A Technical I.T./DevOps Blog
Problem scenario
You are trying to fix a Kubernetes problem. You read that you need to check the context to solve your problem. How do you determine what context you are using?
Solution
Run this command:
kubectl config current-context
Or try this command:
kubectl config get-contexts
Another command that may be interesting is this one:
kubectl config view | grep -i context
…
Continue reading “How Do You Find What Context Your Kubernetes Configuration Is Using?”
Problem scenario
You run this command:
kubectl get cluster-info
You receive this error message:
“Unable to connect to the server: dial tcp: lookup ABCDEFGHIJKLMNOPQRSTUVWXYZ123456789.yl4.FQDN.com on 172.55.44.33: no such host”
Solution
Possible solution #1
Ask yourself these three questions:
…
Problem scenario
You created an EKS cluster. But when you open a web browser and go to the API endpoint, you get a 403 forbidden error.
The web browser shows something like this:
kind “Status”
apiVersion “v1”
metadata {}
status “Failure”
message “forbidden: User \”system:anonymous\” cannot get path \”/\””
reason “Forbidden”
details {}
code 403
How do you access the web UI in Kubernetes for the first time?
…
Problem scenario
You want a quick, generic way to install kubeadm on any type of Linux. What should you do?
Solution
Run these commands:
cd /tmp
curl -Lo kubeadm https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubeadm && chmod +x kubeadm
sudo mv kubeadm /usr/bin/
Test it by running this command: kubeadm version
(If you would prefer to use apt commands,
…
Continue reading “How Do You Install kubeadm on Any Type of Linux?”
Problem scenario
You want a quick, generic way to install kubelet on any type of Linux. What should you do?
Solution
Run these commands:
cd /tmp
curl -Lo kubelet https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubelet && chmod +x kubelet
sudo mv kubelet /usr/bin/
Test it by running this command: kubelet –version
(If you would prefer to use apt commands,
…
Continue reading “How Do You Install kubelet on Any Type of Linux?”
Problem Scenario
You have been tasked with finding ways of securing Docker containers, a Docker host, and your network that has Docker containers. How do you harden a Docker container and its related infrastructure (i.e., the Docker network and Docker host)?
Solution
Overview
From a pragmatic perspective we understand that there are exceptions to the recommended practices. (Not the least of which is the rapid rate that technology changes.) The assertions below are recommended practices.
…
Continue reading “How Do You Secure a Docker Container, a Docker Host, and Their Network?”
Problem Scenario
You have some GKE standard clusters that you want deleted. What should you do?
Possible Solution #1 (from the Cloud Shell or with a gcloud command)
1. Delete the instance group of the instance for the cluster you want to delete. To do this in the web UI, go to Compute Engine -Instance Groups. Check the box on the left-hand side and click on “Delete”.
…
Continue reading “How Do You Delete VM Instances from GCP That Pertain to GKE?”
Problem scenario
You run a kubectl command but you get this error:
“could not get token: AccessDenied: Access denied
status code: 403, request id:
Unable to connect to the server: getting credentials: exec: exit status 1″
What should you do?
Solution
The root cause is likely that your .kube directory has an incorrect configuration file.
Possible Solution #1
If you are not using Amazon EKS,
…
Continue reading “How Do You Troubleshoot the kubectl Error “Access denied status code: 403””
Problem scenario
You run a “kops” command but you receive this error:
“unable to infer CloudProvider from Zones (is there a typo in –zones?)”
How do you get the “kops” command to work?
Solution
There is a value and a format that are necessary for your kops’ “–zones” flag.
Determine what region you want to know the zone name for (e.g.,
…
Problem scenario
You are logged into the AWS web console. You try to perform an operation but you get this error:
“AccessDeniedException
User: arn:aws:iam::12345678910:user/jdoe is not authorized to perform: iam:PassRole on resource: arn:aws:iam::12345678910:role/rolename”
What should you do?
Solution
1. Create a role with “EKS” (to create Kubernetes clusters). If you don’t know how, see this posting.
2.
…