Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you may not be able to execute some actions.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

connect to kind cluster from inside and outside

B
Burma last edited by
Consider this:

There's a linux machine running on azure.

It has apache installed and browing to mymachine.com works, webpage is displayed. All ports are opened in the azure portal "networking settings".

Now there's a k8s kind cluster running on the machine too with a rabbitmq deployment as NodePort service port 32254.
```
kubectl get svc
```
- kubernetes ClusterIP 10.96.0.1 443/TCP 3h17m
- ng ClusterIP 10.96.104.61 80/TCP 68m
- rabbitmq NodePort 10.96.8.15 5672:32740/TCP,15672:32254/TCP,15692:31802/TCP 143m
- rabbitmq-nodes ClusterIP None 4369/TCP,25672/TCP 143m
All good, but I'm unable to access the rabbitmq cluster from outside.

The ip address of the control plane is 172.18.0.3, so this command works:
```
curl http://172.18.0.3:32254
```
But connecting from outside does not work:
```
curl http://mymachine.com:32254 
```
So how do we forward from the public-ip of a VM in azure to an internal IP inside the VM?
Reply Quote 0
1 Reply Last reply
morde last edited by

you add the server to balancer then create NAT rule to forward the packet to specific port on your VM.

https://argonsys.com/microsoft-cloud/library/manage-port-forwarding-for-backend-pool-with-azure-load-balancer/
Reply Quote 0
1 Reply Last reply

2
Posts

0
Views

Suggested Topics

R

What is the best tool for the release management for Kubernetes in a small startup?
Continuous Integration and Delivery (CI, CD) • kubernetes release management spinnaker • • Raziyah00

2

0
Votes

2
Posts

1
Views

Z

GitLab is a solid good option for most of this (with the appropriate plan level - I don't think the CE one has everything). It's a single-pane-of-glass for your code, security, CI/CD, metrics, etc. You can create and deploy to kubernetes clusters from it. You can have multiple environments and it'll store the secrets for you to customize them. It will monitor your kubernetes apps and show deployment marks so you can see if they get better/worse performance wise before and after deployment. You can do multi project pipelines and actions in parallel to chain things together and get things done fast. It supports review apps and canary deployments. It has rollback buttons and tracks every release you do. It also has a good API, so I assume you could hook up prometheus + alert manager and make the API trigger a rollback in response to an alert. Spinnaker has https://www.armory.io/ if you're willing to pay a bit (not sure how much). But that should make it easy to use / effective. I'm not amazingly fond of Jenkins, but it can do everything. Its hard to maintain over time / with bigger projects and teams though. But it can be customized to do anything. You may want to look into https://jenkins.io/projects/blueocean/ (the blue ocean plugin) for CD if you're leaning this way - it looks fairly impressive and I've heard good things.
S

Migration to SQL Database using Transaction Replication - down time?
SQL, Database Testing • sql server migration azure transac languagetional re • • shizuka

2

0
Votes

2
Posts

0
Views

If you configure replication, replicate to the external site, keep the replication going until a quiet time then stop it and reconfigure the destination as not replicated. There are some limits replicating to Azure, see https://docs.microsoft.com/en-us/azure/sql-database/replication-to-sql-database to see if they apply to you. There are also some differences between on-prem SQL Server and Azure SQL, they are minimal-to-nothing for most simple databases these days but do check the documentation (and test the application thoroughly before switching over) to make sure they don't affect you. There will be a small amount of downtime as you stop replication and reconfigure your application to point to the new database, but that should be minimal. Obviously you'll want to test this out: point a second instance of your application at the target DB and test thoroughly. Once you are convinced all is well wipe it down (as it will now be out of date) and build a new replica (or have the new replica building while you perform the testing). You may need a couple of iterations of this do->test->fix->do loop if there are problems with the replication or your app reconfiguration, or you need to make changes to account for differences in Azure SQL.
Y

Kubernetes readinessProbe: do health-checks run forever?
Continuous Integration and Delivery (CI, CD) • kubernetes • • yajahira

2

0
Votes

2
Posts

0
Views

A

1 - yes, containers are left there forever. Think of readiness probe as a breaker, if the app gets overwhelmed it cuts the traffic to the pod until it's ready to get traffic again. 2 - no, by itself, readiness probes only stop/start traffic to a pod. To signal kubernetes that the pod needs to be restarted use liveness probes. 3 - yes, as per answer 1. Readiness probes are a way of letting kubernetes know that the pod can handle traffic or if they need a break. probe: startup probes - waits for the app to start use case: apps that need some time before start serving traffic, for example, building assets on start, pre-fetching assets, building caches, etc. liveness probes - checks if the app is healthy use case: check if the app is running, if the app has exited due to an exception and needs to be restarted, or if the app is running but can't serve requests readiness probes - checks if the app can handle traffic use case: apps that can arbitrarily stop receiving traffic, e.g. maintenance mode, data intensive apps that can degrade in performance and need a way to You should use liveness and readiness probes always, use startup probes when your app takes more time than usual to start. Example: python app with postgres database: liveness probe: get /health status 200 readiness probe: get /health status 200, timeout 1s the /health endpoint queries the database using a simple query (select id, email from user limit 1) and returns a json if the pod loses connectivity to the database, the liveness probe will fail and the pod will be restarted. if the database is being overwhelmed by requests, the query will take more than 1s, the probe will mark the pod as not ready, preventing that additional requests reach the database and preventing it from progressing from overwhelmed to crashed. once the database is able to catch up and starts returning queries in less than 1s, readiness probe will mark the pod as healthy again and kubernetes will resume serving requests to the pod.
G

call container B inside container A using docker networks
Continuous Integration and Delivery (CI, CD) • docker networking • • guilherme

2

0
Votes

2
Posts

1
Views

T

If you have a user-defined network set to bridge, you can access other containers by their container's name which is automatically as hostname for containers inside same network. So from containerA you could do ping containerB without problems. In your case it would be changing the setting to containerB_name:(container B needed port)/route
S

How do you monitor Node Micro services running inside of Docker Containers?
Continuous Integration and Delivery (CI, CD) • docker monitoring microservices • • shizuka

2

0
Votes

2
Posts

2
Views

One commonly used solution(not container-specific) is to build a health check API within your service which tests all the functionality you want monitored (say availability of DBs and other dependencies) and the app itself, and returns some expected output (say < service >: < status >). You can then trigger alerts from a monitoring service like Nagios if this API does not return an ok for all the services. This will also fail if the microservice itself is unhealthy. This approach also has the benefit of running a functional test of your service (by hitting an API end point). This approach does not cover some edge cases though - eg. the microservice runs (but particular APIs fail).
F

SSH to VM inside Docker container
Continuous Integration and Delivery (CI, CD) • docker vagrant • • fbio

2

0
Votes

2
Posts

1
Views

It looks like issue with ssh timeout is related to nested visualization restrictions. Thus, despite of enabling visualization in BIOS VM in container will still not be provisioned. I found similar answer here. Once I started Docker container on host OS, issue has gone away and VM successfully provisioned.
R

How To Determine Min/Max Resources For Kubernetes Pods?
Continuous Integration and Delivery (CI, CD) • kubernetes • • rosemadder

2

0
Votes

2
Posts

1
Views

A

The DevOps toolkit 2.3 book by Victor Farcic goes into some detail on this. What You Should Understand You as a developer specify whatever requests/limits you like initially. These values have no baring on reality. In order to get "real" values, you must monitor your application's real resource usage. This is best done through a monitoring tool like prometheus, instana, datadog etc. E.g. in instana, I can see that I have 512MB set up for a pod's requests, 2G for its limits, but the pod only has one container currently taking 57MB. But I can't just use 60MB as a value now... I need to load test my application and see how it behaves under real/stressed circumstances. Then you review these values and you can adjust the requests/limits accordingly. Determine Usage Without a Monitoring Tool You can use some kubectl commands to get these values as a one off (it's annoying at scale). Here is an example of a different app I have running. Notice that requests/limits are set to 1/4-2 CPUs and 4G-8G memory. But the container is really using almost no CPU and 1.198G memory. If I load tested this and those values did not move up, I would need to change them. But I have load tested it and know that they would go up towards these realistic requests/limits, so it's okay. $ kubectl describe pod -n gazelle gazelle-ws-0-0-1-6d67cffcf-lvlhk ... Limits: cpu: 2 memory: 8Gi Requests: cpu: 250m memory: 4Gi $ kubectl top pod gazelle-ws-0-0-1-6d67cffcf-lvlhk -n gazelle --containers POD NAME CPU(cores) MEMORY(bytes) gazelle-ws-0-0-1-6d67cffcf-lvlhk gazelle-ws 5m 1198Mi
C

Trigger Transact-SQL in Azure SQL Database and Azure Web Apps
Software Programming • sql server asp.net azure webforms azure sql • • courtlanda

2

0
Votes

2
Posts

0
Views

Documentation says you can create Triggers in Azure SQL https://docs.microsoft.com/en-us/sql/t-sql/statements/create-trigger-transact-sql?view=sql-server-2017 I don't think you need to adjust the architecture of your app in that sense at least.On the other hand, when using Azure SQL Server, you need to change your performance monitoring and analysis strategy, how to find Locks, queries that are blocked etc... Think of using Azure application insights to perform part of the analysis that would make a DBA having the SQL Server on a server inhouse https://docs.microsoft.com/en-us/azure/sql-database/sql-database-intelligent-insights
R

New Kubernetes Cluster: remote error: tls: bad certificate
Continuous Integration and Delivery (CI, CD) • kubernetes • • rielyn

2

0
Votes

2
Posts

1
Views

R

From the documentation you linked, it states, The referenced file must contain one or more certificates authorities to use to validate client certificates presented to the API server. This means your client's certificate is invalid because either: The server doesn't trust the client's signing certificate authority The client doesn't trust the server's signing certificate authority The certificate's DN doesn't match the hostname The most likely scenario is that 1. The server doesn't trust the client's signing certificate authority since the server doesn't verify DNS for the client certificate and the error indicates this is a remote error not on the client. Most likely this means the client's certificate was signed on the client itself, not on the server. You will need to make sure to generate the certificate on the client, have the server sign it and then transfer the certificate back to the client. Otherwise, you need to add the server's CA certificate to the Client's keystore.. You can ensure you do not have a DNS/DN mismatch by setting hosts file entries.
T

Determine the URL for a SCM trigger from inside the build
Continuous Integration and Delivery (CI, CD) • jenkins pipeline • • terrea

2

0
Votes

2
Posts

1
Views

K

Recently, I used this code snippet (that's part of a regular groovy script located inside the 'vars/' directory) to get the project URL as set in the pipeline project config. Hope this helps. scm.getUserRemoteConfigs()[0].getUrl() FYI, it does not expect to have any SCM operation to have taken place. For more info, refer to this SO thread. Hopefully, am not violating the devops stackexchange ground rules with this reference to stack overflow.
G

kubernetes cluster node with 4cpu can't hold two pods with 2cpu
Continuous Integration and Delivery (CI, CD) • kubernetes google compute engine • • gionna

2

0
Votes

2
Posts

1
Views

M

It seems like you found your answer but let me add a little color since we went through the same thing. Your yaml for the pods can have both a request and limit for both CPU and memory. Since you are discussing CPU here I'll stick with that. What you can do in order to utilize your resources efficiently is set your resource request to the minimum requirement to get scheduled. Say 1.8. But also set the limit to a higher limit, say 2 or more. What this will do is make your pod be schedulable on the machine and if CPU is not completely consumed, your pod will utilize the available CPU up to 2 or the limit you set. This is the way kubernetes can make good use of the resources by "sharing" CPU to the application that needs it. See here for requests and limits: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
K

Way to Connect to all ec2-instances one by one
Continuous Integration and Delivery (CI, CD) • python amazon web services amazon ec2 • • kalyn

2

0
Votes

2
Posts

1
Views

Z

You can benefit from EC2 inventory script provided by Ansible - click It will allow you to to connect to all ec2-instances, one by one (in serial: 1 mode)
R

Azure Postgresql hitting 100% memory usage without easy way to restart the server
SQL, Database Testing • postgresql azure • • rosemadder

2

0
Votes

2
Posts

0
Views

J

AWS RDS has multiple options in a default parameter group that are calculated from DBInstanceClassMemory variable, for example max_connections parameter which might be {DBInstanceClassMemory/31457280}, which for 8GB server would calculate to 8*1024*1024*1024/31457280=273. This allows the parameters to scale up and down while changing the database instance RAM size. I have no idea how is it configured on Azure, but you also need to make sure that those parameters are reasonably configured for your RAM. For the start I'd check which parameters are dependent on DBInstanceClassMemory on AWS RDS and then set those parameters the same on Azure (calculate manually if there's no similar mechanism to automatically scale them). Try to set them so the query below will return value smaller than available memory for Postgres: select pg_size_pretty( shared_buffers::bigint*block_size + max_connections*work_mem*1024 + autovacuum_max_workers*( case when autovacuum_work_mem=-1 then maintenance_work_mem else autovacuum_work_mem end )*1024 ) as estimated_max_ram_usage from ( select (select setting::bigint from pg_settings where name='block_size') as block_size, (select setting::bigint from pg_settings where name='shared_buffers') as shared_buffers, (select setting::bigint from pg_settings where name='max_connections') as max_connections, (select setting::bigint from pg_settings where name='work_mem') as work_mem, (select setting::bigint from pg_settings where name='autovacuum_max_workers') as autovacuum_max_workers, (select setting::bigint from pg_settings where name='autovacuum_work_mem') as autovacuum_work_mem, (select setting::bigint from pg_settings where name='maintenance_work_mem') as maintenance_work_mem ) as _ ; But you can still kill the server, for example with a pg_restore or reindex with too many parallel workers (they can use up to maintenance_work_mem per worker) or too complicated queries (they can use up to work_mem per query execution node, and there can be multiple in a single query). There's no single setting for the server to tell it to use no more than X RAM.
S

Creating my first Elastic Database Job on Azure
SQL, Database Testing • azure sql database azure • • simrah

2

0
Votes

2
Posts

0
Views

The error on the portal is not clear, but you should be able to find details in deployment summary. On portal go to your resource group and navigate to Deployment tab. There you can find history of the deployments with details about progress and errors. The problem with Powershell looks like you don't set subscription context. You should set the context to subscription which contains Reasource Group to which you want to deploy content. To make this work use this example: Example 1: Set the current subscription After apply current subscription you should be able to see what is the real error during deployment.
O

Cannot configure node group in new EKS cluster due to no Node IAM role found
Continuous Integration and Delivery (CI, CD) • aws iam eks role based access control • • obi

2

0
Votes

2
Posts

1
Views

Y

This is actually pretty well described in the docs. Before you create worker nodes, you must create an IAM role with the following IAM policies: AmazonEKSWorkerNodePolicy AmazonEKS_CNI_Policy AmazonEC2ContainerRegistryReadOnly Also you need to make sure that this role could be assumed by EKS. { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "ec2.amazonaws.com" }, "Action": "sts:AssumeRole" } ] }

connect to kind cluster from inside and outside

Suggested Topics

What is the best tool for the release management for Kubernetes in a small startup? Continuous Integration and Delivery (CI, CD) • kubernetes release management spinnaker • • Raziyah00

Migration to SQL Database using Transaction Replication - down time? SQL, Database Testing • sql server migration azure transac languagetional re • • shizuka

Kubernetes readinessProbe: do health-checks run forever? Continuous Integration and Delivery (CI, CD) • kubernetes • • yajahira

call container B inside container A using docker networks Continuous Integration and Delivery (CI, CD) • docker networking • • guilherme

How do you monitor Node Micro services running inside of Docker Containers? Continuous Integration and Delivery (CI, CD) • docker monitoring microservices • • shizuka

SSH to VM inside Docker container Continuous Integration and Delivery (CI, CD) • docker vagrant • • fbio

How To Determine Min/Max Resources For Kubernetes Pods? Continuous Integration and Delivery (CI, CD) • kubernetes • • rosemadder

Trigger Transact-SQL in Azure SQL Database and Azure Web Apps Software Programming • sql server asp.net azure webforms azure sql • • courtlanda

New Kubernetes Cluster: remote error: tls: bad certificate Continuous Integration and Delivery (CI, CD) • kubernetes • • rielyn

Determine the URL for a SCM trigger from inside the build Continuous Integration and Delivery (CI, CD) • jenkins pipeline • • terrea

kubernetes cluster node with 4cpu can't hold two pods with 2cpu Continuous Integration and Delivery (CI, CD) • kubernetes google compute engine • • gionna

Way to Connect to all ec2-instances one by one Continuous Integration and Delivery (CI, CD) • python amazon web services amazon ec2 • • kalyn

Azure Postgresql hitting 100% memory usage without easy way to restart the server SQL, Database Testing • postgresql azure • • rosemadder

Creating my first Elastic Database Job on Azure SQL, Database Testing • azure sql database azure • • simrah

Cannot configure node group in new EKS cluster due to no Node IAM role found Continuous Integration and Delivery (CI, CD) • aws iam eks role based access control • • obi

What is the best tool for the release management for Kubernetes in a small startup?
Continuous Integration and Delivery (CI, CD) • kubernetes release management spinnaker • • Raziyah00

Migration to SQL Database using Transaction Replication - down time?
SQL, Database Testing • sql server migration azure transac languagetional re • • shizuka

Kubernetes readinessProbe: do health-checks run forever?
Continuous Integration and Delivery (CI, CD) • kubernetes • • yajahira

call container B inside container A using docker networks
Continuous Integration and Delivery (CI, CD) • docker networking • • guilherme

How do you monitor Node Micro services running inside of Docker Containers?
Continuous Integration and Delivery (CI, CD) • docker monitoring microservices • • shizuka

SSH to VM inside Docker container
Continuous Integration and Delivery (CI, CD) • docker vagrant • • fbio

How To Determine Min/Max Resources For Kubernetes Pods?
Continuous Integration and Delivery (CI, CD) • kubernetes • • rosemadder

Trigger Transact-SQL in Azure SQL Database and Azure Web Apps
Software Programming • sql server asp.net azure webforms azure sql • • courtlanda

New Kubernetes Cluster: remote error: tls: bad certificate
Continuous Integration and Delivery (CI, CD) • kubernetes • • rielyn

Determine the URL for a SCM trigger from inside the build
Continuous Integration and Delivery (CI, CD) • jenkins pipeline • • terrea

kubernetes cluster node with 4cpu can't hold two pods with 2cpu
Continuous Integration and Delivery (CI, CD) • kubernetes google compute engine • • gionna

Way to Connect to all ec2-instances one by one
Continuous Integration and Delivery (CI, CD) • python amazon web services amazon ec2 • • kalyn

Azure Postgresql hitting 100% memory usage without easy way to restart the server
SQL, Database Testing • postgresql azure • • rosemadder

Creating my first Elastic Database Job on Azure
SQL, Database Testing • azure sql database azure • • simrah

Cannot configure node group in new EKS cluster due to no Node IAM role found
Continuous Integration and Delivery (CI, CD) • aws iam eks role based access control • • obi