a cloud provider

Several providers have implemented “EC2 compatible” metadata services that work with CoreOS, similar to OpenStack. The basic idea is to send back the info in that format. So, serve from http://169.254.169.254/ . I’m not sure of everything CoreOS reads, but it’s definite