Questions tagged [kubernetes]
Kubernetes is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the users declared intentions. Using the concepts of "labels" and "pods", it groups the containers which make up an application into logical units for easy management and discovery.
2,773 questions
Score of 0
1 answer
22 views
Unable to add Prometheus rule
I'm unable to add the following alert rule to Prometheus alert rules. Any idea what's wrong with this alert rule?
- alert: KubernetesPodNotHealthy
expr: sum by (namespace, pod) ...
Score of 0
0 answers
22 views
graphana dashboards show no data for "Pods Memory usage" and "Pods CPU usage"
I'm unable to see data for PODS memory, network and cpu usage under Prometheus grafana dashboard.
I'm running this kubernetes cluster inside minikube on windows.
Here is the query..
sum (rate (...
Score of 1
0 answers
36 views
AKS/K8S: Increase Windows container C: filesystem size
We are migrating a container workload to AKS which previously ran onprem under Docker Swarm.
The containers are spun up, process jobs from a queue, post their results to a service elsewhere on the ...
Score of 0
0 answers
45 views
Map uid/gid of mount to specific uid/gid in kubernetes
Kubernetes supports user namespaces, and apparently supports id-mapped mounts. Tools like podman allow for using id-mapped mounts via the idmap option to --mount, but there doesn't appear to be ...
Score of 0
1 answer
145 views
How to get Calico CNI working if I already removed CNI (flannel)
I am trying to familiarize myself with Kubernetes internals so I started with a simple 1-node setup through nixos's roles. It, by default, installs flannel CNI plugin.
The thing I wanted to do is
...
Score of 0
0 answers
87 views
Vault Agent Injector: How to render secrets to a path without overwriting existing files there?
I'm trying to deploy PgAdmin4 to Kubernetes. I have a custom config_local.py that contains an oauth2 client secret. I have the contents of config_local.py stored in Vault. Ideally, I'd have the ...
Score of 1
0 answers
88 views
Traefik IngressRoute not working
I do have the follwing Service :
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: whoami
name: whoami
spec:
replicas: 1
selector:
matchLabels:
app: whoami
...
Score of 0
1 answer
108 views
kube-api doesn't resolve correctly webhook service name using internal dns
I have an issue with kube-apiserver which try to resolve an audit-log webhook service name using external DNS (192.168.2.23 is an external DNS server from another LAN defined in /etc/resolv.conf) ...
Score of 0
0 answers
34 views
Shared secrets with CSI secret sync enabled
I would be interested to understand how to handle shared secrets used by many resources (e.g. deployments) by using CSI Secret Provider Classes.
In this moment I have many Helm Releases in the same ...
Score of 0
0 answers
21 views
Asking advice on using PBR with kubernetes
My cluster info :
Kubernetes version: 1..3.7
Deployment: bare metal
Installation method: kubesprayHost.
OS: Rocky Linux 9
CNI : Calico v3.30.5 vxlan, with ipvs later nftables. with strictARP.
CRI : ...
Score of 0
0 answers
38 views
Deploying a non-http service with helm_release ingress-nginx in terraform
I want to deploy additional services, such as openssh-server, into helm_release ingress-nginx, which I've configured in a terraform/opentofu file.
I've found resources and questions like https://...
Score of 2
2 answers
269 views
Harbor fails to list artifacts: "400 OK" error in UI
I am using
Harbor version: v2.14.1-f1393edc
Harbor helm chart version: 1.18.1
I deployed Harbor and created a Docker Hub proxy cache. I am using Nebius object storage which is s3-compatible storage.
...
Score of 0
0 answers
44 views
Grafana on Kubernetes - Notification duplicate in a HA setup
I've set up Grafana by deploying the official helm chart with ArgoCD. I have 3 grafana pods running. In order to achieve HA and to avoid having duplicate notifications, I set up the unified_alerting ...
Score of 0
0 answers
49 views
NetworkPolicy blocking traffic due to SNAT when using F5 LoadBalancer with NodePort (externalTrafficPolicy: Cluster)
I am facing a networking issue in my Kubernetes cluster involving an external F5 Load Balancer, NodePort services, and Network Policies. Here is my current setup:
The Infrastructure:
Ingress: ...
Score of 0
1 answer
164 views
kubernetes: how to see this debian container?
Fast question. Nerdctl report this container running
nerdctl --namespace k8s.io image ls|grep -i debian
debian 13122025 2d9f95f25185 8 minutes ago linux/...