Stack Overflow
Stack Overflow

Questions tagged [kube-apiserver]

The main implementation of a Kubernetes API server is kube-apiserver. kube-apiserver is designed to scale horizontally — that is, it scales by deploying more instances. You can run several instances of kube-apiserver and balance traffic between those instances.

The kube-apiserver validates and configures data for the API objects which include pods, services, replicationcontrollers, and others.

The API Server services REST operations and provides the frontend to the cluster's shared state through which all other components interact.

132 questions
3
votes
2 answers

Deprecated k8s API

Using different tools (kubent for example) I see that I have deprecated API in my cluster. For example Type: Ingress Name: kibana API: networking.k8s.io/v1beta1 But when I open Ingress itself, I can see this: apiVersion: networking.k8s.io/v1 kind:…
user15824359
  • 91
  • 1
  • 11
3
votes
2 answers

How does the Kubernetes API server start a newly scheduled pod on a node?

I'm trying to get a better view 'under the hood' of how the Kubernetes Pod scheduling and creation process works, with respect to the interaction between kubelet and kube-apiserver. I understand that the Kubernetes scheduler chooses a node to…
tDickinson
  • 37
  • 3
3
votes
1 answer

Kubernetes change cipher for certificates

I have been poring over links related to kubeadm to try and change the cipher on my Kubernetes cluster certificate. The problem is that I need to disable DES/3DES so that this command will fail: openssl s_client -connect IP:2379 -cipher "DES:3DES"…
el n00b
  • 1,957
  • 7
  • 37
  • 64
3
votes
2 answers

Docker Desktop Kubernetes Unable to connect to the server: EOF

Earlier today I had increased my Docker desktop resources, but when ever since it restarted Kubernetes has not been able to complete its startup. Whenever I try to run a kubectl command, I get Unable to connect to the server: EOF in response. I had…
shenyongo
  • 31
  • 1
  • 2
3
votes
1 answer

API endpoints for kubernetes mutating webhook server

As described here, this is a reference implementation of a webhook server as used in kubernetes e2e test. In the main function, a number of endpoints have been defined to handle different requests for mutation. However, there is no clear…
cogitoergosum
  • 2,309
  • 4
  • 38
  • 62
3
votes
1 answer

kube-apiserver pod sticks in the CreateContainerError status

I bootstrap a kubernetes cluster using kubeadm. After a few month of inactivity, when I get our running pods, I realize that the kube-apiserver sticks in the CreatecontainerError! kubectl get pods -n kube-system NAME …
Majid Rajabi
  • 1,417
  • 6
  • 20
  • 35
3
votes
1 answer

securityContext.privileged: Forbidden: disallowed by cluster policy

I can't start pod which requires privileged security context. PodSecurityPolicy: apiVersion: policy/v1beta1 kind: PodSecurityPolicy metadata: name: pod-security-policy spec: privileged: true allowPrivilegeEscalation: true …
Kok How Teh
  • 3,298
  • 6
  • 47
  • 85
3
votes
1 answer

Keycloak KubeAPI Authentication Fails

Please refer to the above image, I am trying to access Kubernetes Clusters Using the Kubernetes API and for that purpose as mentioned in documents I am using Python Kuberentes Client, that needs a token to communicate with Kube API. When I am…
Rajat Badjatya
  • 760
  • 6
  • 13
2
votes
1 answer

Troubleshooting deepcopy-gen not generating deepcopy functions for custom Kubernetes API server

I am trying to create a custom kubernetes api server, and I have defined the types.go file in the directory pkg/apis/baz/v1alpha1, package v1alpha1 import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" // +genclient //…
imawful
  • 69
  • 5
2
votes
1 answer

Leaderelections failing, lease unable to be renewed automatically

I have a production cluster is currently running on K8s version 1.19.9, where the kube-scheduler and kube-controller-manager failed to have leader elections. The leader is able to acquire the first lease, however it then cannot renew/reacquire the…
janeosaka
  • 35
  • 6
2
votes
1 answer

Kubernetes - Admission webhook - validate scale operatoin in deployments

I would like to validate deployments based on custom logic before scale. I created an admission webhook to do that, but unfortunately the scale operation is undetected by the webook. apiVersion: admissionregistration.k8s.io/v1 kind:…
Miklós
  • 51
  • 6
2
votes
1 answer

for GKE how can we control the configuration of the control plane?

I am creating a GKE cluster (4 nodes) and deploying applications on it. While doing that the API server become unresponsive for a few minutes. Want to create a GKE cluster with scaled control plane.
RoRRe
  • 291
  • 2
  • 10
2
votes
0 answers

How kube-apiserver memory cleanup mechanism works

I would like to ask about a strange memory behavior that we encountered in some of our clusters. After a spike in the memory consumption of the api server, the ram remains in the same level of the top of the spike which means that the kube api…
Ron Megini
  • 31
  • 7
2
votes
1 answer

How do I find and call the kube-apiserver in k3s / k3d (with Calico and without it)?

I want to use the kube-apiserver to enable/disable admission controllers (e.g. kube-apiserver --enable-admission-plugins=NamespaceLifecycle), but I cannot find it anywhere. When I run the following, I don't see it anywhere: # Running this: kubectl…
Don Rhummy
  • 24,730
  • 42
  • 175
  • 330
2
votes
1 answer

Including extra flags in the apiserver manifest file in kubernetes v1.21.0 does not seem to have any effect

I am trying to add the two flags below to apiserver in the /etc/kubernetes/manifests/kube-apiserver.yaml file: spec: containers: - command: - kube-apiserver - --enable-admission-plugins=NodeRestriction,PodNodeSelector -…
Francisco
  • 21
  • 2
1
2
3
8 9