Tag Archives: Kubernetes

AWS: InvalidSignatureException: Signature not yet current and Kubernetes AWS ALB Ingress controller
0 (0)

4 March 2021

One day our developers said that they can not create new AWS LoadBalancers via Ingress on our Kubernetes Dev cluster (AWS EKS). Balancers are created using AWS ALB Controller, see AWS Elastic Kubernetes Service: running ALB Ingress controller. Errors in the controller’s logs were: E0304 07:12:38.595113       1 controller.go:217] kubebuilder/controller “msg”=”Reconciler error” “error”=”no object matching key… Read More »

Loading

Jenkins: running workers in Kubernetes and Docker images build
0 (0)

27 February 2021

We have a Jenkins instance that is running jobs in Docker containers on its host. Eventually, we’ve faced with an issue when the current AWS Ec2 instance t2.2xlarge (8 CPU, 32 RAM) during peak workload periods was too overloaded – not enough CPU time, not enough memory. So, the first solution could be to proceed… Read More »

Loading

Kubernetes: NGINX/PHP-FPM graceful shutdown and 502 errors
0 (0)

25 February 2021

We have a PHP application running with Kubernetes in pods with two dedicated containers – NGINX и PHP-FPM. The problem is that during downscaling clients get 502 errors. E.g. when a pod is stopping, its containers can not correctly close existing connections. So, in this post, we will take a closer look at the pods’… Read More »

Loading

Logz.io: collection logs from Kubernetes – fluentd vs filebeat
0 (0)

1 February 2021

We are using Logz.io to collect our Kubernetes cluster logs (also, there is a local Loki instance). Logs are collected and processed by a Fluentd pod on every WorkerNode which are deployed from a DaemonSet in its default configuration, see the documentation here – logzio-k8s. The problem we faced is that those pods are consuming… Read More »

Loading

ArgoCD: a Helm chart deployment, and working with Helm Secrets via AWS KMS
0 (0)

22 November 2020

In the previous post ArgoCD: an overview, SSL configuration, and an application deploy we did a quick overview on how to work with the ArgoCD in general, and now let’s try to deploy a Helm chart. The most interesting part of this is how to enable the Helm Secrets. Had some pain with this, but… Read More »

Loading

ArgoCD: an overview, SSL configuration, and an application deploy
0 (0)

22 November 2020

ArgoCD helps to deliver applications to Kubernetes by using the GitOps approach, i.e. when a Git-repository is used as a source of trust, thus all manifest, configs and other data are stored in a repository. It can b used with Kubernetes manifest, kustomize, ksonnet, jsonnet, and what we are using in our project – Helm-charts.… Read More »

Loading

Kubernetes: ServiceAccounts, JWT-tokens, authentication, and RBAC authorization
0 (0)

22 November 2020

For the authentification and authorization, Kubernetes has such notions as User Accounts and Service Accounts. User Accounts – common user profiles used to access a cluster from the outside, while Service Accounts are used to grant access from inside of the cluster. ServiceAccounts are intended to provide an identity for a Kubernetes Pod to be… Read More »

Loading

Kubernetes: update AWS Route53 DNS from an Ingress
0 (0)

22 November 2020

We’d like to have the ability to add a DNS-record on the AWS Route53 when a Kubernetes Ingress resource is deployed and point this record to the URL of an AWS Load Balancer which is created by the ALB Ingress controller. To achieve this, the ExternalDNS can be used which will make API-requests to the… Read More »

Loading

Jenkins: Redis deployment, and Helm subchart values
0 (0)

1 November 2020

The task is to create a Jenkins job to deploy Redis to Dev/Stage/Prod Kubernetes clusters. In the Redis: running Master-Slave replication in Kubernetes we did it manually to see how it’s working, now it’s time to automate it. The main question is how to pass parameters for different environments during the deployment? I’d like to… Read More »

Loading

Kubernetes: Service, load balancing, kube-proxy, and iptables
0 (0)

1 November 2020

One day I wondered – how is load balancing between pods is working in Kubernetes? I.e. – we have an external Load Balancer. Then a Service. And behind it – Pods. What happens when we are receiving a network packet from the world, and we have a few pods – how the traffic will be… Read More »

Loading