I have a kubernetes cluster, and I basically have an authenticated api for deploying tasks within the cluster without having kubectl etc set-up locally. I'm aware of the client libraries etc for the Kubernetes api, however they don't seem to support all of the different primatives etc (including some custom ones like Argo). So I just wondered if there was a way I could effectively run $ kubectl apply -f ./file.yml within a container on the cluster?
Obviously I can create a container with kubectl installed, but I just wondered how that could then 'connect' to the Kubernetes controller?
Yes, it is possible. refer halyard container. spinnaker is deployed from halyard container.
You can choose from existing ones: https://hub.docker.com/search?q=kubectl&type=image
I found that the roffe/kubectl image works well for running a kubectl apply -f to deploy to my cluster. However, you do need to use a ClusterRole and ClusterRoleBinding "attached" to your ServiceAccount, (and the serviceAccount named in your kubectl container), to deploy to any other namespaces.
Related
I have docker images of different elk stacks, and I want to communicate between them. I have achieved it by creating a docker network and accessing them via hostname. I want to know if we can pass this properties in the kubernetes or not?
Can we create a docker network over there? And how do we pass these properties inside the deployment yaml?
I have created a docker network named as "elk", and then passed it in the run arguments (as docker run --network=elk -h elasticsearch ....)
I am expecting to create this network in kubernetes cluster and then pass these properties to deployment yaml
Kubernetes does not have Docker's notion of separate per-application isolated networks. You can't reproduce this Docker setup in Kubernetes and don't need to. Also see Services, Load Balancing, and Networking in the Kubernetes documentation.
In Kubernetes you usually do not communicate directly with Pods (containers). Instead, you also create a Service matching each Deployment, and then make calls to the Service name and port.
If you're currently deploying containers with docker run --net=... then you can ignore that option when migrating to Kubernetes. If you're using Compose, I'd suggest first trying to update the Compose setup to use only the Compose-provided default network, removing all of the networks: blocks.
For something like Elasticsearch, you probably want to run it in a StatefulSet which can also manage the per-replica storage. This has specific requirements around corresponding Services, and it does provide a way to connect to a specific replica when you need to. Relevantly to this question, if the StatefulSet is named elasticsearch then the Pods will be named elasticsearch-0, elasticsearch-1, and so on, and these names will also be visible as the hostname(8) inside the container, matching the docker run -h option.
im trying to make my first kubernetes project, but the problem is that i may have some configuration issues.
For example i wanted to run this project:
https://gitlab.com/codeching/kubernetes-multicontainer-application-react-nodejs-postgres-nginx
I did:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v0.46.0/deploy/static/provider/cloud/deploy.yaml
Then
kubectl apply -f k8s
But when i enter the http://localhost i just get ERR_EMPTY_RESPONSE
Anyone knows why? I have newly installed docker desktop & kubernetes, everything is green & working, but somehow i can't run even this simple project.
The ingress-nginx ingress service is getting deployed as LoadBalancer Service type. if LoadBalancer is not attached, you can use port forwarding of the service to access applications in the cluster.
i have to say that my question is a little confusing but i'll try to be as clear as possible:
in docker there is a command to run a container and make it use another container's network the command is : docker run --net=container
so basically, i want to make k8s execute that command to create a pod, is that possible ? or is there any other alternative command for that in k8s ?
in another words, what command does the k8s api-server execute to create containers on worker nodes?
there is a lot of questions over there lol, i hope you will understand what i want to say ...
I am not sure if i understand what you want but if you want to capture a pod's traffic network you can use a service mesh like Istio or Linkerd
I worked with Istio and you can have metrics for all traffic within a cluster
I was handed a kubernetes cluster to manage. But in the same node, I can see running docker containers (via docker ps) that I could not able to find/relate in the pods/deployments (via kubectl get pods/deployments).
I have tried kubectl describe and docker inspect but could not pick out any differentiating parameters.
How to differentiate which is which?
There will be many. At a minimum you'll see all the pod sandbox pause containers which are normally not visible. Plus possibly anything you run directly such as the control plane if not using static pods.
One of the options to use Kubernetes on Windows 10 is to enable it from Docker for Windows.
However reading many tutorials from K8S site they manage something by using minikube - for example adding addons.
Since using the option with docker we don't have minikube.
For example, how to add addon to such instance?
You would have to manually grab the addon YAML file and kubectl apply -f it. But most things have Helm charts available too so maybe just do that instead?