-
Kubernetes Security Context: set uid for a Pod
2 min read
By default, any container that we launch will run as root. Most of the processes we launch don't really require, for example, to be able to install packages on the container. We can reduce it's privileges by setting the SecurityContext at the Pod level or at the container level.
19/02/2021
Read more... -
Using kubectl exec to run an interactive shell on an existing pod
2 min read
It's quite common to at least have a shell installed on the containers since it's footprint on the kB range. Let's check how to get an interactive shell on a running Pod. In case the pod we want to connect to is just using one container like in this example:
$ kubectl get pods NAME READY STATUS RESTARTS AGE pet2cattle-s3sync-5f9b9486cf-nznph 1/1 Running 0 2m20s18/02/2021
Read more... -
Error syncing load balancer: failed to ensure load balancer: could not find any suitable subnets for creating the ELB
2 min read
If we try to create a LoadBalancer on an AWS EKS cluster without any public subnet it will get stuck on the pending state and we won't get any external IP/DNS name for it. By using kubectl describe we will be able to get the actual error:
$ kubectl get svc -n pet2cattle NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE demo-lb LoadBalancer 172.20.235.213 <pending> 80:30525/TCP 7d $ kubectl describe svc demo-lb -n pet2cattle Name: demo-lb Namespace: pet2cattle Labels: <none> Annotations: <none> Selector: run=demo-lb Type: LoadBalancer IP Families: <none> IP: 172.20.166.181 IPs: <none> Port: <unset> 80/TCP TargetPort: 80/TCP NodePort: <unset> 30088/TCP Endpoints: 10.236.124.69:80,10.236.126.253:80 Session Affinity: None External Traffic Policy: Cluster Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal EnsuringLoadBalancer 12s (x3 over 27s) service-controller Ensuring load balancer Warning SyncLoadBalancerFailed 12s (x3 over 27s) service-controller Error syncing load balancer: failed to ensure load balancer: could not find any suitable subnets for creating the ELB17/02/2021
Read more... -
terraform: AWS provider - missing region
1 min read
We might face the following error when trying to apply terraform:
$ terraform plan Acquiring state lock. This may take a few moments... Error: Missing required argument The argument "region" is required, but was not set. Releasing state lock. This may take a few moments...16/02/2021
Read more... -
terraform: use replace() function in a list
1 min read
To be able to replace substring in terraform we have the replace() function, but this function can only be applied to a string, not a list of strings. How do we replace, for example, the http for https in the following list of strings?
input = [ "http://systemadmin.es", "http://pet2cattle.com" ]15/02/2021
Read more...