kube-cluster | Deploy Kubernetes clusters to AWS using kubeadm | Infrastructure Automation library

I'm trying to setup a kubernetes cluster in virtualbox. I followed https://kubernetes.io/blog/2019/03/15/kubernetes-setup-using-ansible-and-vagrant and so far everything seems to work.

But I cannot get the dashboard application to work. I followed the guide from https://github.com/kubernetes/dashboard and https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md but I cannot access the Web-UI from my host machine.

My whole setup can be found here: https://github.com/sebastian9486/v-kube-cluster/tree/feature/deploy-dashboard

My Vagrantfile is in src/main/kube-cluster and my ansible playbooks are in src/main/kube-cluster/kubernetes-setup. These parts so far work.

In src/main/kube-cluster/kubernetes-setup/deploy/ is the dashboard.sh to deploy the dashboard application. There may be some more elegant way, but for know I try to just get it running.

Installation looks okay. Output from my dashboard.sh

I've setup a kubernetes cluster using vagrant and virtual vbox. So far everything seems to wo work fine.

Next step was to deploy the dashboard application using the guide from https://github.com/kubernetes/dashboard (and the linked "Create An Authentication Token (RBAC)" section).

Now I run into an issue. Since I setup all nodes as virtual machines I need to deploy my application to a VM. But how can I access these services from my host machine via browser?

Running kubectl proxy & inside the VM does not do the trick to access from my host.

My whole setup is available on Github: https://github.com/sebastian9486/v-kube-cluster

• src/main/ -> Start / Stop Scripts
• src/main/kube-cluster/ -> Vagrantfile, Ansible playbooks and script to deploy dashboard application

Output from my dashboard.sh (the IP addresses are from my vagrantboxes)

I've been struggling with this all weekend, and I now on my knees hoping one of you geniuses can solve my problem.

I short: I have an ingress-nginx controller (Image: nginx/nginx-ingress:1.5.8) with whom I'm trying to achieve a self-signed mutual authentication.

The https aspect works all fine, but the problem I'm having (I think) is that the ingress controller reroute the request with the default cert and the ingress validates with the default CA(because it can't find my CA).

So.. Help!

Steps I've gone through on this cluster-f*** of a journey (pun intended):

I've tested it in a local Minikube-cluster and it all works like a charm. When I exec -it into the ingress-controller-pod and cat the nginx.conf for both my clusters (Minikube and Azure) I did find large differences; hence I just found out that I'm working with apples and pears in terms of minikube- vs azure-k8s nginx-ingresses.

This is the ingress setup that worked as a charm for my minikube cluster (the ingress I'm using is more or less a duplicate of the file you'll find in the link): https://kubernetes.github.io/ingress-nginx/examples/auth/client-certs/

In addition i found this which in a long way describes the problem that I'm having: https://success.docker.com/article/how-to-configure-a-default-tls-certificate-for-the-kubernetes-nginx-ingress-controller From the link above the solution is simple; nuke the ingress from orbit and create a new one. Well.. Here's the thing, this is a production cluster and my bosses would be all but pleased if I did that.

Another discovery that I made whilst "exec -it bash"-roaming around inside the Azure-ingress-controller is that there is no public root cert folder (/etc/ssl/) to be found. Do not know why, but though I'd mention it.

I've also discovered the param --default-ssl-certificate=default/foo-tls, but this is a default. As there will be other needs for different client-auths later I have to be able to specify dynamic CA-certs for different ingresses.

I'll past my nginx.conf that I think is the problem below. Hoping to hear back from some of you because at this point in time I'm thoroughly lost. Hit me up if additional information is needed.

I have a simple docker-image based on nginx:alpine. On my local docker-deamon I can start it without any problems. But when I deploy it via k8s, then the container fails to start with the following error:

2020/03/04 08:01:38 [emerg] 1#1: open() "/var/run/nginx.pid" failed (13: Permission denied)
nginx: [emerg] open() "/var/run/nginx.pid" failed (13: Permission denied)

Has anybody an idea what happend? I bet, that there is something wrong with the k8s-cluster.

And my dockerfile looks like this:

I am trying to use kuberenets as cluster manger for spark. I also want to ship the container logs to splunk. Now I do have monitoring stack deployed (fluent-bit, prometheus etc)in the same namespace and the way it works is if your pod has a certain environment_variable it will start reading the logs and push it to splunk. The thing I am not able to find is how do I set a environment variable and populate it

i found that apparently in Ubuntu 18 the whole DNS-setup is very confusing. Im connected through an pritunl VPN to my kube-cluster and im trying to use the kube-dns server. So i first tried to use https://github.com/jonathanio/update-systemd-resolved to update my DNS settings with the pushed DNS server from the VPN, but it seems that currently something is broken (https://github.com/jonathanio/update-systemd-resolved/issues/64). As im ok with hard-coding the DNS ip somewhere, i tried putting the IP in some places: installing resolvconf and putting it in /etc/resolvconf/resolv.conf.d/head, putting it in /etc/systemd/resolved.conf, of course also trying to put it directly into /etc/resolv.conf, as im a naiv person. After restarting some things a couple of times, i reached an even more confusing state:

I think just a quick sanity check, maybe my eyes are getting confused. I'm breaking a monolithic terraform file into modules.

My main.tf call just two modules, gke for the google kubernetes engine and storage which creates a persistent volume on the cluster created previously.

Module gke has an outputs.tf which outputs the following:

I'm trying to access a locally hosted service from within a Minikube cluster running on Hyper-V. In this question the user made use of the VirtualBox-provided IP (10.0.2.2) to loop back to the host IP.

Is there an equivalent IP for Hyper-V?

I'm running Hyper-V on Windows 10 Pro with Minikube v0.28.2.

I have installed Minikube and am following the "Hello minikube" tutorial: https://kubernetes.io/docs/tutorials/stateless-application/hello-minikube/#create-a-minikube-cluster

I have started minikube using the Hyperv driver:

minikube start --vm-driver="hyperv" --hyperv-virtual-switch="New Virtual Switch" --alsologtostderr

When I try to build an image using the Minikube Docker daemon, get the following error:

Step 1/4 : FROM node:6.9.2

Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on 172.24.209.161:53: server misbehaving

What is going wrong here, and how can I fix it?

Here is some info about my environment:

minikube version: v0.23.0

OS: Windows 10 17_09