본문 바로가기

Kubernetes/Management24

Cert-manager with LetsEncrypt (HTTP challenge) 2021.03.23, 2020.07.13 Cert-manager with LetsEncrypt (DNS challenge): https://1week.tistory.com/2 Cert-manager with LetsEncrypt (HTTP challenge) 1. 개요 - Cert-manager is a native Kubernetes certificate management controller. It can help with issuing certificates from a variety of sources, such as Let’s Encrypt, HashiCorp Vault, Venafi, a simple signing key pair, or self signed. Cert-manager can b.. 2021. 9. 23.

ClusterIP, NodePort, Ingress 개념 2020.04.10 1. ClusterIP - A ClusterIP service is the default Kubernetes service. It gives you a service inside your cluster that other apps inside your cluster can access. There is no external access. $ k proxy --port=8080 & [1] 893 ysjeon71_kubeflow2@cs-6000-devshell-vm-92bccb22-ff7a-491b-99a2-c333678d033d:~/exam-tfserving$ Starting to serve on 127.0.0.1:8080 The service’s proxy URL: http://kub.. 2021. 9. 23.

K8s 잡학다식 - busybox / Favoriate OS $ kubectl run -it --rm --restart=Never --image=busybox busybox -- sh $ kubectl run -it --rm --restart=Never --image=centos centos -- bash $ kubectl run -it --rm --restart=Never --image=ubuntu ubuntu — bash $ kubectl run -it --rm --restart=Never --image=alpine alpine -- bash - netshoot : a Docker + Kubernetes network trouble-shooting swiss-army container (https://github.c.. 2021. 9. 23.

Cert-manager with LetsEncrypt (DNS challenge) 2020.07.16 Cert-manager with LetsEncrypt (DNS challenge) Cert-manager with LetsEncrypt (HTTP challenge): https://1week.tistory.com/57 1. 개요 - cert-manager is a native Kubernetes certificate management controller. It can help with issuing certificates from a variety of sources, such as Let’s Encrypt, HashiCorp Vault, Venafi, a simple signing key pair, or self signed. - cert-manager can be used to.. 2021. 9. 23.

Crobjob 2020.08.07 1. K8s CronJob https://kubernetes.io/ko/docs/concepts/workloads/controllers/cron-jobs/ 2. CrobJob Test $ cat cronjob.yaml apiVersion: batch/v1beta1 kind: CronJob metadata: name: hello namespace: yoosung-jeon spec: schedule: "*/1 * * * *" jobTemplate: spec: template: spec: containers: - name: hello image: busybox args: - /bin/sh - -c - date; echo Hello from the Kubernetes cluster resta.. 2021. 9. 23.

K8s - Slab memory leakage 2020.12.02 a. Problem: POD - cannot allocate memory - Environments Kubernetes 1.16.15, centos 7.8 / 7.9, Docker 19.03 / 20.10 - leakage 발생 centos 7.8 / 3.10.0-1127.el7.x86_64 / Docker 19.03 (iap10, iap11) centos 7.9 / 3.10.0-1160.15.2.el7.x86_64 / Dcoker 20.10.3 - leakage 미 발생 centos 7.8 / 3.10.0-1127.el7.x86_64 / Docker 18.06 (iap04 ~ iap09) [iap@iap01 ~]$ k describe pod rook-ceph-osd-prepare-i.. 2021. 9. 16.

K8s - Node NotReady 2021.05.11 1. 개요 - Issue ✓ 특정 Node가 NotReady 상태가 되면, Node에 속한 POD는 Terminating 상태로 변경/유지되면서 self-healing이 진행되지 않음 ✓ 영향도 ▷ Deployments는 서비스가 가능 (단, replica 수 > 1 & Node 간 분산 배치) ▷ Statefulsets는 애플리케이션 마다 서비스 지속 여부가 다름 (ex. MariaDB 서비스 불가, Redis cluster는 서비스 가능) ✓ If an entire node goes down, Kubernetes generally isn’t able to spin a new one up ▷ AWS, GCP에서는 autoscaling groups 기능으로, Azure에서는 scale.. 2021. 9. 16.

K8s - CNI not ready 2020.12.01 a. Problem: Worker node - 재기동 후 상태가 not ready임 (cni) - Environments Kubernetes 1.16.15 [iap@iap01 ~]$ k get nodes iap11 NAME STATUS ROLES AGE VERSION iap11 NotReady 60d v1.16.15 [iap@iap01 ~]$ k describe nodes iap11 | grep Conditions -A6 Conditions: Type Status LastHeartbeatTime LastTransitionTime Reason Message ---- ------ ----------------- ------------------ ------ ------- MemoryPre.. 2021. 9. 15.

istio - Envoy CPU 과다 점유 2020.12.01 a. Problem: Worker node - CPU 과다 점유로 성능 저하 현상 발생 - Environments Kubernetes 1.16.15, istio 1.3 - 영향도 Rook ceph의 rook-ceph-mon-o POD가 iap04 노드에서 동작될 경우 응답 속도가 느려서 quorum에서 제외 되면서 fail-over 동작 [root@iap04 ~]# top top - 10:46:25 up 6 days, 17:58, 1 user, load average: 73.37, 77.52, 79.46 Tasks: 403 total, 19 running, 382 sleeping, 0 stopped, 2 zombie %Cpu(s): 90.1 us, 8.2 sy, 0.0 ni, 0.0 .. 2021. 9. 15.

이전 1 2 다음

티스토리툴바