At the time of writing, EKS Fargate does not support a driver log for recording to CloudWatch. The only option is to use Sidecar Let’s create a ConfigMap, in which we indicate the name of the EKS cluster, region and namespace: Next, let’s create a service account and a ConfigMap with a configuration file …
Continue reading "AWS – EKS Fargate – Fluentd CloudWatch"
Goal: There are 2 namespaces, they are "kube-system" and "default". It is necessary to run a cron task in the "kube-system" namespace, which will clear the executed jobs and pods in the "default" space. To do this, create a service account in the "kube-system" namespace, a role with the necessary rights in the …
Continue reading "Kubernetes – One role for multiple namespaces"
To save all manifests, create a BASH script: With the following contents: Add the execution bit and run it: After executing in the current directory in the folder "k8s-manifests" will be saved all manifests ordered by namespaces and types.
GCP will be the DNS provider. YOUR_GCP_PROJECT – Replace with the name of your GCP project Create an account: We give him access to the DNS service: We generate the key: Create a secret based on the generated key: Create 2 YAML files for ClusterIssuer. letsencrypt-staging.yml …
Continue reading "GKE – Issuer DNS01"
Installation instructions can be found here. Run: If there is no namespace, then create it. Add the HELM repository and update: Install Cert Manager using HELM:
Installation instructions can be found here. Install HELM locally: Installing Tiller with RBAC enabled Начиная с Kubernetes v1.8+, RBAC включен по умолчанию. Checking: Create Nginx Ingress Controller: If the following error occurs: Error: release nginx-ingress failed: namespaces "default" is forbidden: User "system:serviceaccount:kube-system:default" cannot get resource "namespaces" in API …
Continue reading "GKE – Nginx Ingress Installation Using HELM"
The status "Evicted" means that Pod was "evicted" from the node, as he lacked the resources. This can be observed if you display the following: In order to remove all pods in the status "Evicted", do the following:
To enable CORS in ingress, add the following: * – allows requests from anywhere, replace it with the domain you need
Example manifest for creating a configmap, deployment and service for RabbitMQ manifest.yml
Manifest example for creating deployment and service for PostgreSQL manifest.yml