Tag Archives: Kubernetes

AWS: InvalidSignatureException: Signature not yet current and Kubernetes AWS ALB Ingress controller
0 (0)

4 March 2021

One day our developers said that they can not create new AWS LoadBalancers via Ingress on our Kubernetes Dev cluster (AWS EKS). Balancers are created using AWS ALB Controller, see AWS Elastic Kubernetes Service: running ALB Ingress controller. Errors in the controller’s logs were: E0304 07:12:38.595113       1 controller.go:217] kubebuilder/controller “msg”=”Reconciler error” “error”=”no object matching key… Read More: AWS: InvalidSignatureException: Signature not yet current and Kubernetes AWS ALB… »

Loading

Jenkins: running workers in Kubernetes and Docker images build
0 (0)

27 February 2021

We have a Jenkins instance that is running jobs in Docker containers on its host. Eventually, we’ve faced with an issue when the current AWS Ec2 instance t2.2xlarge (8 CPU, 32 RAM) during peak workload periods was too overloaded – not enough CPU time, not enough memory. So, the first solution could be to proceed… Read More: Jenkins: running workers in Kubernetes and Docker images build0 (0) »

Loading

Kubernetes: NGINX/PHP-FPM graceful shutdown and 502 errors
0 (0)

25 February 2021

We have a PHP application running with Kubernetes in pods with two dedicated containers – NGINX и PHP-FPM. The problem is that during downscaling clients get 502 errors. E.g. when a pod is stopping, its containers can not correctly close existing connections. So, in this post, we will take a closer look at the pods’… Read More: Kubernetes: NGINX/PHP-FPM graceful shutdown and 502 errors0 (0) »

Loading

Logz.io: collection logs from Kubernetes – fluentd vs filebeat
0 (0)

1 February 2021

We are using Logz.io to collect our Kubernetes cluster logs (also, there is a local Loki instance). Logs are collected and processed by a Fluentd pod on every WorkerNode which are deployed from a DaemonSet in its default configuration, see the documentation here – logzio-k8s. The problem we faced is that those pods are consuming… Read More: Logz.io: collection logs from Kubernetes – fluentd vs filebeat0 (0) »

Loading

ArgoCD: a Helm chart deployment, and working with Helm Secrets via AWS KMS
0 (0)

22 November 2020

In the previous post ArgoCD: an overview, SSL configuration, and an application deploy we did a quick overview on how to work with the ArgoCD in general, and now let’s try to deploy a Helm chart. The most interesting part of this is how to enable the Helm Secrets. Had some pain with this, but… Read More: ArgoCD: a Helm chart deployment, and working with Helm Secrets… »

Loading

ArgoCD: an overview, SSL configuration, and an application deploy
0 (0)

22 November 2020

ArgoCD helps to deliver applications to Kubernetes by using the GitOps approach, i.e. when a Git-repository is used as a source of trust, thus all manifest, configs and other data are stored in a repository. It can b used with Kubernetes manifest, kustomize, ksonnet, jsonnet, and what we are using in our project – Helm-charts.… Read More: ArgoCD: an overview, SSL configuration, and an application deploy0 (0) »

Loading

Kubernetes: ServiceAccounts, JWT-tokens, authentication, and RBAC authorization
0 (0)

22 November 2020

For the authentification and authorization, Kubernetes has such notions as User Accounts and Service Accounts. User Accounts – common user profiles used to access a cluster from the outside, while Service Accounts are used to grant access from inside of the cluster. ServiceAccounts are intended to provide an identity for a Kubernetes Pod to be… Read More: Kubernetes: ServiceAccounts, JWT-tokens, authentication, and RBAC authorization0 (0) »

Loading

Kubernetes: update AWS Route53 DNS from an Ingress
0 (0)

22 November 2020

We’d like to have the ability to add a DNS-record on the AWS Route53 when a Kubernetes Ingress resource is deployed and point this record to the URL of an AWS Load Balancer which is created by the ALB Ingress controller. To achieve this, the ExternalDNS can be used which will make API-requests to the… Read More: Kubernetes: update AWS Route53 DNS from an Ingress0 (0) »

Loading

Jenkins: Redis deployment, and Helm subchart values
0 (0)

1 November 2020

The task is to create a Jenkins job to deploy Redis to Dev/Stage/Prod Kubernetes clusters. In the Redis: running Master-Slave replication in Kubernetes we did it manually to see how it’s working, now it’s time to automate it. The main question is how to pass parameters for different environments during the deployment? I’d like to… Read More: Jenkins: Redis deployment, and Helm subchart values0 (0) »

Loading

Kubernetes: Service, load balancing, kube-proxy, and iptables
0 (0)

1 November 2020

One day I wondered – how is load balancing between pods is working in Kubernetes? I.e. – we have an external Load Balancer. Then a Service. And behind it – Pods. What happens when we are receiving a network packet from the world, and we have a few pods – how the traffic will be… Read More: Kubernetes: Service, load balancing, kube-proxy, and iptables0 (0) »

Loading