Tag Archives: Kubernetes

Kubernetes: ClusterIP vs NodePort vs LoadBalancer, Services, and Ingress – an overview with examples

24 June 2020
 

 For network communications, Kubernetes presents four Service types – ClusterIP (the default one), NodePort, LoadBalancer, and ExternalName, plus the Ingress resources. In this post, we will take a short overview of all of them, and will check how they are working. The documentation is available here – Publishing Services (ServiceTypes). I’m using AWS Elastic Kubernetes… Read More »

Kubernetes: 503 no endpoints available for service – the cause and solution

15 June 2020
 

 We have a Redis service running behind a Service with the ClusterIP type. This Redis must accessible by pods from the same namespace (a Gorush service). The proble is that those pod can’t connect to the Redis service using its gorush-server-redis-svc:6379 name and reporting “Can’t connect redis server: connection refused“: Althought the service is present… Read More »

Helm: helm-secrets – sensitive data encryption with AWS KMS and use it with Jenkins

16 May 2020
 

 So, as a follow-up to the Helm: Kubernetes package manager – an overview, getting started post – let’s discuss about sensitive data in our Helm charts. What I want is to store a chart files in a repository, but even if such a repo will be a private Github repo – I still don’t want… Read More »

Helm: Kubernetes package manager – an overview, getting started

3 May 2020
 

 The official documentation calls Helm as a “The package manager for Kubernetes“, but in fact, Helm is something bigger than just a package manager – it’s more an application controlling tool for their installation, managing, upgrading, configuration, etc. In this post, we will take an overview of Helm in general, its Charts, templates, variables, and… Read More »

AWS Elastic Kubernetes Service: a cluster creation automation, part 2 – Ansible, eksctl

1 May 2020
 

 The first part – AWS Elastic Kubernetes Service: a cluster creation automation, part 1 – CloudFormation. To remind the whole idea is to create an automation process to create an EKS cluster: Ansible uses the cloudformation module to create an infrastructure by using an Outputs of the CloudFormation stack created – Ansible from a template will… Read More »

Kubernetes: monitoring with Prometheus – exporters, a Service Discovery, and its roles

26 April 2020
 

 The next task with our Kubernetes cluster is to set up its monitoring with Prometheus. This task is complicated by the fact, that there is the whole bunch of resources needs to be monitored: from the infrastructure side – ЕС2 WokerNodes instances, their CPU, memory, network, disks, etc key services of Kubernetes itself – its… Read More »

AWS Elastic Kubernetes Service: a cluster creation automation, part 1 – CloudFormation

24 April 2020
 

 The task is: create automation to roll out an AWS Elastic Kubernetes Service cluster from scratch. Will use: Ansible: to automate CloudFormation stack creation and to execute eksctl with necessary parameters CloudFormation with NestedStacks: to create an infrastructure – VPC, subnets, SecurityGroups, IAM-roles, etc eksctl: to create a cluster itself using resources created by CloudFormation… Read More »

AWS Elastic Kubernetes Service: running ALB Ingress controller

21 April 2020
 

 AWS ALB Ingress Controller for Kubernetes – is a Kubernetes controller which actually controls AWS Application Load Balancers (ALB) in an AWS account when an Ingress resource with the kubernetes.io/ingress.class: alb annotation is created in a Kubernetes cluster. This Ingress resource in its turn describes an ALB Listeners configuration with SSL termination or traffic routing… Read More »

Kubernetes: part 5 — RBAC authorization with a Role and RoleBinding example

26 March 2020
 

 The next task is to add a new user who will have access to check pods state and watch logs – any other operations must be prohibited. AWS EKS uses AWS IAM for authentification in a Kubernetes cluster (check the Kubernetes: part 4 – AWS EKS authentification, aws-iam-authenticator and AWS IAM post for details), bot… Read More »

Linux: PHP-FPM, Docker, STDOUT and STDERR – no an application’s error logs

24 February 2020
 

 We have a Docker image with NGINX, PHP-FPM, and Supervisor. In the same image, we have our PHP application included, which outputs its errors to the /dev/stderr as per its php.ini file: … [global] error_log=/dev/stderr … The problem is, that if run kubectl logs –  there will be no error output from the application. So,… Read More »