Questions tagged [google-kubernetes-engine]
Google Kubernetes Engine (formerly known as Container Engine) takes care of provisioning and maintaining the underlying virtual machine cluster, scaling your application, and operational logistics like logging, monitoring, and health management.
google-kubernetes-engine
6,996
questions
0
votes
0
answers
16
views
GKE - Unable to mount volumes for pod - Pods are always in Pending state
I'm using GEK cluster with worker node version "v1.28.9-gke.1000000" enabled with local-ssd storage.
I want to mount a path from my local ssh i.e /mnt/stateful_partition/kube-ephemeral-ssd/...
0
votes
0
answers
18
views
How to give request and limit under resources in yaml [closed]
We have 5 services running in GKE Standard cluster when i see pods history of 30 days
Here is the breakdown
Service 1
Memory --> limits = 11.4GB
Request = 5.7GB
Used = 1.2GB
...
0
votes
1
answer
17
views
Inside a gke cluster how do i delete a specific image
I have created a cluster in gke and then create few deployments specific to my application. My question is how do i delete an specific image that has been up there because even though i have set my ...
0
votes
1
answer
25
views
Crossplane, GCP, and compute.subnetworks.get
So I'm trying to use Crossplane with provider-family-gcp to create a GKE cluster.
apiVersion: container.gcp.upbound.io/v1beta1
kind: Cluster
metadata:
name: workload-cluster-yuan
spec:
forProvider:...
0
votes
0
answers
9
views
Airflow does not write logs to Cloud Storage
I'm working with Apache Airflow within GKE (Google Kubernetes Engine). I deployed using helm graphics.
Below is a portion of my custom settings YAML:
executor: KubernetesExecutor
airflow:
config:
...
0
votes
0
answers
30
views
seamless replacement of k8s cluster
I have a kubernetes cluster which needs to be replaced (not upgraded), and I'm trying to figure out how to do it as seamlessly as possible. In other situations I just destroy the old cluster and ...
0
votes
2
answers
32
views
GKE Autopilot Cluster: HPA shows 'unschedulable pod' and won't scale cluster resources
I have a Google Kubernetes Engine (GKE) cluster in Autopilot mode. However, when the Horizontal Pod Autoscaler (HPA) needs to scale, I receive a message indicating "unschedulable pod" and ...
- 459
0
votes
0
answers
22
views
Error: Could not load the default credentials. Browse to https://cloud.google.com/docs/authentication/getting-started for more information
An error in the title was output in an application running on Google Kubernetes Engine.
Specifically, an error occurs because the application does not have permission to access Cloud Storage.
...
- 1
0
votes
0
answers
17
views
GKE autoscaling doesn't scale due to quota issues (it says I used 250GB SSD when I used only 50GB), is there a way to force cleanup?
GKE autoscaling doesn't scale due to quota issues (it says I used 250GB SSD when I used only 50GB), is there a way to force cleanup?
gcloud compute disks list
NAME ...
- 185
0
votes
4
answers
36
views
How can I detect which hyperscaler is running my Kubernetes cluster?
I have to configure an application running on Kubernetes, and I do not have access to any hyperscaler-specific management infrastructure.
How can I figure out whether my cluster runs on one of the big ...
- 1,161
0
votes
1
answer
59
views
How can I reduce GKE cluster nodes to zero after work hours and start them up again when work hours start to save on cloud expenses?
I want my GKE cluster nodes to decrease to zero during non-business hours and increase again during business hours to save on cloud costs. I've set up a cloud function to handle this, which works for ...
- 315
0
votes
0
answers
34
views
How to solve 502 bad gateway in GKE cluster
I'm getting below error in GKE logging cluster on PROD ENV
I have 2 GKE cluster running in GCP
Dev Env Cluster
Prod Env Cluster
1 service is running in dev env same is security-test that has domain ...
- 75
0
votes
0
answers
14
views
Getting issue in Cockroach DB cluster
We have setup three node Cockroach-DB cluster(version: 22.2.14) on GKE kubernetes cluster on GCP using Helm. Helm chart version is 6.0.3. Suddenly, we’re getting below error on Cockroach-DB pod’s. ...
0
votes
0
answers
16
views
How can we mount storage buckets where the names of the buckets are following a pattern
Say, I have ten thousand buckets of same naming pattern and rest all other buckets with different names. How can I mount only those buckets who are in the same pattern ,using wild cards?
For Example:
...
-1
votes
0
answers
97
views
Trouble Connecting to MySQL on GKE After Upgrade to MySQL 9.0 Due to mysql_native_password Removal [closed]
I am using Google Kubernetes Engine (GKE) to deploy MySQL. Recently, I upgraded to mysql:latestimage, which now points to MySQL 9.0. Since MySQL 9.0 completely removed the mysql_native_password ...
- 133
0
votes
1
answer
49
views
Why is GKE using NodePort and not ClusterIP for `default-http-backend` in kube-system? [closed]
In a GKE cluster I provisioned kubectl get svc -n kube-system default-http-backend results:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
default-http-backend ...
- 162
0
votes
1
answer
63
views
SSL Verification Failing with "FailedNotVisible" on GKE Ingress
I am encountering an issue with SSL verification for my GKE ingress I want to host a scaled reverse proxy application. The SSL verification fails with the error FailedNotVisible.
Basically should the ...
0
votes
2
answers
52
views
How can I get the Kubernetes Gateway public IP in Terraform?
I'm deploying a Kubernetes Gateway in Google Kubernetes Engine. How can I get the external IP to expose it as an output?
resource "kubernetes_manifest" "gateway" {
manifest = {
...
- 25.4k
0
votes
0
answers
29
views
How to increase resource limits for ephemeral storage on GKE
We've got a few batch processing jobs running on GKE/Kubernetes that need anywhere between 30-250Gi of temporary disk space to execute. In order to make them work without (slow) PVCs, we've now added ...
- 1
0
votes
2
answers
60
views
How to Access GKE Private Master from VPN in Hub VPC with Peering
I am currently facing an issue with accessing the master of a private GKE cluster on Google Cloud Platform. Here’s the configuration I have:
terraform code:
resource "google_container_cluster&...
- 1,284
0
votes
1
answer
80
views
GKE gateway API: Control open ports on default firewall rule
I am working with GKE gateway API (gatewayClassName: gke-l7-rilb), which created a firewall rule opening a wide range of ports (tcp:0-65535). Although access to the ports is limited to the Google ...
- 151
0
votes
0
answers
14
views
Kubernetes Pod Status Not Syncing with Airflow Task Status
Airflow is deployed on GKE which is auto pilot k8s cluster. I'm experiencing an issue with Apache Airflow and Kubernetes where the status of the pods in Kubernetes is not being accurately reflected in ...
- 11
0
votes
1
answer
63
views
stop GKE worker nodes while ASG is turned off
I have created python script which basically turn off the autoscale of GKE cluster , then stop the underlying nodes in each MIG(Managed Instance Group) present zone wise. Now the problem is while ...
- 33
0
votes
1
answer
88
views
google-github-actions/get-gke-credentials failed with: required "container.clusters.get" permission(s)
The action is failing with the following error... "google-github-actions/get-gke-credentials failed with: required "container.clusters.get" permission(s)". I'm not using a service ...
- 1,681
0
votes
0
answers
44
views
Getting service acount credential in GKE
I have GKE cluster that uses a custom service-account. I'm using it to access Google API (Gmail API). But, when I use
final List<String> SCOPES = List.of(GmailScopes.GMAIL_READONLY);
...
- 1,002
0
votes
0
answers
22
views
Why can't I deploy a yaml file Kubernetes Google?
I'm trying to deploy my first application via Google Kubernetes. When I enter the command kubectl apply -f deploy.yaml I should get this:
deployment.apps/nginx-deployment created instead I get :
W0625 ...
0
votes
0
answers
30
views
GCP IAM Policy Error: 403 Policy Update Access Denied with Terraform and Fabric Fast
I'm working on a project where I'm using the Fabric Fast framework to deploy the GCP organization. Currently, I'm creating a GKE Cluster in a service project with a host network project.
I followed ...
0
votes
0
answers
62
views
GKE Website sometimes returning 502, sometimes working
I serve a frontend site with Go, and I deployed my service onto GKE using Docker. Sometimes the website loads "http://staging.crcl-app.com", "http://www.staging.crcl-app.com", and ...
0
votes
0
answers
31
views
Frontend not able to communicate with backend in GKE
enter image description here
I have to service frontend and backend , i created their docker file and push Google Artifact Registry , i deployed both the services in a GKE Cluster
Node Servide.yaml
...
0
votes
0
answers
18
views
Efficiently Managing Dynamic Jupyter Kernels in GKE with Python Backend
I'm working on setting up an environment where I can dynamically create Jupyter notebook kernels as separate pods within a Google Kubernetes Engine (GKE) cluster. Each pod needs to have customizable ...
0
votes
0
answers
34
views
How to Scale Spring Boot Application in GKE Based on Current HTTP Requests
I have deployed a Spring Boot JAR application in Google Kubernetes Engine (GKE). I need to scale it based on the number of HTTP requests. Here are my constraints and requirements:
Constraints:
I ...
6
votes
0
answers
47
views
Intermittent UnknownHostException in Kubernetes with Spring Boot Services
I'm experiencing an intermittent UnknownHostException in my Kubernetes cluster (GKE). The issue occurs with some microservices (built with Spring Boot 2.7.RELEASE using the eclipse-temurin:17-jre base ...
0
votes
0
answers
52
views
How to add virtual machines to a zonal neg or an unmanaged instance group
I'm currently trying to deploy a GCP network passthrough load balancer in front of a GKE autopilot cluster using terraform.
As per Google documentation https://cloud.google.com/load-balancing/docs/...
- 173
2
votes
0
answers
44
views
GKE Workload Identity: Failed to generate federated token using STS: googleapi: got HTTP response code 400
I am observing weird behaviour in applications deployed in our GKE Cluster enabled with workload identity.
Environment: GKE 1.29 Cluster version
Codebase: Java v17
Issue:
Once in a while applications ...
- 21
0
votes
1
answer
55
views
GCP - private GKE cluster and connection from another project
I have the following situation:
project A as hub-spoke
project B with workload, created a private GKE cluster with Internal endpoint in a private subnet
VPC peering is established between project A ...
- 3
0
votes
1
answer
78
views
Create autopilot GKE cluster unexpectedly creates new subnet
Good afternoon! Our team is trying to create a GKE autopilot cluster. For that we are using the below command:
gcloud container clusters create-auto my_cluster --enable-master-authorized-networks --...
0
votes
1
answer
52
views
What could be causing the namespace CPU quota request to exceed the sum of the pod CPU requests?
I'm facing a puzzling situation with resource usage in my Kubernetes namespace.
Namespace Quota:
Resource Used Hard
-------- ---- ----
count/pods 94 300
cpu 17800m 32
...
- 1,352
-1
votes
1
answer
36
views
GKE: Unable to get AWS credentials using STS assumeRoleWithWebIdentity
I'm having a service running on Google Kubernetes Engine and would like to access an AWS service using Workforce Identity Federation following this guide
I managed already to get the web Identity ...
- 171
-1
votes
1
answer
48
views
Collect GCP metrics for GKE Security Posture
I have enabled the GKE Security Posture and I have added one of my clusters.
I am now able to view both Workload Vulnerabilities and Configuration issues.
I then switch to Monitoring and try to create ...
- 18.5k
0
votes
1
answer
86
views
GCP Services (GCE, GKE, SQL) shown as "Networking" in Billing reports
This is how my billing report looks, grouped by Service:
In above period of time, I was using 4 services in my GCP project:
a GKE standard cluster
a GCE VM
an SQL postgresql instance
a temporary GKE ...
- 103
0
votes
1
answer
76
views
Network Endpoint missing for NEGs for an ExternalName service in GKE ingress
So i am trying to use ExternalName service to allow cross namespace application to use the ingress (Application in namespace1 using ingress in namespace2 via ExternalName service type). Here is my ...
- 151
0
votes
0
answers
35
views
Creating GKE clusters using Ansible - initial_node_count is ignored?
I am trying to use Ansible (with the google.cloud.gcp_container_cluster module) to create a GKE cluster, and I am encountering several issues. Mostly related to the very.... limited documentation ...
- 748
0
votes
1
answer
27
views
GKE meta data identity
I have a google kubernetes service running. I configured the deployment with a service account. This setup seems to work since I managed to connect to the google storage.
However I would also like to ...
- 171
0
votes
0
answers
48
views
GKE kubectl configuration issue
I have created a GKE cluster version 1.26.15 with 2 nodes. Cluster is created successfully and running.
But when i logged in one of the nodes i am unable to run any kubectl commands.
$ sudo kubectl ...
- 639
0
votes
2
answers
64
views
get-gke-credentials failed with: required "container.clusters.get" permission(s)
I'm trying to push my Docker images to GCP Artifact Registry and eventually deploy to GKE. Authenticating is going successfully, however, the 'get credentials' step keeps giving me this error:
Error: ...
- 143
0
votes
0
answers
22
views
Creating GKE clusters using ansible - kubectl_path usage?
I am trying to use Ansible (with the google.cloud.gcp_container_cluster module) to create a GKE cluster, and I am encountering several issues. Mostly related to the very.... let's call it "...
- 748
0
votes
1
answer
89
views
Ingress GKE keeps throwing 404
I am really looking for hours and hours. Running in GKE with Ingress GCE.
I keep getting a 404 with only on my .Net WebApi container
I have a .net core webapi running inside a container on port 8080 ...
- 236
0
votes
1
answer
35
views
GKE cluster - difference in resource request/limits seen in pod manifest VS on node
I've observed a "weird" behavior of the GKE cluster, it seems that resource requests/limits set in pod/deployment are not respected (or wrongly interpreted) by nodes
Any idea what may be the ...
- 159
0
votes
0
answers
59
views
Access GKE Private End Point secured with PSC from a PUPI address on an Autopilot Cluster
We are trying to configure a private GKE cluster, using PSC and autopilot, so that the control plane can be accessed from PUPI addresses (because we have to). The google documentation suggest it ...
0
votes
0
answers
13
views
Istio GKE ciphersuites
I want to add cipher suits for my istio gke setup. I have added the cipher suits in below pattern, but while testing it through ssllabs site, I cannot see the ciphers added.
Format:
- hosts:
- '...
