Stack Overflow
Stack Overflow

Questions tagged [kube-apiserver]

The main implementation of a Kubernetes API server is kube-apiserver. kube-apiserver is designed to scale horizontally — that is, it scales by deploying more instances. You can run several instances of kube-apiserver and balance traffic between those instances.

The kube-apiserver validates and configures data for the API objects which include pods, services, replicationcontrollers, and others.

The API Server services REST operations and provides the frontend to the cluster's shared state through which all other components interact.

132 questions
0
votes
1 answer

kube-apiserver: force etcd worker key to be re-constructed from api-server

Problem: I am creating for testing new node conditions and status, when i am removing them from my code or controller they remain in etcd /kubernetes.io/minions/. whenever i rune describe. I can't update it as it's encrypted, I want a way to remove…
Sam
  • 345
  • 3
  • 14
0
votes
1 answer

Patch through Kuberentes rest API

I am trying to patch horizontal pod autoscaler by setting minimum replica through kubernetes api Here is the curl which I am using curl -k \ --request PATCH \ --header "Authorization: Bearer $KUBE_TOKEN" \ --header…
Ali Mehdi
  • 884
  • 1
  • 11
  • 33
0
votes
1 answer

how to maintain encryption/decryption of Kubernetes Secrets in AKS

how to maintain encryption/decryption of Kubernetes Secrets in AKS. I referred this link https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/ but as per this link…
dev4java
  • 86
  • 1
  • 8
0
votes
2 answers

Kubernetes error [::1]:6443: connect: cannot assign requested address

I got the following error: controller.go:228] unable to sync kubernetes service: Post "https://[::1]:6443/api/v1/namespaces": dial tcp [::1]:6443: connect: cannot assign requested address I have the following warnings in my cluster kube (3x3…
Madalin NITU
  • 1
  • 1
  • 2
0
votes
3 answers

system:node fails to get secrets from apiserver via curl

I'm doing some POC for security research, trying to access namespace secrets directly from a worker node. I have a cluster on GKE running Kubernetes 1.20 I'm running the following command from a worker (none-master) node: curl -v…
Mugen
  • 8,301
  • 10
  • 62
  • 140
0
votes
2 answers

How to deploy a pod on a master node running apiserver

I have a pod that is essentially a plugin for an apiserver, it's almost no workload pod which task is to externalize watches to another pubsub facility (serves like a bridge from one api to another) To reduce the latency and amount of real network…
xakepp35
  • 2,878
  • 7
  • 26
  • 54
0
votes
0 answers

Kubernetes Kube-API certificate expire log

Recently the certificates of the Kubernetes cluster have been upgraded. This is an external ETCD managed cluster. Renewed the Master nodes and Worker nodes via Kubeadm upgrade. The external ETCD nodes were upgrade via Kubeadm certs renewal.…
Dinuka Kavinda
  • 45
  • 1
  • 11
0
votes
1 answer

Kube-apiserver unable to read from a custom volume added to ApiServer POD manifest

I want to add admission-controller config and audit policy yaml to the kube api server. I have kept both these files on a folder under /etc/kubernetes/configs and adding it as a volume/volumeMount to the POD. The pods fails to get the config files…
pocman
  • 325
  • 4
  • 14
0
votes
1 answer

single HAproxy to expose multiple kubernetes cluster kube-api service

Currently we are using haproxy to expose the kube-api using tcp:bind mode which works fine. We have requirement to keep single haproxy to handle around 4 different cluster kube-api endpoint, in this scenario tcp:bind won't work. We are planning to…
user3715261
  • 1
  • 3
0
votes
1 answer

File exists for webhook, but cube-api failed with file not exists

I am trying to configure Kubernetes with webhook, I created file, and put it at /etc/kubernetes/webhook.yaml. I modify /etc/kubernetes/manifests/kube-apiserver.yaml and add the flag -…
Nilesh
  • 20,521
  • 16
  • 92
  • 148
0
votes
2 answers

Kubernetes javascript client - could not filter by label selector

I run the following function from Kubernetes official javascript client, for example : .listNamespacedPod("default", null, "false", "smth=test", null, null, null, null, null, null) or any other function. There is a param called labels selector. Now…
Tuz
  • 1,810
  • 5
  • 29
  • 58
0
votes
2 answers

How to set/change endpoints conected to kubernetes.default.svc service

I have kubernetes multi control plane cluster bootstrapped by command: kubeadm init --config kubeadm-config.yaml kubeadm-config.yaml contains: apiVersion: kubeadm.k8s.io/v1beta2 kind: ClusterConfiguration kubernetesVersion:…
Piotr Rotter
  • 1
0
votes
1 answer

Helm Charts: How to install a package in a K0s cluster?

I am aiming to install a helm package in a k0s cluster throught the use of the following command: helm install name . --kube-apiserver=x.x.x.x:xxx But I get the following output: Kubernetes cluster unreachable:…
McLan
  • 2,552
  • 9
  • 51
  • 85
0
votes
1 answer

How do I configure NodeRestriction plug-in on kubelet?

Let's start with some context: I'm studying CKS and reading CIS_Kubernetes_Benchmark_v1.6.0.pdf and there's a confusing section: 1.2.17 Ensure that the admission control plugin NodeRestriction is set (Automated) ... Verify that the…
neoakris
  • 4,217
  • 1
  • 30
  • 32
0
votes
0 answers

CoreDNS logs report unauthorized

We deployed new Kubernetes cluster, and it has 2 pods for Coredns. $ kubectl get pods --namespace=kube-system -l k8s-app=kube-dns NAME READY STATUS RESTARTS AGE coredns-74ff55c5b-7v9bd 0/1 Running 0 …
Nilesh
  • 20,521
  • 16
  • 92
  • 148
1 2 3
8 9