10 messages
Dhamodharanover 2 years ago
When i try to deploy a statefulset application on GKE(created by Autopilot mode) using cloudshell, its throwing the below error, can someone help me to fix this?
Error from server (GKE Warden constraints violations): error when creating "envs/local-env/": admission webhook "<http://warden-validating.common-webhooks.networking.gke.io|warden-validating.common-webhooks.networking.gke.io>" denied the request: GKE Warden rejected the request because it violates one or more constraints.
Violations details: {"[denied by autogke-disallow-privilege]":["container increase-the-vm-max-map-count is privileged; not allowed in Autopilot"]}
Requested by user: 'dhamodharan', groups: 'system:authenticated'.A
Andyover 2 years ago
Hi a
• Resource metrics reported in AWS console (see example with CPU=~50%)
• Resource metrics reported by cluster-autoscaler (they often appear to be bigger than the ones in AWS console) e.g. CPU~80%
I've attached screenshots of each for the same EC2 instance
cluster-autoscaler question. We appear to have a discrepancy between:• Resource metrics reported in AWS console (see example with CPU=~50%)
• Resource metrics reported by cluster-autoscaler (they often appear to be bigger than the ones in AWS console) e.g. CPU~80%
I've attached screenshots of each for the same EC2 instance
Balazs Vargaover 2 years ago
hello all,
What backup solution do you use for k8s ?
Currently we use velero. Anybody who uses stash, Trilio, Kasten ? How expensive are they ? Are they better than velero ?
What backup solution do you use for k8s ?
Currently we use velero. Anybody who uses stash, Trilio, Kasten ? How expensive are they ? Are they better than velero ?
Xu Pengfeiover 2 years ago
https://medium.com/@xpf6677/gitops-with-kcl-programming-language-cb910230e310 Hi forks 👋 ! I wrote a blog about GitOps + KCL Integration and and would love to hear your feedback!
Xu Pengfeiover 2 years ago
🎉🎉 🎉 Hi all. KCL v0.5.0 is out! See here for release note and more information. https://kcl-lang.io/
+ Use KCL language and IDE with more complete features and fewer errors to improve code writing experience and efficiency.
+ Use KPM, KCL OpenAPI, OCI Registry and other tools to directly use and share your cloud native domain models, reducing learning and hands-on costs.
+ Using community tools such as Github Action, ArgoCD, and Kubectl KCL plugins to integrate and extend support to improve automation efficiency.
+ Use KCL language and IDE with more complete features and fewer errors to improve code writing experience and efficiency.
+ Use KPM, KCL OpenAPI, OCI Registry and other tools to directly use and share your cloud native domain models, reducing learning and hands-on costs.
+ Using community tools such as Github Action, ArgoCD, and Kubectl KCL plugins to integrate and extend support to improve automation efficiency.
Matthew Jamesover 2 years ago
has anyone in tried template controller with fluxcd? https://medium.com/kluctl/introducing-the-template-controller-and-building-gitops-preview-environments-2cce4041406a
I'm super interested in trying to make ephemeral preview environments and this approach looks pretty slick
I'm super interested in trying to make ephemeral preview environments and this approach looks pretty slick
Adnanover 2 years ago
Hi all. I was wondering, how are you autoscaling pods (workers) that consume SQS messages? How stable is the autoscaling? Are you happy with it?
Matthew Jamesover 2 years ago(edited)
Looking to see if anyone has come across a "config" or other type setup that will mark an ec2 as unhealthy. Reason being when using self managed node groups as part of our patching policy we need to build new AMIs and perform instance refresh in AWS. After hearing what happened to datadog i'm hoping there's a more sane approach to having the ASG back out of an instance refresh if the nodes aren't able to register with the cluster and start taking pods.
So ideally i'm looking for a health check that the ASG will understand and then ideally issueing an instance refresh with rollback so if something goes wrong it backs out to the safe launch template (and the older AMI).
So ideally i'm looking for a health check that the ASG will understand and then ideally issueing an instance refresh with rollback so if something goes wrong it backs out to the safe launch template (and the older AMI).
Chris Washover 2 years ago
Hey folks - seeing some weird behavior within an EKS cluster that started happening recently. It involves not being able to properly attach cluster role/service account/cluster role binding stuff to our Ambassador pods so they can call the cluster API and start up properly. (This is in an older v1.21 cluster) This has worked fine for over a year and now any new pods brought in fail the same way and go into backoff. I wrote up the issue here, wondering if anyone else has seen similar behavior or has any idea a workaround or way to remedy it? If we lose the current pods in service or they get rescheduled I am worried all of our Ambassador ingresses will become unavailable. (We are in the middle of an upgrade to 1.24 but in the process of building that cluster in the background.)
Thanks!
Thanks!
Adnanover 2 years ago
Hi all. Is there a way to find out which feature gates are enabled on EKS clusters?
AFAI was able to see, feature gates are not configurable with EKS. But I was wondering how to find out which of them are enabled. I found this in the docs
"The feature gates that control new features for both new and existing API operations are enabled by default."
Does that mean that we can assume all features gates that control new features are enabled? 😄 I know I just repeated what it says but maybe someone can confirm or correct it.
AFAI was able to see, feature gates are not configurable with EKS. But I was wondering how to find out which of them are enabled. I found this in the docs
"The feature gates that control new features for both new and existing API operations are enabled by default."
Does that mean that we can assume all features gates that control new features are enabled? 😄 I know I just repeated what it says but maybe someone can confirm or correct it.