Questions tagged [azure-aks]

0

votes
0

answer
3

Views

Failed to create a service principal. You can use an existing service principal or try again later

I am trying to create AKS but I receive: Failed to create a service principal. You can use an existing service principal or try again later. The official Azure support forewords me here.
Georgi Yankov
1

votes
2

answer
283

Views

Mounting a copy of a managed disk on AKS

I am trying to create a pod that uses an existing Managed Disk as the source for the disks that are mounted. I can attach the managed disk directly, but I can't make it work via PV and a PVC. These are the files I'm using pvclaim.yml apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mongo...
Michael B
1

votes
0

answer
22

Views

azure cni NATing to DST node address

I have a two node cluster in AKS using advanced networking and the azure CNI network plugin. The VNET that the cluster is installed into already exists. The cluster only has two nodes with a few pods deployed. Our problem is that during pod to pod connectivity, the clients pod SRC ip address seems t...
Baldey
1

votes
1

answer
120

Views

Helm with AKS and ARM Templates

I would like to deploy my services in AKS with helm using Azure resource manager templates. How can I integrate helm with ARM templates?
akashkaveti
1

votes
0

answer
71

Views

How to get round-robin load blancer on Azure Container Services (AKS)

From everything I've read, my LoadBalancer service should be random. The sessionAffinity is None and I assume it's using the default iptables random algorithm. Despite this, I've noticed that the actual affinity is sticky to the client IP. Only after some time has past will a different pod be used f...
Novaterata
1

votes
0

answer
82

Views

Use istio with aad-pod-identity

Trying to set up istio in Azure AKS together with aad-pod-identity: https://github.com/Azure/aad-pod-identity How it works is that our pods requests a token from: http://169.254.169.254/metadata/identity/oauth2/token?resource=https://vault.azure.net and that call should hit the nmi daemonset from aa...
Steinar Dahl
1

votes
0

answer
203

Views

AKS - Kubernetes service, helm upgrade get failed on release pipeline

Created Azure devops project to deploy on aks with 'Bring your own code' options it has created CI, CD pipeline by default with helm charts. Pipeline build got succeed with helm charts, but in release CD got error related to helm upgrade, not able to get any clue on same. I am newbie to helm charts...
PradipB
1

votes
1

answer
275

Views

Tracing Spring Boot Micro services with Jaeger deployed on AKS

I had setup Jaeger in Azure Kubernetes Cluster in monitoring namespace and I deployed my container which is instrumented with jaeger client libraries in monitoring domain. The service is up and running and I'm able to see the traces using actuator when I specify the :/actuator in the browser. But th...
schilaka
1

votes
1

answer
91

Views

Assign aksapp.io to valid DNS name

I have created a web service in azure kubernetes through Visual studio and when i opened my site from the below url its working. URL is : http://myapp.xxxxxx.xxxxxx.aksapp.io/ Now i want to assign a valid DNS name i.e. abc.com to open my web service/Website. So is it possible that i can open my serv...
Ravinder Kamboj
1

votes
0

answer
186

Views

Azure Application Gateway returns 502

Our platform has an Azure Application Gateway configured with a number of back services hosted in an AKS cluster using the Azure Application Gateway ingress controller. One of the services is our core identity service eg https://login.mydomain.com. I can browse directly to this url and the login pa...
Brett G
1

votes
2

answer
172

Views

AKS Created Service Principal Password Expiry

I created my AKS cluster in the Azure portal using the 'Create Kubernetes cluster' functionality and allowed it to create a new Service Principal. I started to wonder about expiry of the credentials this principal uses. Hoping to avoid an issue with K8s talking to Azure on credential expiry, I star...
VengerGB
1

votes
2

answer
135

Views

AKS with Static IP and Custom Cert / AKS Ingress issues

Well, for the last 2 days I battled this documentation: https://docs.microsoft.com/en-au/azure/aks/static-ip and https://docs.microsoft.com/en-au/azure/aks/ingress-own-tls First of all I ensured that I had my aks k8s cluster upgraded to 1.11.5, so there is no question about having the static IP in...
user3053247
1

votes
1

answer
73

Views

Is there a configuration option in azds.yaml to increase the timeout during azds up?

The 'azds up' command times out before all the steps are done. I have a large Angular app that typically takes 5 minutes+ when npm install is executed. When I execute azds up this is what I get: Step 1/9 : FROM node Step 2/9 : ENV PORT 80 Step 3/9 : WORKDIR /app Step 4/9 : COPY package*.json ./ Step...
MrTouya
1

votes
1

answer
95

Views

Pass Annotation (To create Private load balancer ) to helm while installing ISTIO on Azure Kubernetes service

Hi I am trying to install the ISTIO with helm on Azure kubernetes service. I wanted to pass below value for istio so that it will request a private ip on azure annotations: {'service.beta.kubernetes.io/azure-load-balancer-internal': 'true'} can some one let me know how i can pass this in the he...
krishna m
1

votes
1

answer
69

Views

Deploying node to AKS cluster using azure-sdk-for-python

I have so far been unable to find any azure library for creating a node within an AKS cluster. I can use the azure cli, but my goal is to use python. I can create the resource and resource groups using the azure python SDK - resource_groups.create_or_update('azure-sample-group', resource_group_para...
ghenzi83
1

votes
1

answer
74

Views

Kubectl get events says there are no resources

I am using Azure kubernetes service(managed servcie). Kubectl get events -namespace abc says there are no resources. I used get the events all the time, on the same cluster and suddenly it returns there are no resources. Can some one help out ? (This is a cluster which is currently having lots of...
krishna m
1

votes
1

answer
51

Views

Unable to get real remote IP in AKS with advanced networking

We have two AKS clusters for different environments. Both use a Nginx server as a custom ingress. By that I mean that it acts like an ingress, but it is just a normal Nginx deployment behind a service. There are several good reasons for that setup, the main one being that ingress did not exist in AK...
ewramner
1

votes
0

answer
50

Views

how to avoid encoding in kubernetes http liveness and readiness probes?

My application has a health check at the endpoint /service?cmd=watchdog and when I try to configure a HTTP liveness probe in kubernetes, the above endpoint is getting encoded to utf-8 as it gets applied to the pods (when I do a describe on the pod), the health check is being applies as /service%3fcm...
Revanth Reddy
1

votes
2

answer
82

Views

AKS Using Terraform - Error waiting for completion

I have been trying to deploy aks cluster using terraform. Below is my template file: main.tf locals { cluster_name = 'aks-${random_integer.random_int.result}' agents_resource_group_name = 'MC_${var.resource_group_name}_${local.cluster_name}_${azurerm_resource_group.k8s.location}' } res...
Anshul Verma
1

votes
0

answer
54

Views

How to configure kubernetes_sd_configs to discover services in a different cluster

I created a job in prometheus with kubernetes_sd_configs to discover services automatically without the need to declare them manually(Cadvisor, nodeexporter, KubeStateMetrics). i am using helm chart for prometheus. i tried this job and it can only discover the services in the cluster itself(sameclus...
auau
1

votes
1

answer
39

Views

Azure AKS - I disabled addon-http-application-routing but pods, deployments, services and stuff is till in the cluster

I have a brand new kubernetes cluster on AKS. I disabled the addons with the azure-cli as described in documentation: az aks disable-addons --addons http_application_routing --name myAKSCluster --resource-group myResourceGroup --no-wait The portal shows no domain associated to the cluster. But with...
AlbertoB
1

votes
1

answer
67

Views

Is it possible to use Terraform to recycle the azurerm_kubernetes_cluster service_principal:client_secret only

I'm trying to recycle the service_principal:client_secret value in an AKS Cluster which was provisioned by terraform using the documentation on azurerm_kubernetes_cluster. But, when I change the value of client_secret from 00000000000000000000000000000000 to 00000000000000000000000000000000new= for...
Lawrence Wilson
1

votes
2

answer
47

Views

Azure CLI aks install cli permission denied and sudo does not work

I'm trying to run az aks install-cli but I get an error that says Downloading client to '/usr/local/bin/kubectl' from 'https://storage.googleapis.com/kubernetes-release/release/v1.14.0/bin/linux/amd64/kubectl' Connection error while attempting to download client ([Errno 13] Permission denied: '/usr/...
Kathrine Stack
1

votes
1

answer
20

Views

Is using NSG on AKS advanced networking subnet supported and what are the ports needed to be open between nodes and master?

What port for TCP/UDP communication needs to be open between the nodes and the master of azure kubernetes services, when the nodes are in a subnet that uses advanced networking? For security reasons we have to use a Network Security Group on every subnet that is connected to the onpremises network v...
Benedikt Althaus
1

votes
1

answer
29

Views

All available load balancers have exceeded maximum rule limit 148

We are not able to provision a new namespace because we have this error message: all available load balancers have exceeded maximum rule limit 148 Error creating load balancer (will retry): failed to ensure load balancer for service dev-mars50/ingress-nginx: selectLoadBalancer: cluster(kubernetes) s...
Christophe Chirat
2

votes
1

answer
123

Views

AAD authentification in AKS

I am using Microsoft.AspNetCore.Authentication.AzureAD.UI package. And simple authentication in Startup.cs: services.AddAuthentication(AzureADDefaults.AuthenticationScheme) .AddAzureAD(options => Configuration.Bind('AzureAd', options)); Everything works fine if I publish application to Azure Web App...
Alexej Sommer
1

votes
1

answer
469

Views

Azure Kubernetes (AKS) does not release public IPs

We are using managed Kubernetes in Azure (AKS) and have run out of public IP addresses. We only need one, but AKS creates a new public IP every time we deploy a service and it does not delete it when the service is deleted. For example: apiVersion: v1 kind: Service metadata: name: somename spec: po...
ewramner
1

votes
1

answer
216

Views

Cannot list Nodes or namespaces

When I try to run kubectl get namespaces or kubectl get nodes commands etc. I am getting this error (I am using Azure Kubernetes Service). I would appreciate any help with this issue. Error from server (Forbidden): namespaces is forbidden: User 'XXXXXXXXXXXXXX' cannot list namespaces at the cluster...
krishna m
1

votes
1

answer
246

Views

Kubernetes dashboard gives “Unauthorized” when using proxy

I'm trying to work with a Kubernetes dashboard on a newly set up AKS cluster with Kubernetes 1.9.9 deployed on Azure. I run kubectl proxy and open http://localhost:8001/api/v1/namespaces/kube-system/services/kubernetes-dashboard/proxy/#!/overview?namespace=default to look at the dashboard. I get a m...
worldsayshi
1

votes
2

answer
288

Views

Kubernetes client node

I am using AKS(Azure k8),need k8s node.js client for this options Kill pod by name Change deployments pods count Restart all deployments pods I need only for this functions, witch lib is best for this? Please also provide examples using lib for some of this functions. Thank you UPDATE I liked th...
Grigor
1

votes
1

answer
132

Views

Can AKS be configured to work with an Azure private DNS zone?

I'm porting an application to Azure that was orignally developed for Amazon's Fargate facility. A feature of Fargate is being able to create a private DNS zone and have the service names that it creates automatically register with this zone. This allows any Fargate service, as well as other VMs in t...
user3280383
1

votes
1

answer
0

Views

how to get kubectl configuration from azure aks with python?

I create a k8s deployment script with python, and to get the configuration from kubectl, I use the python command: from kubernetes import client, config config.load_kube_config() to get the azure aks configuration I use the following az commands: az login az aks get-credentials --resource-group [res...
מנדי ניימרק
1

votes
2

answer
0

Views

Kubernetes Parallelize multiple sample in directory

I was able to get a kubernetes job up and running on AKS (uses docker hub image to process a biological sample and then upload the output to blob storage - this is done with a bash command that I provide in the args section of my yaml file). However, I have 20 samples, and would like to spin up 20 n...
Tony
1

votes
1

answer
0

Views

Kubernetes runAsUser create home directory

I've been tasked with getting our k8s deployment running as non-Root. A 3rd party library we use needs the home directory for the user to exist and have write access. I've tried using initContainers but any changes I make are essentially discarded, and of course I don't have permissions on the real...
Novaterata
1

votes
1

answer
0

Views

How to fix 'container runtime is down,PLEG is not healthy'

I have aks with one kubernetes cluster having 2 nodes. Each node has about 6-7 pod running with 2 containers for each pod. One container is my docker image and the other is created by istio for its service mesh. But after about 10 hours the nodes become 'not ready' and the node describe shows me 2 e...
Ask
1

votes
1

answer
0

Views

Azure DevOps > Helm > Azure Kubernetes Deployment - Deletes Azure File share when deployment is deleted

TL;DR My pods mounted Azure file shares are (inconsistently) being deleted by either Kubernetes / Helm when deleting a deployment. Explanation I've recently transitioned to using Helm for deploying Kubernetes objects on my Azure Kubernetes Cluster via the DevOps release pipeline. I've started to see...
Matt Woodward
1

votes
1

answer
0

Views

Error creating AKS cluster in ARM with service principal in MS Graph

I'm using the Resource Manager REST API to deploy an AKS cluster. To create the app and service principal it needs, I'm using Microsoft Graph (not Azure AD Graph). The problem I'm running into is that there seems to be a lag between when I create the app and SP, and when they become visible in ARM....
Hong Ooi
1

votes
1

answer
37

Views

How to achieve the RBAC functionality in Azure kubernetes service?

As of now what i did is that, Created kubernetes cluster and enabled RBAC in web UI while creating the cluster.Inside the cluster i created a namespace named as development1.Now i wanted to give access to a user on some kubernetes resources which are belongs to development1 namespace.For that i crea...
GayathriB
1

votes
3

answer
1.2k

Views

Custom domain and Azure Kubernetes with ingress controller AKS

I've followed this doc from microsoft Deploy an HTTPS ingress controller on Azure Kubernetes Service (AKS) and have successfully deployed a managed Kubernetes cluster (AKS) with nginx ingress controller. it works with https as expected. However, the domain that responds of the format subdomain.east...
ossentoo
1

votes
2

answer
321

Views

How to configure an ASP.NET Core multi microservice application and Azure AKS ingress routes so that it doesn't break resources in the wwwroot folder

I have two ASP.NET Core apps. One is a Headless CMS (API), and the other one is a Razor Pages blog front-end (with a REST client that communicates with the Headless CMS/API). I then have an Azure AKS cluster. In it I have an ingress resource with the following routes (as per the instructions from th...
PussInBoots

View additional questions