Questions tagged [aks]
The aks tag has no usage guidance.
83
questions
5
votes
1
answer
46k
views
"Context deadline exceeded" preventing pods from being created in AKS
We have been experiencing an issue causing us pain for the last few months.
The issue appears to be that occasionally when we request a pod via the Kubernetes executor it fails to create.
For ...
- 924
4
votes
1
answer
3k
views
AKS version upgrade error: Operation failed with status: 'Conflict'. Details: Upgrades are disallowed while cluster is in a failed state
I noticed that one of AKS services is in the failed state. When I went to diagnostics, I found out that current version is not supported anymore. So I tried to follow instructions stated here: https://...
4
votes
2
answers
8k
views
Why are pods failing to schedule due to resources when node has plenty available?
The pods in my application scale with 1 pod per user (each user gets their own pod). I have the limits for the application container set up like so:
resources:
limits:
cpu: 250m
...
- 290
2
votes
2
answers
2k
views
How to move kubernetes to a different subscription in azure?
I have two subscriptions under my account.
When I check today, the balance is low in my subscription where I deployed the cluster.
So, I click on change subscription option and selected the second ...
- 372
2
votes
1
answer
6k
views
curl & wget cannot resolve internal dns names within the aks cluster but nslookup , host , dig work fine
I have a managed kubernetes instance on azure. I am very sure that the core dns is working and the dns pods are healthy.
I have a couple of services
frontend-service with one pod - Image [nginx-...
- 41
2
votes
1
answer
5k
views
Does Azure Application Gateway support gRPC connections?
I've set up an Azure Application Gateway with Azure Kubernetes Service using the Azure Application Gateway Ingress Controller (AGIC) and confirmed that it's working correctly using the sample ...
- 155
2
votes
1
answer
1k
views
What does the MEMORY(bytes) value mean in "kubectl top nodes" on Windows AKS nodes?
When I run kubectl top nodes on my Azure Kubernetes Services cluster with Windows nodes, I get a value back for MEMORY(bytes):
PS >kubectl top nodes
NAME CPU(cores) ...
- 181
2
votes
1
answer
244
views
Azure App Gateway warning about Public IP
I am using the Azure App Gateway v2 and the App Gateway Ingress Controller as a public frontend to an AKS cluster. Following the guidance in this doc, I created and associated the IP address to my ...
- 121
1
vote
2
answers
3k
views
I have deleted all the Azure AKS Kubernetes Nodes, how to restore back the Cluster to it's original state?
I am new to the Azure AKS Cluster world, and while messing with a test cluster i have deleted all its Nodes with kubectl delete node xxxx, thinking that the cluster will heal itself. Boy, was i wrong.
...
- 31
1
vote
2
answers
3k
views
How does Azure Loadbalancer work with Azure AKS
I recently tried to figure out how an Azure Loadbalancer in front of an Azure AKS cluster actually routes traffic to the cluster nodes.
Our (quite basic) setup:
AKS cluster version 1.23.x with the ...
- 113
1
vote
2
answers
77
views
Monitor Azure Kubernetes Service (AKS) with Prometheus servers running independently
Can I deploy Prometheus to each Azure Kubernetes Service (AKS), and monitor each Prometheus from a Prometheus created by a virtual machine outside the AKS? In other words, I want to connect the ...
- 33
1
vote
1
answer
2k
views
How to connect AKS with postgres in private vnet?
I have created postgres with private vnet option.
So, no direct access to posgres from internet.
But, I can't access it from "CloudShell" also.
Also, while creating database,when I want to ...
- 481
1
vote
1
answer
677
views
How to expose services in private AKS cluster?
I've created a private cluster on AKS and deployed some workloads to it, but I'm not sure how to connect to the services. They are all NodePort services, both TCP & UDP.
Initially, I thought that ...
- 21
1
vote
1
answer
3k
views
How to find out IOPS disk usage by pod/container on k8s nodes?
My vms have been hard hit by IOPS (Causing network errors and other strange behavior) and I wonder what of my pods is causing it (if any) - how can I find out? I couldn't find a clear tool providing ...
- 163
1
vote
1
answer
2k
views
error reading configuration while deploying to aks
I am using Azure devops for regulation CI/CD in my project , i have a kubernetes cluster running through aks(azure kubernetes service) , i have used azure repo and everything and , every required file(...
- 23
1
vote
1
answer
364
views
strict MIME type checking is enabled issue with PGAdmin in Azure application gateway
I am trying to install pgAdmin (image: 'dpage/pgadmin4:6.21') in Azure AKS. I am able to access the application when I use a Kubernetes LoadBalancer service, but when I use an Azure Application ...
- 113
1
vote
0
answers
988
views
ETCD snapshots causing etcdserver: leader changed
For a while now we've experienced regular errors from operations on kube API in AKS resulting in etcdserver: leader changed message. From what we've learned there is an ETCD snapshot performed every ...
1
vote
0
answers
346
views
Azure AKS user nodepool VM temporary storage requirements
Do AKS user nodepool VMs use Azure VM temporary storage for any purpose?
Can an AKS user nodepool run on VMs without temporary storage?
What is is the minimal amount of Azure VM temporary storage ...
- 267
1
vote
0
answers
143
views
How to access aks service from same vnet?
I have created an aks cluster and deployed an application there and exposed it as a service.
Can be accessible through LoadBalancer.
To access it internally, I created a windows VM in the same vnet (...
- 155
1
vote
0
answers
302
views
How to keep postgres flexible server and aks on the same vnet?
I have created aks cluster with azure network type selected.
Terraform files for reference
My VNet used with aks.
But this vnet is not available in the dropdown of azure postgres flexible server ...
- 481
1
vote
1
answer
2k
views
What is the right way to assign Network Contributor Role to an AKS cluster via ARM / Bicep template?
I'm trying to configure a Load Balancer for my AKS server using Bicep/ARM. I am using the NGinx Ingress Controller in kubernetes and it does seem to work but when I first spin things up I am ...
- 113
1
vote
1
answer
946
views
How to simulate an Availability Zone (AZ) failure in Azure?
I'm setting up a cross AZ AKS cluster. I would like to simulate a failure of an AZ to test the behaviour of cluster and application after such an event.
What would be the best way of doing this?
- 11
1
vote
1
answer
223
views
Consul containers are creating as privileged containers, how to change that?
With the azure policy addon enabled(as per organization policy), we can’t create privileged containers on the aks, azure kubernetes.
Our application is set to security context as below.
...
- 372
1
vote
0
answers
656
views
AKS Certificate Manager upgrade w/ namespace change - Wrong cert-manager hook ID
Recently, we changed uninstalled our cert manager and reinstalled it into a new namespace.
There were no issues with the uninstall / reinstall of the cert manager. When we tried to create a new ...
- 133
1
vote
0
answers
181
views
Azure AKS does not have D2 v4 nodes listed in selection
Want to select D2 v4 (0GB Temp storage) nodes for my AKS node pool, but this node size is not available.
Now we are using D2s v3 (16GB temp storage).
That temp storage is not used and also is not that ...
1
vote
0
answers
128
views
Maesh address not resolved in AKS
I'm currently working with migrating a deployment to maesh. In this process I annotated, as required. my service with the maesh label. But trying to curl the service afterwards fails.
The old address(...
- 11
1
vote
0
answers
219
views
mysql helm aks keeps crashing
I tried to install mysql using helm chart
helm install mysql --set mysqlRootPassword=medone,mysqlUser=mysql,mysqlPassword=medone,mysqlDatabase=profil,persistence.existingClaim=mysql-pv-claim stable/...
- 11
0
votes
1
answer
2k
views
Kubernetes clusters should not grant CAPSYSADMIN security capabilities
In Our AKS, found high severity alerts related to this in Azure Security Center.
What is CAPSYSADMIN meant for?
Is the pods by default enabled with this property?
Because we didnt specifically enabled ...
- 101
0
votes
1
answer
2k
views
How to set flux to deploy latest image tag for every build?
I have added github actions to build a docker image for every latest commit and push it to our container registry in azure.
We have created yaml files to deploy the docker image to kubernetes on azure....
- 481
0
votes
1
answer
1k
views
How to launch a sql file on kubernetes pod creation?
We have our database either in aws rds or azure postgres or even on a different online server based on customer.
But our product will be running in azure kubernetes as a pod and service with database ...
- 56
0
votes
1
answer
1k
views
Custom CRDs not getting deleted in aks cluster, how to delete that?
I have installed consul helm repository to default namespace.
Now, want to change it to a custom namespace.
So, deleted the help chart using helm uninstall command.
Now, when I try to install again, ...
- 56
0
votes
2
answers
1k
views
Kubernetes NGINX Ingress Controller Failure using Helm on AKS
When going through the setup of a K8 ingress controller, which is documented here
I am unable to get past the step of "Create an Ingress Controller"
During the Helm command step and placing ...
- 153
0
votes
1
answer
199
views
Use fwmark in iptables on a container running in Azure K8S
I have a weird use case, where a pod running in Azure Kubernetes needs to route traffic from specific ports to specific targets through a dedicated VPN tunnel. But those targets are private IPs and ...
- 11
0
votes
1
answer
271
views
How to install Consul on azure kubernetes with policies enabled?
I have installed azure kubernetes with azure policy enabled.
I followed the steps in the getting started guide of consul as is: link
But when the consul is deployed, the pods are not deployed.
When I ...
- 481
0
votes
1
answer
602
views
Limit exceeded for cluster creation on Azure Kubernetes, where to cleanup?
I have deleted the old clusters by deleting the resource group completely.
But when I try to create a new cluster, I am getting error as limit exceeded.
As you can see in the below error.
{"code&...
- 372
0
votes
1
answer
236
views
why AKS,EKS,GKE better than k8s .can we say k8s architecture is base of these 3. How they leverage each other?
I am trying to learn k8s, and 1 question always coming as to why we need GKE, aks, or EKS.
In the cloud, Can we do container orchestration without the above services means can we have compute ...
- 3
0
votes
1
answer
128
views
Problems After Deploying Gitub Repo to Azure Kubernetes Service
I created an AKS successfully and tried to deploy a project from my Github repository. I followed the guidance on the following page and it sent me a success notice in the Azure Portal.
However, ...
- 123
0
votes
0
answers
7
views
Clarification Needed on Lifecycle Management of AKS LoadBalancer IP Addresses Labeled 'Static'
I'm currently managing an AKS cluster and have come across a point of confusion regarding the public IP addresses allocated for LoadBalancer services. These IPs are labeled as 'Static' in my Azure ...
0
votes
0
answers
33
views
How to set azure app gateway ingress in one namespace and target service istio-ingress is in another namespace in kubernetes?
azure app gateway ingress in one namespace and target service istio-ingress is in another namespace, how to set that.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: server-ingress
...
0
votes
0
answers
145
views
OpenTelemetry Collector Data not being fetched by Prometheus in Grafana
I have a requirement where I have some container workload in Azure AKS cluster and I need to use OpenTelemetry to gather data like metrics, logs and traces. I also have Grafana as the visualisation ...
- 63
0
votes
0
answers
27
views
How to fix access denied error for aks kubernetes commands?
with service principal logged in with azure cli. Below command got this error.
az aks command invoke --resource-group rg-licanltcs-aks-prod --name aks-licanltcs-prod-eastus --command "kubectl ...
0
votes
0
answers
64
views
OpenTelemetry K8s Operator Collector - Exporter Configuration for Prometheus
I have some container workloads in Azure AKS cluster. I need to use OpenTelemetry to get the metrics, logs and trace data from the container workload and get it collected by the OTEL collector.
I have ...
- 63
0
votes
1
answer
27
views
What happens to Pod-Workload if a Node gets destroyed
when running pod-workload on an AKS-cluster with autoscaling enabled, what happens, if the pool gets scaled down? If a Pod is running workload on a node, and this node is being removed because of ...
- 15
0
votes
0
answers
73
views
How to route azure application gateway to a service in different namespace?
My ingress for azure application gateway, so that it will use istio gateway internally.
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: server-ingress
namespace: productnamespace
...
- 1
0
votes
0
answers
52
views
How to use mTLS without using istio ingress and using azure app gateway ingress?
We have our application running in aks cluster and using cert-manager helm chart in separate namespace for lets encrypt certificate generation. argocd namespace is for handling deployments.
We need to ...
- 1
0
votes
1
answer
182
views
Dealing with Flask routing paths when deployed behind URL prefix
I have single page application build using the python Flask framework. I'm using gunicorn as the web server and I have containerised it using docker. It is deployed on Azure Kubernetes Services (aks) ...
- 3
0
votes
0
answers
138
views
AKS Egress Internal via Load Balancer to on-premise service
I have an AKS cluster and one of the pods, call it "my-service", needs to connect to an on-premises service via VPN and that service requires whitelisting of IPs. Unfortunately, it can only ...
- 101
0
votes
0
answers
73
views
AKS System Node Pool and number of nodes
The AKS docs mention that 3 nodes are recommended in Production for System Node Pool.
What is the rationale behind this?
Does the fact that the cluster is a private cluster change anything in the ...
- 111
0
votes
0
answers
39
views
Restrict access to a Prometheus server in AKS can only be achieved with nginx-ingress?
Prometheus server with its respective Loadbalancer in AKS.
I wanted to secure the access to /metrics through network rules...but it doesn't work. I can still acess to the endpoint with any device.
...
- 1
0
votes
1
answer
86
views
AKS Kubectl command doesn't return completed pods
I am using AKS with Kubernetes v1.25.6 and I have started to see a number of pods with a Completed status. From what I understand these are generated when an exit 0 code is returned on the process the ...
- 193