Istio is a Service Mesh solution that allows performing Service Discovery, Load Balancing, traffic control, canary rollouts and blue-green deployments, traffic monitoring between microservices. We will use Istio in our AWS Elastic Kubernetes Service for traffic monitoring, as an API Gateway service, for traffic policies, and for various deployment strategies. In this post, will speak… Read More »
Usually, we don’t see Endpoints objects when using Kubernetes Services, as they are working under the hood, similarly to ReplicaSets which are “hidden” behind Kubernetes Deployments. Kubernetes Service So, Service is a Kubernetes abstraction that uses labels to chose pods to route traffic to, see the Kubernetes: ClusterIP vs NodePort vs LoadBalancer, Services, and Ingress… Read More »
For network communications, Kubernetes presents four Service types – ClusterIP (the default one), NodePort, LoadBalancer, and ExternalName, plus the Ingress resources. In this post, we will take a short overview of all of them, and will check how they are working. The documentation is available here – Publishing Services (ServiceTypes). I’m using AWS Elastic Kubernetes… Read More »
We have a Redis service running behind a Service with the ClusterIP type. This Redis must accessible by pods from the same namespace (a Gorush service). The problem is that those pod can’t connect to the Redis service using its gorush-server-redis-svc:6379 name and reporting “Can’t connect redis server: connection refused“: [simterm] $ kk -n gorush-test… Read More »
We have a Redis-cluster with Master-slave replication and Sentinel, see the Redis: replication, part 2 – Master-Slave replication, and Redis Sentinel, Redis: fork – Cannot allocate memory, Linux, virtual memory and vm.overcommit_memory, and Redis: main configuration parameters and performance tuning overview posts. The system worked great until we started using it much more actively. Redis… Read More »
We have a web application which has to accept POST-requests from clients. In front of this application, there is some proxy service, no matter which – initially, we faced the issues on an AWS’s Application Load Balancer, then I reproduced them with NGINX, and it will “work” for any other proxying system. Besides proxying –… Read More »
We are using AWS VPC DNS and sometimes facing with errors like “php_network_getaddresses: getaddrinfo failed: Temporary failure in name resolution“. The only advice from AWS tech. support was to configure a local dnsmasq service to act as a local DNS cache, but I did this already year ago and this issue happens once in 1-2-3… Read More »
We have an OpenVPN Access Server running, see its setup in the OpenVPN: OpenVPN Access Server set up and AWS VPC peering configuration post. The VPN server is hosted in a first AWS VPC, while a Bitwarden service – in another one VPC. Between those VPCs we have a VPC peering configured, and the OpenVPN… Read More »
Currently configuring Redis server as our backend caching service and during that wrote this post with some things to pay attention at in Redis config file. Shortly enough but with links to other posts or documentation. Let’s begin with the redis-benchmark utility. Will be installed alongside with Redis service, so can be used right after… Read More »
We have a Docker Compose stack with Jenkins, SonarQube, and PostgresSQL, check the SonarQube: running tests from Jenkins Pipeline in Docker post. The problem is that they are described in the same Docker Compose file and are restarted by the same systemd file (check the Linux: systemd сервис для Docker Compose post, Rus) Thus, if… Read More »