I'm Xander, and I work on open source at Defense Unicorns.
- ๐ Pronouns: he/him/his
- ๐ซ How to reach me: @Xander on Kubernetes Slack
This project forked from kelseyhightower/kubernetes-the-hard-way
Bootstrap Kubernetes the hard way on Microsoft Azure. No scripts.
License: Apache License 2.0
I'm Xander, and I work on open source at Defense Unicorns.
Should be:
EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n controller-0 --output tsv | cut -f20)
After creating the SSH config file, I cannot SSH into the machine because of wrong permissions (working inside WSL in my case):
tomica@N1:~/.ssh$ ssh controller-0
Bad owner or permissions on /home/tomica/.ssh/config
Fix:
chmod 644 ~/.ssh/config
You can add a hint for less experienced users to not to verify the deployment or run az commands from anywhere but their "control" host (WSL in my case). Sometimes it's clear, sometimes it's not (chapter 8 - Verification and beyond).
Should be:
EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${INSTANCE_NAME} --output tsv | cut -f20)
It should be cut -f20 and cut -f17 (otherwise you'll get the wrong fields):
EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f20)
INTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f17)
Missing the EOF in The Controller Manager Client Certificate:
cat > kube-controller-manager-csr.json <<EOF
{
"CN": "system:kube-controller-manager",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "US",
"L": "Portland",
"O": "system:kube-controller-manager",
"OU": "Kubernetes The Hard Way",
"ST": "Oregon"
}
]
}
EOF
In the smoke test chapter, we expose an nginx service, and try to curl the node port on a worker node using
curl -I http://${EXTERNAL_IP}:${NODE_PORT}
This is failing for me still. I'm thinking it may be something with the security group rule as I'm getting a connection refused
.
Any help troubleshooting this would be appreciated!
There is an error in the line where you're cutting out the instance's public IP address:
az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19
Should be:
az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f20
Since the Azure CLI can't SSH to nodes without a public IP like the Google Cloud CLI, this tutorial contains a lot of lines like this:
EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n controller-0 --output tsv | cut -f19)
ssh azureuser@${EXTERNAL_IP}
Let's add a step to build an SSH config so that all the following steps become more like:
ssh azureuser@worker-0
The default limit of vCPUs in a region is 10. This chapter requires 12 to be created. This causes the creation of worker-2
to fail.
If the user submits the request to create this worker within the iterated series. The request will fail silently. If the user submits the request to create the worker independently, they will receive the following error:
Azure Error: InvalidTemplateDeployment
Message: The template deployment 'vm_deploy_5rAXEbqdNbfTEgfZ0S4u5i6R2SMKCvJO' is not valid according to the validation procedure. The tracking id is 'XXXXXXXXXXXXXXXXXXXX'. See inner errors for details. Please see https://aka.ms/arm-deploy for usage details.
Exception Details:
Error Code: QuotaExceeded
Message: Operation results in exceeding quota limits of Core. Maximum allowed: 10, Current in use: 10, Additional requested: 2. Please read more about quota increase at https://aka.ms/ProdportalCRP/?#create/Microsoft.Support/Parameters/{"subId":"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX","pesId":"XXXXX","supportTopicId":"32447243"}.
Increasing the limit is not exceptionally difficult, but does require submitting a support ticket and knowing how to interpret the error above correctly. It may be helpful to have a note in the section on creating workers that describes this potential issue and how to fix it.
Should be (EOF should be pulled out, in the same column with "done"; if not, shell waits for additional input):
for instance in controller-0 controller-1 controller-2 worker-0 worker-1 worker-2; do
EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f20)
cat <<EOF | tee -a ~/.ssh/config
Host ${instance}
User azureuser
HostName ${EXTERNAL_IP}
IdentityFile ~/.ssh/id_rsa
ServerAliveInterval 120
EOF
done
If we want to be consistent, OU should be the same on every certificate:
"OU": "Kubernetes The Hard Way"
Should be:
EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n worker-0 --output tsv | cut -f20)
At the end of chapter 12 when we run:
kubectl exec -ti $POD_NAME -- nslookup kubernetes
The IP address resolves, but not name 'kubernetes'
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.