12 messages
Benalmost 2 years ago
Has anyone tried to use cloudflared for kubernetes ingress? My main concern is how to use it with a load balancer because right now it’s all integrated in nginx — can anyone advise on whether it’s possible to use nginx just for load balancing?
rohitalmost 2 years ago
Hi folks, a question I haven't found a solution to:
A customer has vault running in their environment. We will give the customer a helm chart to install on their k8s cluster. Part of the helm install, creates a service-account.yaml for our application.
But the issue we're running into is authentication this service-account to a customer's vault. Until which, our apps will not be able to communicate with vault.
How can this be handled gracefully? Do we ask the customer to create the namespace + service-account for our helm chart before they install it? They would create ns + service account, run the auth commands to give this svca access to vault, and then do a
A customer has vault running in their environment. We will give the customer a helm chart to install on their k8s cluster. Part of the helm install, creates a service-account.yaml for our application.
But the issue we're running into is authentication this service-account to a customer's vault. Until which, our apps will not be able to communicate with vault.
How can this be handled gracefully? Do we ask the customer to create the namespace + service-account for our helm chart before they install it? They would create ns + service account, run the auth commands to give this svca access to vault, and then do a
helm install ?
lorenalmost 2 years ago
Hey folks, I have something of a dumb question... I've never really used Kubernetes before, and a lot of the terminology still makes no sense to me. I inherited a terraform module managing AWS EKS, and using the helm provider to provision a "helm_release". I think there is a race condition here that I'm trying to confirm. So, the dumb question is, what exactly is a "helm release" doing? And, does it require a working/functional node group to succeed?
Aditya PRalmost 2 years ago
Hi Guys just a suggestion from the community here, we are trying to shift to gitops and need a CD tool.
which one is better to use flux or argo CD? i saw this online but theres a mixed response. Any thoughts?
which one is better to use flux or argo CD? i saw this online but theres a mixed response. Any thoughts?
jaysunalmost 2 years ago
hey all, i have some questions around best practices when using bottlerocket + karpenter.
context:
• i have moved all of the karpenter nodepools to bottlerocket
• i currently have ASG/MNG (managed node groups) created via terraform
• these "base" nodes are not on bottlerocket, since i want to decide which route to go
• karpenter is currently scheduled on those base nodes
questions:
• would it be better to use fargate or managed node groups for these base nodes?
◦ these base nodes are currently on AL2 and i would like to move them to bottlerocket
• some of our "cluster-critical" components are not being scheduled on these base nodes right now.
◦ i think they should be (aws lb, aws ebs, aws efs, coredns, etc.) but some people also say to just schedule ONLY karpenter on these base nodes, and let karpenter-provisioned nodes handle the
thoughts?
context:
• i have moved all of the karpenter nodepools to bottlerocket
• i currently have ASG/MNG (managed node groups) created via terraform
• these "base" nodes are not on bottlerocket, since i want to decide which route to go
• karpenter is currently scheduled on those base nodes
questions:
• would it be better to use fargate or managed node groups for these base nodes?
◦ these base nodes are currently on AL2 and i would like to move them to bottlerocket
• some of our "cluster-critical" components are not being scheduled on these base nodes right now.
◦ i think they should be (aws lb, aws ebs, aws efs, coredns, etc.) but some people also say to just schedule ONLY karpenter on these base nodes, and let karpenter-provisioned nodes handle the
kube-system componentsthoughts?
R
Ritika Kumaralmost 2 years ago(edited)
Hi all, i have been trying to run minikube. i have added alll require permissions too, but its still showing me this. what can be done?
lorenalmost 2 years ago
Balazs Vargaalmost 2 years ago
hello all,
we are using spot instances in our clusters. sometimes we see a lot of node comes up and goes down because the rebalance recommendation. we set that enabled in termination handler. how could I reduce that to not get a new node with signal that will be rebalanced soon ?
we are using spot instances in our clusters. sometimes we see a lot of node comes up and goes down because the rebalance recommendation. we set that enabled in termination handler. how could I reduce that to not get a new node with signal that will be rebalanced soon ?
rohitalmost 2 years ago
Hi everyone, curious about everyone's experience, what is the thought process of creating a helm project and having it run in any kubernetes distribution? What are the pitfalls or issues one could run into when designing a helm project that will "work anywhere"?
jaysunalmost 2 years ago
hey there, curious what yall are you using for container resource rightsizing. we’ve been using kubecost for costs + workload optimization, but I haven’t been a huge fan of their solution
jaysunalmost 2 years ago
basically a tool that tells me I currently have requests + limits for deployments set to X, when it should be much lower (or higher)
jaysunalmost 2 years ago
I think goldilocks was quite popular for a while?