KubeSail/community

Robert Schneider

@robertaramar

in the log. Is this due to the usw1 issue described above? Will that go away, eventually?

Carl J. Mosca

@carljmosca

I just started playing with kubesail and I have a very simple app running - not using any persistent volumes yet but it seems to be running OK on usw1

Giovanni Battista Lenoci

@gianiaz

Hi, I've successfuly deployed 2 containers in one pod (php/nginx), images are pulled from gitlab registry using authentication.
Now in another deployment I want to deploy a standard mysql image from dockerhub.
I've used the same syntax without the imagePullSecret node, but I always get: "Error from server (BadRequest): container "mysql" in pod "mysql-6989b4d5d5-w6254" is waiting to start: ContainerCreating".

Here's my deployment file, I'm doing something wrong? (I'm pretty new to k8s).

apiVersion: apps/v1
kind: Deployment
metadata:
  name: mysql
  labels:
    app: mvsa
    tier: mysql
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mvsa
      tier: mysql
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: mvsa
        tier: mysql
    spec:
      volumes:
        - name: pvc-mvsa-db
          persistentVolumeClaim:
            claimName: pvc-mvsa-db
      containers:
        - name: mysql
          image: mysql:8.0.18-2
          ports:
            - containerPort: 3306
          volumeMounts:
            - mountPath: /var/lib/mysql
              name: pvc-mvsa-db
          resources:
            requests:
              memory: "32M"
              cpu: "4m"
            limits:
              memory: "64M"
              cpu: "4m"
        env:
          - name: MYSQL_ROOT_PASSWORD
            valueFrom:
              secretKeyRef:
                name: mvsa-mysql-secret
                key: mysql_root_password
          - name: MYSQL_USER
            valueFrom:
              secretKeyRef:
                name: mvsa-mysql-secret
                key: mysql_user
          - name: MYSQL_PASSWORD
            valueFrom:
              secretKeyRef:
                name: mvsa-mysql-secret
                key: mysql_password

Giovanni Battista Lenoci

@gianiaz

in the deployment file above there's an error on mysql image tag, but I've tried also with: mysql:8.0.18

Petr Ivanov

@ivanovpetr

Hello! Is it possible to integrate kubesail k8s cluster with my gitlab repo?

Giovanni Battista Lenoci

@gianiaz

@erulabs neither following this guide and copy and pasting the deployment file in the examples:
https://kubesail.com/blog/wordpress-mysql-on-kubernetes

Seandon Mooy

@erulabs

Hello everyone! Sorry for the lack of replies, our team has been traveling all over the place for the Holidays! I'll try to respond to all the posts here asap! Thanks for your patience and happy new years everyone!

Jan Kühle

@frigus02

Hi. Are there plans to open up permissions to pods.metrics.k8s.io? It would be quite useful to see resource usage of pods and containers with kubectl top pod.

Lev Kuznetsov

@lev-kuznetsov

Why is ingress.kubernetes.io/enable-cors: "true" annotation not allowed? Is there an alternative of some sort?

Seandon Mooy

@erulabs

Hi @frigus02 - we're working on that! We hope to have metrics exposed and accessible both by kubectl as well as with a few visualizations on the UI. Unfortunately, in testing, it's quite easy for a malicious user to bring the metrics service to a screeching halt with a few well crafted requests... We're hoping to have this sorted soon!

Jan Kühle

@frigus02

Thanks for the update. Looking forward to it :-)

Tim Barton

@Orbittman

I'm getting a load of (Forbidden) errors trying to add and manipulate resourses in my namespace at the moment ...

I'm not sure that anything has changed this end

I've changed the config to use the the one under my account verbatim just to be sure too

Dan Pastusek

@pastudan

@Orbittman is this while manipulating configs on the website, or thru kubectl CLI?

I don't see any resources in your namespace currently

Dan Pastusek

@pastudan

Hey all - the latest update we rolled out created the ability to share access to your namespace with multiple users. This also caused existing users to have read-only access in their own namespaces for the last 24 hours. This is now resolved, and I'm terribly sorry for the downtime. Thanks for the heads up @Orbittman!

Tim Barton

@Orbittman

Thanks, I manually removed them from the UI rather than YAML but I see the problem now. I'll try again.

Lev Kuznetsov

@lev-kuznetsov

I'm having trouble listing secrets via kubectl:

levk$ kubectl get secret
Error from server (Forbidden): secrets is forbidden: User "system:serviceaccount:lev-kuznetsov:default" cannot list resource "secrets" in API group "" in the namespace "lev-kuznetsov"

or pods for that matter

Cory Simpson

@lunosnyper_gitlab

I guess everyone is getting (Forbidden) when trying to do any commands from kubectl? or did i mess something up...

OOO sorry nvm, recopied my config file....

Cory Simpson

@lunosnyper_gitlab

When trying to expose my deployment via tcp i get an error

Error creating ingress - networkpolicies.networking.k8s.io is forbidden: User "system:serviceaccount:luno89:luno89-user" cannot create resource "networkpolicies" in API group "networking.k8s.io" in the namespace "luno89"

is that suppose to happen? thanks for everyone's patience

Seandon Mooy

@erulabs

Hey everyone! We’re hard at work fixing those of you who are getting Forbidden errors on the web UI - hang tight and we’ll get it sorted ASAP - thanks for your patience!

Seandon Mooy

@erulabs

Hey @lev-kuznetsov - that access issue should be resolved now! Listing resources should now work properly - but you might want to update your kubeconfig at https://kubesail.com/config at some point. We made a change to the way those configurations are generated. Thanks for your patience!

@lunosnyper_gitlab Your issue should also be resolved - exposing services via the webUI should work without a hitch now. Please let us know if you have any other issues or if we can do anything else to help! Thanks so much for reporting the issue!

Anton Dovbiy

@aDovbiy

Hi all! In my account "aDovbiy usw1.kubesail.com" Nothing works (((

Dan Pastusek

@pastudan

Hey @aDovbiy, we had a brief issue yesterday with registration for uppercase usernames. I just rolled out a fix and you should have access now.

Sorry about that!

Robert Schneider

@robertaramar

Hi, I am facing this

user@host:~$ kubectl port-forward <my-pod-name> 8080
error: error upgrading connection: pods "<my-pod-name>" is forbidden: User "system:serviceaccount:robertaramar:robertaramar-user" cannot create resource "pods/portforward" in API group "" in the namespace "robertaramar"

I have retrieved the current config of today.

Robert Schneider

@robertaramar

Is this an unsupported function? Can others port-forward into their pods?

Robert Schneider

@robertaramar

Nobody?

James Dibble

@dibble-james

I also can't port forward if that helps, from either a pod or a service

Seandon Mooy

@erulabs

Hey everyone, portforwarding is unfortunately not supported on shared tier clusters currently. This is a highly requested feature and we're looking forward to adding it soon! Sorry :(

Илья Каратаев

@ilkarvet89_gitlab

Hi please help me, what ingress you use nginx ingres ?Can i use tcp exposing?

Robert Schneider

@robertaramar

Thanks for clearing that up @erulabs

Niels Hofmans

@hazcod

Hi, i'm missing some documentation about the platform. Am I being blind?

e.g. using the git repos to deploy

imerkle

@imerkle

I'm using gitlab autodevops.
i need KUBE_INGRESS_BASE_DOMAIN but i cant install Helm Tiller

 In order to deploy or use Review Apps,
KUBE_INGRESS_BASE_DOMAIN variables must be set

Lev Kuznetsov

@lev-kuznetsov

@imerkle I'm not a dev here but I doubt you'll be able to install tiller, you only have access to your namespace. You can use helm3 though, it's fully client side and does not install tiller. I am using helm3 on KubeSail without issue

Cory Simpson

@lunosnyper_gitlab

Not sure if its just me, but....

If I make a deployment and it fails to pull the image or some other fail
I edit the yaml via the web-app so that its fixed
I now appear to have a ghost deployment that trys to bring up a pod but doesn't show up in the web-app or via kubectl get deployments

I'm guessing the web-app does some cool stuff to make another deployment but appears to not clean up the old deployment all the way? not sure.

I deleted the deployment via kubectl and created it again and everything was fine afterwards but kinda weird

thanks for looking :)

Tim Barton

@Orbittman

I'm trying to push some helm charts from a GitHub action. I can echo the kube config to a local file on the agent and push this to helm with --kubeconfig [path] (this took a few attempts to get it to read the right file). Now it does however I get the following:
Error: pods is forbidden: User "system:serviceaccount::-user" cannot list resource "pods" in API group "" in the namespace "kube-system"
Is there a way to debug this so it there a simple solution?

Tim Barton

@Orbittman

Error: pods is forbidden: User "system:serviceaccount:xxx:xxx-user" cannot list resource "pods" in API group "" in the namespace "kube-system"

Tim Barton

@Orbittman

I can run helm directly locally and it seems OK

Juan Carlos Mejías Rodríguez

@greenled

Hi! Can I connect GitLab to KubeSail (deploymet, monitoring, etc..)? If yes, how?

Oleg A. Arkhangelsky

@oleg-umnik

Hello! Does anyone see problems creating PVC? Looks like the resource stuck in Pending state. :(

Seandon Mooy

@erulabs

Hey Oleg - we will look into this! Possibly you’ve requested more than the free-tier limit of storage?

Seandon Mooy

@erulabs

Hello - I apologize for the delay, but there was a small storage issue on a small subnet of nodes on our USW1 cluster. That has been resolved - hopefully the PVC now goes active! Thanks for your patience - we'll write up a blog article about this in the future and how we're going to prevent it going forward!

Where communities thrive

People

Repo info

Activity