Stack Overflow
Stack Overflow

Questions tagged [kube-apiserver]

The main implementation of a Kubernetes API server is kube-apiserver. kube-apiserver is designed to scale horizontally — that is, it scales by deploying more instances. You can run several instances of kube-apiserver and balance traffic between those instances.

The kube-apiserver validates and configures data for the API objects which include pods, services, replicationcontrollers, and others.

The API Server services REST operations and provides the frontend to the cluster's shared state through which all other components interact.

132 questions
0
votes
2 answers

How to enforce policies for manifests in Kubernetes?

I have built a self-service platform based on Kubernetes, where we create namespaces for each team and allow them to 'do whatever they want within the namespace' (we set resource limits so no one can kill the whole cluster). However, now I want to…
dayuloli
  • 16,205
  • 16
  • 71
  • 126
0
votes
1 answer

Metrics for Kubernetes events which are stored in apiserver

I was trying to look out for metrics or exporters which could provide information about Kubernetes events which are stored in apiserver. Read things…
amankedia
  • 377
  • 2
  • 8
  • 23
0
votes
1 answer

New kubernetes install has remnants of old cluster

I did a complete tear down of a v1.13.1 cluster and am now running v1.15.0 with calico cni v3.8.0. All pods are running: [gms@thalia0 ~]$ kubectl get po --namespace=kube-system NAME READY STATUS RESTARTS…
horcle_buzz
  • 2,101
  • 3
  • 30
  • 59
0
votes
1 answer

How to do Rolebinding of PodSecurityPolicy to a group?

Working on a single node Kubernetes cluster, I wish to apply a restrictive pod security policy to a group of users authenticated via openid. So the sequence of steps are like this. Initialize the cluster, and create the pod security…
Alavalathi
  • 713
  • 2
  • 9
  • 21
0
votes
1 answer

flannel restart very often

Flannel on node restarts always. Log as follows: root@debian:~# docker logs faa668852544 I0425 07:14:37.721766 1 main.go:514] Determining IP address of default interface I0425 07:14:37.724855 1 main.go:527] Using interface with name eth0…
user9260723
  • 1
  • 2
0
votes
2 answers

issues with K8s compiled docker images

after cloning repo (tag v1.14.0)to local machine; i have modified cmd/kube-apiserver/app/server.go file; i hvae added one line of new code which is custome log entry upon K8s code compilation i found docker images tar ball in…
ankit patel
  • 1,399
  • 5
  • 17
  • 29
0
votes
0 answers

Unable to join new node to existing cluster: [discovery] Failed to request cluster info, will try again: [Unauthorized]

I have an existing kubernetes 1.11.3 cluster and I'm unable to join new nodes to it. I'm attempting to join by creating a new token with the --print-join-command flag through kubeadm on the master Then I run that join command as sudo on the new…
LucasY
  • 64
  • 10
0
votes
1 answer

Kubernetes.default nslookup not able to resolve from different namespaces

I'm facing a problem resolving kubernetes.default.svc.cluster.local from outside default namespace I'm running two busybox:1.30 pods on each namespace and the name successfully resolves from the default namespace only [admin@devsvr3 ~]$ kubectl…
Amr Nassar
  • 155
  • 2
  • 9
0
votes
1 answer

Why http and not https? kubectl cluster-info "kubernetes master running"

I've googled for hours and I can't seem to find the info. This might be a simple question... My question is this: I have a big script to start up K8s. When everything is up and running and I do a kubectl cluster-info I get kubernetes master is…
hyperstack
  • 29
  • 1
  • 4
0
votes
1 answer

How can I access to services outside the cluster using kubectl proxy?

When we spin up a cluster with kubeadm in kubernetes, and the service's .yaml file looks like this : apiVersion: v1 kind: Service metadata: name: neo4j labels: app: neo4j component: core spec: clusterIP: None ports: - port: 7474 …
Majid Rajabi
  • 1,417
  • 6
  • 20
  • 35
0
votes
2 answers

Service account not respecting its cluster role

I created a context with a user that has only READ access but when I logged in as this user I can still do whatever I want like deploying and killing pods, etc... Why is that ? I followed this tutorial. 1) First I created a service account: kubectl…
Doctor
  • 7,115
  • 4
  • 37
  • 55
1 2 3
8
9