Tag Archives: Networks

Istio: shared Ingress/AWS ALB, Helm chart with conditions, Istio, and ExternalDNS

27 April 2021
 

 Let’s proceed with our journey with Istio. Previous parts: Istio: an overview and running Service Mesh in Kubernetes Istio: external AWS Application LoadBalancer and Istio Ingress Gateway Besides Istio, in this post, we will also configure ExternalDNS, see the Kubernetes: update AWS Route53 DNS from an Ingress for details. Everything described below is a kind… Read More »

Istio: a cause and solution of the “SQLSTATE Connection refused”

23 April 2021
 

 During starting a pod we got errors “SQLSTATE[HY000] [2002] Connection refused’” in two different applications – a РНР/Yii and NodeJS. In the РHР/Yii it’s coming when we are running a pre-install hook during deployment with Helm and on the MySQL Migration Job execution: Yii Migration Tool (based on Yii v2.0.38)Exception ‘yii\db\Exception’ with message ‘SQLSTATE[HY000] [2002]… Read More »

Istio: an overview and running Service Mesh in Kubernetes

11 April 2021
 

 Istio is a Service Mesh solution that allows performing Service Discovery, Load Balancing, traffic control, canary rollouts and blue-green deployments, traffic monitoring between microservices. We will use Istio in our AWS Elastic Kubernetes Service for traffic monitoring, as an API Gateway service, for traffic policies, and for various deployment strategies. In this post, will speak… Read More »

Kubernetes: what is Endpoints

13 March 2021
 

 Usually, we don’t see Endpoints objects when using Kubernetes Services, as they are working under the hood, similarly to ReplicaSets which are “hidden” behind Kubernetes Deployments. Kubernetes Service So, Service is a Kubernetes abstraction that uses labels to chose pods to route traffic to, see the Kubernetes: ClusterIP vs NodePort vs LoadBalancer, Services, and Ingress… Read More »

Kubernetes: ClusterIP vs NodePort vs LoadBalancer, Services, and Ingress – an overview with examples

24 June 2020
 

 For network communications, Kubernetes presents four Service types – ClusterIP (the default one), NodePort, LoadBalancer, and ExternalName, plus the Ingress resources. In this post, we will take a short overview of all of them, and will check how they are working. The documentation is available here – Publishing Services (ServiceTypes). I’m using AWS Elastic Kubernetes… Read More »

Kubernetes: 503 no endpoints available for service – causes and solutions

15 June 2020
 

 We have a Redis service running behind a Service with the ClusterIP type. This Redis must accessible by pods from the same namespace (a Gorush service). The problem is that those pod can’t connect to the Redis service using its gorush-server-redis-svc:6379 name and reporting “Can’t connect redis server: connection refused“: Although the service is present… Read More »

Redis: “psync scheduled to be closed ASAP for overcoming of output buffer limits” and the client-output-buffer-limit

26 February 2020
 

 We have a Redis-cluster with Master-slave replication and Sentinel, see the Redis: replication, part 2 – Master-Slave replication, and Redis Sentinel, Redis: fork – Cannot allocate memory, Linux, virtual memory and vm.overcommit_memory, and Redis: main configuration parameters and performance tuning overview posts. The system worked great until we started using it much more actively. Redis… Read More »

HTTP: redirects, POST and GET requests, and the “lost” data

23 November 2019
 

 We have a web application which has to accept POST-requests from clients. In front of this application, there is some proxy service, no matter which – initially, we faced the issues on an AWS’s Application Load Balancer, then I reproduced them with NGINX, and it will “work” for any other proxying system. Besides proxying –… Read More »

dnsmasq: AWS – “Temporary failure in name resolution”, logs, debug and dnsmasq cache size

28 October 2019
 

 We are using AWS VPC DNS and sometimes facing with errors like “php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution“. The only advice from AWS tech. support was to configure a local dnsmasq service to act as a local DNS cache, but I did this already year ago and this issue happens once in 1-2-3… Read More »

OpenVPN: the No route to host and ERR_ADDRESS_UNREACHABLE errors – the cause and a solution

14 October 2019
 

 We have an OpenVPN Access Server running, see its setup in the OpenVPN: OpenVPN Access Server set up and AWS VPC peering configuration post. The VPN server is hosted in a first AWS VPC, while a Bitwarden service – in another one VPC. Between those VPCs we have a VPC peering configured, and the OpenVPN… Read More »