I am following this guide and trying to create the TLS cert, I am using cfssl and I am able to create the required file, but what should I provide for MASTER_IP and MASTER_CLUSTER_IP?
When I execute kubectl cluster-info, I can only see the following information:
Kubernetes control plane is running at https://xxx.yy.zzz.40:6443
CoreDNS is running at https://xxx.yy.zzz.40:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Where can I find these two values?
Use below command
kubectl get no -owide
The above command displays internal and external ips of all the nodes in the cluster
Related
I was trying to run
"kubectl get nodes" command for k8s cluster.it gives "Unable to connect to the server: dial tcp..."
this is a k8s cluster created by a different user in the company AWS account.
this is the steps I have followed
export AWS_PROFILE=RR
export KOPS_STATE_STORE=s3://s3bucketname
kops export kubecfg dev.k8s.local
kubectl config get-contexts
kubectl get nodes 12:53:18
Unable to connect to the server: dial tcp 3.136.226.173:443: i/o timeout
I need to view running nodes and services in this k8 cluster how can I do this.
Possible cause one: routing/firewall issues
It happens when you create/use private cluster.
To solve - add an external IP to authorized networks.
to get your external IP address, you can use some of these commands:
curl ifconfig.co
dig +short myip.opendns.com #resolver1.opendns.com
curl ifconfig.me
curl ifconfig.co
curl smart-ip.net/myip
wget -O - -q icanhazip.com
wget -O - -q ifconfig.me/ip
Other such resources:
http://ip.tyk.nu/
http://whatismyip.akamai.com/
http://tnx.nl/ip
http://ifcfg.me/
http://l2.io/ip
http://ip.appspot.com/
http://ident.me/
http://ipof.in/txt
http://icanhazip.com/
http://curlmyip.com/
http://wgetip.com/
http://curlmyip.com/
http://bot.whatismyipaddress.com/
http://eth0.me/
http://ifconfig.me/
http://corz.org/ip
http://ipecho.net/plain
Possible cause two: lost/stale k8s context
To get context use:
kubectl config view
To set context use:
kubectl config set-context <your_context>
Possible cause three: outdated CF template
As per this answer, you'd check an AMI template that used when cluster was created.
The cluster was set up using an older version of the CloudFormation template
Currently, I obtaine various information from the GoogleCloudPlatform management console screen, but in the future I would like to obtain it using API.
The information obtained is as follows.
Kubernetes Engine>Clusters>Cluster Size
Kubernetes Engine>Workloads>Pods
Please teach the API corresponding to each information acquisition.
GKE UI under the hood calls Kubernetes API to get information and show in UI.
You can use kubectl to query Kubernetes API to get that information.
kubectl get nodes
kubectl get pods
If you turn on the verbose mode in kubectl then it will show what REST API its calling on the kubernetes api server.
kubectl --v=8 get nodes
kubectl --v=8 get pods
The REST API for nodes and pods are
GET https://kubernetes-api-server-endpoint:6443/api/v1/nodes?limit=500
GET https://kubernetes-api-server-endpoint:6443/api/v1/namespaces/default/pods?limit=500
Here is the doc on how to configure Kubectl to connect with GKE.
Here is the doc from kubernetes on different ways to access Kubernetes API.
You can also use kubectl proxy for trying it out.
Remember to call above rest apis you need to authenticate to kubernetes api server either with a certificate or with a bearer token.
You need to:
install your command line
connect to your project
connect to your cluster
retrieve the number of pod inside your cluster
Install your command line
You can use your prefered command line or you can use the active cloud shell of your browser (the online command line interface integrated to Google Cloud Platform).
Option A) Using your own command line program, you need to install Google Cloud command (gcloud) on your machine.
Option B) Otherwise if you use the active cloud shell, just click on the active cloud shell button on the top of the page.
Connect to your project
(only for option A)
Login to your gcloud platform: gcloud auth login
$ gcloud auth login
Your browser has been opened to visit:
https://accounts.google.com/signin/oauth/oauthchooseaccount?client_id=65654645461.apps.googleusercontent.com&as=yJ_pR_9VSHEGFKSDhzpiw&destination=http%3A%2F%2Flocalhost%3A8085&approval_state=!ChRVVHYTE11IxY2FVbTIxb2xhbTk0SBIfczcxb2xyQ3hfSFVXNEJxcmlYbTVkb21pNVlhOF9CWQ%E2%88%99AJDr988AKKKKKky48vyl43SPBJ-gsNQf8w57Djasdasd&oauthgdpr=1&oauthriskyscope=1&xsrfsig=ChkAASDasdmanZsdasdNF9sDcdEftdfECwCAt5Eg5hcHByb3ZhbF9zdGF0ZRILZGVzdGluYXRpb24ASDfsdf1Eg9vYXV0aHJpc2t5c2NvcGU&flowName=GeneralOAuthFlow
Connect to your project: gcloud config set project your_project_id
$ gcloud projects list
PROJECT_ID NAME PROJECT_NUMBER
first-project-265905 My Project 117684542848
second-project-435504 test 895475526863
$ gcloud config set project first-project-265905
Connect to your cluster
Connected to your project, you need to connect to your cluster.
gcloud container clusters get-credentials your_cluster_name
$ gcloud container clusters list
NAME LOCATION MASTER_VERSION MASTER_IP MACHINE_TYPE NODE_VERSION NUM_NODES STATUS
test-cluster-1 asia-northeast1-a 1.33.33-gke.24 45.600.23.72 f1-micro 1.13.11-gke.14 3 RUNNING
$ gcloud container clusters get-credentials test-cluster-1
Fetching cluster endpoint and auth data.
kubeconfig entry generated for test-cluster-1.
Retrieve the number of nodes/pods inside your cluster
inside a given name space run the command
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
gke-test-cluster-1-default-pool-d85b49-2545 NotReady 24m v1.13.11-gke.14
gke-test-cluster-1-default-pool-d85b49-2dr0 NotReady 3h v1.13.11-gke.14
gke-test-cluster-1-default-pool-d85b49-2f31 NotReady 1d v1.13.11-gke.14
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
busybox 0/1 Pending 0 44s
nginx 0/1 Pending 0 1m
Speaking about Python, Kubernetes Engine API could be used in this case.
Kubernetes Engine > Clusters > Cluster Size
In particular, a method get(projectId=None, zone=None, clusterId=None, name=None, x__xgafv=None)
returns an object that contains "currentNodeCount" value.
Kubernetes Engine > Workloads > Pods
A code example for listing pods could be found here:
Access Clusters Using the Kubernetes API
I know that i can use kubectl get componentstatus
command to check the health status of the k8 cluster but some how the output i am receiving do not show the health. Below is the output from master server.
I can do deployments, can create pods and services which means everything is working fine but not sure how to check the health status.
Solved in kube-apiserver v1.17.0, also you should use command below in your older apiserver.
kubectl get cs -o=go-template='{{printf "NAME\t\t\tHEALTH_STATUS\tMESSAGE\t\n"}}{{range .items}}{{$name := .metadata.name}}{{range .conditions}}{{printf "%-24s%-16s%-20s\n" $name .status .message}}{{end}}{{end}}'
enjoy
can you try with this command
kubectl get componentstatus -o jsonpath="{.items[*].conditions[*].status}"
I know both commands are same but outputting it as yaml worked for me
try this command
kubectl cluster-info
I was performing a practical where i was deploying a containerised sample application using kubernetes.
i was trying to run container on google cloud platform using kubernetes engine.But while deploying container using "kubectl run" command using google cloud shell.
its showing an error "error: failed to discover supported resources: Get https://35.240.145.231/apis/extensions/v1beta1: x509: certificate signed by unknown authority".
From Error, i can recollect that its because of "SSL Certificate" not authorised.
I even exported the config file resides at "$HOME/.kube/config". but still getting the same error.
please anyone help me understand the real issue behind this.
Best,
Swapnil Pawar
You may try following steps,
List all the available clusters,
$ gcloud container clusters list
Depending upon how you have configured the cluster, if the cluster location is configured for a specific zone then,
$ gcloud container clusters get-credentials <cluster_name> --ZONE <location>
or if the location is configured for a region then,
$ gcloud container clusters get-credentials <cluster_name> --REGION <location>
The above command will update your kubectl config file $HOME/.kube/config
Now, the tricky part.
If you have more than one cluster that you have configured, then your $HOME/.kube/config will have two or more entries. You can verify it by doing a cat command on the config file.
To select a particular context/cluster, you need to run the following commands
$ kubectl config get-contexts -o=name // will give you a list of available contexts
$ kubectl config use-context <CONTEXT_NAME>
$ kubectl config set-context <CONTEXT_NAME>
Now, you may run the kubectl run.
Assuming kubectl is not setup locally, you having full access to SSH into nodes.
Is there any local commands that can be issued from the slaves nodes to edit the label ?
Can I use kubernetes patch but not being triggered from kubectl ?
or should I edit kubelet file(label section) and restart kubelet service ?
You can do a patch API call directly. Pass --v=8 to kubectl to see the API calls it is making for any command.