We have to update env variable value in the DaemonSet spec which is already deployed on k8s control plane.
Unfortunately we have no access to kubectl and only can use golang..
Perhaps we have to use https://github.com/kubernetes/client-go?
Related
I want to deploy NextCloud on Azure Container Instances. I was able to set up the container group using Azure CLI like this:
az container create
--resource-group NextCloud
--name nextcloudcontainer
--image nextcloud
--dns-name-label somelabel
--ports 80 443
--azure-file-volume-account-name myaccountname
--azure-file-volume-account-key myaccountkey
--azure-file-volume-share-name nextcloudfs
--azure-file-volume-mount-path /var/lib/nextcloud/
--os-type Linux
--cpu 1
--memory 2
--location germanywestcentral
--restart-policy OnFailure
Problem is, that the drive /var/lib/nextcloud/ is mounted with permissions 777, but for nextcloud I require 770. This cannot be changed with chmod afterwards, but only at deployment time. How could this be achieved?
I saw this post, but I do not understand, how this could be done as with restart of the container, I would have to do this manually every time.
There is a way to change permission in Azure Files at mount time with mount param filemode and dirmode. However in ACI, we don't have that flexibility in ACI to change the param. We are aware of this request and working on it.
I have defined an environment variable for a container from a Configmap, But I want to apply changes automatically when changing the variable value in the ConfigMap.
Maybe we can target an environment variable in volume path !?
In the following lines I'll try to exhibit an idea (It can be considered as solution, at least for the moment), it consist of mounting the configmap values as Volume,
spec:
containers:
- name
...
volumeMounts:
- name: config-volume
mountPath: /etc/config #just an example
volumes:
- name: config-volume
configMap:
name : <name-of-configmap>
items:
- key: <key-in-onfigmap>
path: keys
As result we will get the value of our configMap Key inside a volume file (/etc/config/keys) we can ensure by executing theses commands
kubectl exec -it <name-of-pod> sh #to get a shell to the running container/pod
cat /etc/config/keys #
Note : there a delay time from the moment when the ConfigMap is updated to the moment when keys are projected to the pod (it can be as long as kubelet ConfigMap sync period + ttl of ConfigMap cache in kubelet )
Take a look to this to make it more clear, Best regards
Propagation of config map changes has been discussed for a long time and still not implemented: https://github.com/kubernetes/kubernetes/issues/22368
I suggest using helm upgrade process (or similar) to just rollout the same version of an app with the new settings. In this way you have additional controls: you can do a rolling update, you can rollback, you can do canary and so on.
I have a single master, multinode kubernetes going. It works great. However I want to allow kubectl commands to be run from outside the master server. How do I run kubectl get node from my laptop for example?
If I install kubectl on my laptop I get the following error:
error: client-key-data or client-key must be specified for kubernetes-admin to use the clientCert authentication method
How do I go about this. I have read through the kubernetes authorisation documentation but I must say it's a bit greek to me. I am running version 1.10.2.
Thank you.
To extend #sfgroups answer:
Configurations of all Kubernetes clusters you are managing
are stored in $HOME/.kube/config file. If you have that file on the master node,
the easy way is to copy it to $HOME/.kube/config file on a local machine.
You can choose other places, and then specify the location by environment value KUBECONFIG:
export KUBECONFIG=/etc/kubernetes/config
or use --kubeconfig command line parameter instead.
Cloud providers often give you a possibility to download config to local machine from the
web interface or by the cloud management command.
For GCP:
gcloud container clusters get-credentials NAME [--region=REGION | --zone=ZONE, -z ZONE] [GCLOUD_WIDE_FLAG …]
For Azure:
az login -u yourazureaccount -p yourpassword
az acs kubernetes get-credentials --resource-group=<cluster-resource-group> --name=<cluster-name>
If the cluster was created using Kops utility, you could get the config file by:
kops export kubeconfig ${CLUSTER_NAME}
From your master copy /root/.kube directory to your laptop C:\Users\.kube location.
kubectl will pickup the certificate from config file automatically.
I have server with debian operating system. I installed docker on it and it works fine, as you can see as follow:
root#3053b0461a3c:/# which wget
/usr/bin/wget
root#3053b0461a3c:/#
An ubuntu based container is running.
Then I started a second terminal, connect via ssh to server and type in console
docker ps
But as output I've got the message:
Cannot connect to the Docker daemon. Is the docker daemon running on this host?
Why the docker service is not running?
Unset the environment variable DOCKER_HOST and it should work.
https://github.com/docker/docker/blob/eff810aed688879f67a3730c41d9adce4637470f/docs/installation/ubuntulinux.md
Try unset DOCKER_HOST
In most unix-based (or -like) environments that I've seen there is the concept of environment variables, which can be considered as dynamic configuration. The 2 functions available are:
set which sets to an environment variable a special value
unset which removes an environment variable.
On the case of DOCKER_HOST, docker uses this variable to know whether it should attach to a network host, e.g. tcp://192.137.23.11 or to a local Unix socket.
A manual workaround has been provided for this issue in:
Could not open a connection to your authentication agent
However why is ssh-agent not setting the correct environmental variables? and how can they be set permanently?