Table of contents

kubernetes

%3 cluster_6d82b501_ab92_4404_8a71_2b55a90eb814 kubernetes cluster_c5af3adb_8f72_4c81_a3c6_530e6bb3b146 Known errors cluster_5e549d3a_82f8_4642_8d83_912dab38c1d3 Certificate expired cluster_b98a95d3_7c09_41c5_a5a4_8da01ef2deb9 To-Check cluster_037dbd42_cb4c_474d_bb87_4fa19cb61293 [0/3] Articles cluster_bde950cd_d5d4_4612_b4f3_c9dc7b9e34d1 Scaling cluster_b8fefdab_b3bc_47fd_a855_b70ff89b2ff7 GUIs cluster_d84effc4_15d9_402f_8888_a5cae524fce0 Building cluster_59033c2a_807e_49c5_a843_e2bdedb5e295 Docker images cluster_7047a21b_3b0b_429e_a7b3_24470d08d347 Local/dev clusters _e40e7e86_9f53_4cad_b9b0_569b8795e10a Solution _f85d3604_5fd5_4e1a_869c_e80b23c1eba0 Thanos _cd0f58ec_9247_4ad6_af6f_7ce109613aa8 Sugarkube _132b3214_6ebc_417c_8bc2_f2b126190df4 https://min.io/ _c2e42952_e89f_4628_b289_7d2648b8c6c2 10 most common mistakes using Kubernetes _312a1597_908b_44a4_affd_053193e23472 What happens when, Kubernetes edition _c0c15f82_5deb_4a35_a28d_d5b66c4e0791 Kubernetes at home with K3s _1040ed1e_0ee8_4faa_806d_b69f5b4b3a9f KEDA _cb763f71_7d52_4f1c_ac3b_5846354e8910 Osiris _c870f812_534c_4065_94e9_d3a2486ca7e1 K9s _c524d203_208e_4819_85d2_b9cd026bc139 Lens _239d3ed4_3fb1_47a7_907c_6c60c99fc9cc Buildpacks.io _45030c17_6deb_4398_9e2a_1967cb98f42c Kind - run local Kubernetes clusters using Docker _c51c159a_46e7_4661_b90f_d8b40eac5b80 k3s _eecdd31e_a36b_4aed_a920_83dc0073f0d1 Minikube _c059d17c_c673_471d_b653_372e0e62750b Function As A Service _c059d17c_c673_471d_b653_372e0e62750b->__0:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814 _6ea2e2dd_ada3_4160_a8d9_1de36e6e72ea Kubescape _b934d7df_4c74_4760_bccd_8dd1f5f4c618 Kubernetes Hardening Guidance by NSA and CISA _6ea2e2dd_ada3_4160_a8d9_1de36e6e72ea->_b934d7df_4c74_4760_bccd_8dd1f5f4c618 _6ea2e2dd_ada3_4160_a8d9_1de36e6e72ea->__1:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814 _4103ec34_7647_4e3c_9685_9b962317a356 Supported K8s versions by a Kubespray version _fc33875d_2812_439f_b173_1c3eeff191bb Kubespray _4103ec34_7647_4e3c_9685_9b962317a356->_fc33875d_2812_439f_b173_1c3eeff191bb _4103ec34_7647_4e3c_9685_9b962317a356->__2:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814 _83d3ad14_b235_49d3_878c_41579a080876 Distributed systems _3acec1bd_2e1f_415a_a6c9_aab7d6ac3129 KUI _3acec1bd_2e1f_415a_a6c9_aab7d6ac3129->__3:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814 _fc33875d_2812_439f_b173_1c3eeff191bb->__4:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814 _14c127fb_0349_4e90_b3ac_4aae692f7d17 K8s Lens _14c127fb_0349_4e90_b3ac_4aae692f7d17->_3acec1bd_2e1f_415a_a6c9_aab7d6ac3129 _14c127fb_0349_4e90_b3ac_4aae692f7d17->__5:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814 _e3d8099f_d055_417e_b7b4_ead50cb8449a Docker _8105c033_1b8f_418a_94e8_5f00211c4275 Update kubernetes _8105c033_1b8f_418a_94e8_5f00211c4275->_4103ec34_7647_4e3c_9685_9b962317a356 _8105c033_1b8f_418a_94e8_5f00211c4275->_fc33875d_2812_439f_b173_1c3eeff191bb _8105c033_1b8f_418a_94e8_5f00211c4275->__6:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814 _50f219c0_e979_4ff3_82cd_421b0d0890c0 Vitess _50f219c0_e979_4ff3_82cd_421b0d0890c0->__7:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814 _b934d7df_4c74_4760_bccd_8dd1f5f4c618->__8:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814 _9a947501_cbf3_485d_b6fd_5db4eea76aca Conquering Kubernetes with Emacs _9a947501_cbf3_485d_b6fd_5db4eea76aca->__9:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814 _91381b20_4c60_4e44_b6fa_a7e2ad03b6e7 Fix Kubernetes bootstrapping _91381b20_4c60_4e44_b6fa_a7e2ad03b6e7->__10:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814 __0:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814->_c059d17c_c673_471d_b653_372e0e62750b __11:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814->_83d3ad14_b235_49d3_878c_41579a080876 __12:cluster_6d82b501_ab92_4404_8a71_2b55a90eb814->_e3d8099f_d055_417e_b7b4_ead50cb8449a

Building

Docker images

Buildpacks.io

Scaling

KEDA

Osiris

To-Check

TODO

Thanos

TODO

Sugarkube

  • Ephemeral Kubernetes Clusters

Known errors

Certificate expired

  • When launching kubectl an error like this is found

Unable to connect to the server: x509: certificate has expired or is not yet valid

DONE

Solution

incomplete

IMPORTANT: This is a compendium of notes during my own troubleshooting. Both of the two times I did this while taking notes there where additional issues, so consider this section a work in progress.

  • Connect to master node and check certificate expiration date. We can check this error if the current date is after the one marked "Not After".

openssl x509 -in /etc/kubernetes/pki/apiserver.crt -noout -text |grep ' Not '
#            Not Before: May  9 21:10:55 2019 GMT
#            Not After : May  8 21:10:55 2020 GMT

  • Run the renew command: kubeadm alpha certs renew apiserver. Note that apart from the APIserver other certificates can be renewed through this command (apiserver-etcd-client, apiserver-kubelet-client, etcd-healthcheck-client, etcd-peer, etcd-server, front-proxy-client, or simply all ).

kubeadm certs renew apiserver

  • We can then check if the certificate is now valid for more time. Note that the expiration date has been extended 1 year.

openssl x509 -in /etc/kubernetes/pki/apiserver.crt -noout -text |grep ' Not '
#            Not Before: May  9 21:10:55 2019 GMT
#            Not After : May 11 09:20:07 2021 GMT

  • Copy over the updated kubeconfig

cp /etc/kubernetes/admin.conf $HOME/.kube/config

GUIs

SOMETIME

K9s

software

SOMETIME

Lens