ctr does not read the /etc/containerd/config.toml config file, this config is used by cri, which means kubectl or crictl would use it. The error log http: server gave HTTP response to HTTPS client, shows that the registry is using http, but ctr is trying to connect it using https. So if you want to pull … Read more
An ExternalName service is a special case of service that does not have selectors and uses DNS names instead. You can find out more about ExternalName service from the official Kubernetes documentation: When you want to access a service from a different namespace, your yaml could, for example, look like this: kind: Service apiVersion: v1 … Read more
You could do it via the REST API using the PATCH verb. However, an easier way is to use kubectl patch. The following command updates your app’s tag: kubectl patch deployment myapp-deployment -p \ ‘{“spec”:{“template”:{“spec”:{“containers”:[{“name”:”myapp”,”image”:”172.20.34.206:5000/myapp:img:3.0″}]}}}}’ According to the documentation, YAML format should be accepted as well. See Kubernetes issue #458 though (and in particular this … Read more
Do this: export KUBECONFIG=~/.kube/config:~/someotherconfig kubectl config view –flatten You can then pipe that out to a new file if needed.
Based on this comment , the supported way to list all resources is to iterate through all the api versions listed by kubectl api-resources: kubectl api-resources enumerates the resource types available in your cluster. this means you can combine it with kubectl get to actually list every instance of every resource type in a namespace: … Read more
You can use the ‘describe pod‘ syntax For OpenShift use: oc describe pod <pod-id> For vanilla Kubernetes: kubectl describe pod <pod-id> Examine the events of the output. In my case it shows Back-off pulling image unreachableserver/nginx:1.14.22222 In this case the image unreachableserver/nginx:1.14.22222 can not be pulled from the Internet because there is no Docker registry … Read more
To achieve this you can use PodNodeSelector admission controller. First, you need to enable it in your kubernetes-apiserver: Edit /etc/kubernetes/manifests/kube-apiserver.yaml: find –enable-admission-plugins= add PodNodeSelector parameter Now, you can specify scheduler.alpha.kubernetes.io/node-selector option in annotations for your namespace, example: apiVersion: v1 kind: Namespace metadata: name: your-namespace annotations: scheduler.alpha.kubernetes.io/node-selector: env=test spec: {} status: {} After these steps, all … Read more
One option is to tell kubectl that you don’t want the certificate to be validated. Obviously this brings up security issues but I guess you are only testing so here you go: kubectl –insecure-skip-tls-verify –context=employee-context get pods The better option is to fix the certificate. Easiest if you reinitialize the cluster by running kubeadm reset … Read more
There is a way to pre-bind PVs to PVCs today, here is an example showing how: Create a PV object with a ClaimRef field referencing a PVC that you will subsequently create: $ kubectl create -f pv.yaml persistentvolume “pv0003” created where pv.yaml contains: apiVersion: v1 kind: PersistentVolume metadata: name: pv0003 spec: storageClassName: “” capacity: storage: … Read more
CHECK WITHOUT METRICS SERVER or ANY THIRD PARTY TOOL If you want to check pods cpu/memory usage without installing any third party tool then you can get memory and cpu usage of pod from cgroup. Go to pod’s exec mode kubectl exec -it pod_name -n namespace — /bin/bash Run cat /sys/fs/cgroup/cpu/cpuacct.usage for cpu usage Run … Read more