Kubernetes

cross-posted from: https://feddit.nl/post/45839000

Automated changelog generation

When publishing a package for use by programmers, automated changelog generation is very beneficial. In this blog post, I explore how to do it in a simple way that works everywhere.

First post on my personal blog!

A few of our users occasionally spin up pods that do a lot of number crunching. The front end is a web app that queries the pod and waits for a response.

Some of these queries exceed the default 30s timeout for the pod ingress. So, I added an annotation to the pod ingress to increase the timeout to 60s. Users still report occasional timeouts.

I asked how long they need the timeout to be. They requested 1 hour.

This seems excessive. My gut feeling is this will cause problems. However, I don't know enough about ingress timeouts to know what will break. So, what is the worst case scenario of 3-10 pods having 1 hour ingress timeouts?

cross-posted from: https://lemmy.world/post/33078972

I recently completed a project that involved a lot of deep diving into some newer k8s-related tools. I'd like to document my findings so that they may help others, but I don't know where to put them. Years ago, Medium seemed like an option, but it sucks now with all the monetization. Substack supports nazis, so not there either. Where do I post?

cross-posted from: https://lemmy.world/post/32033583

Direct link to a text article about the situation

Yesterday we had the first Headlamp release after we joined the @kubernetes SIG UI!
It's also probably the version with the most changes ever, so it's impossible to summarize all the great things in one message here! Instead, check it all out at:
https://github.com/kubernetes-sigs/headlamp/releases/tag/v0.31.0

Older article (2019), but it introduced me to some things I didn't know. Like I didn't know that cockpit could manage Kubernetes.

🎉 New CrowdSec Academy course just landed!

Ready to secure your @kubernetes cluster with real-time protection?

Learn how to:
🚀 Deploy CrowdSec in K8s
🔐 Enable TLS
🛡️ Set up a powerful WAF
📈 Monitor audit logs

Start learning now 👉 https://academy.crowdsec.net/course/deploying-crowdsec-in-kubernetes
#CrowdSec #Kubernetes #OpenSource #CyberSecurity #DevSecOps #FOSS @K8sArchitect

[EDIT (solved)]: Turns out, cilium did not remove its network links, and somehow kept updating to my current CIDIR leading to a duplicate, removing the links worked.

I keep on getting issues with CNI and networking.. I just want my cluster to work.. anyways

Apr 28 17:14:30 raspberrypi k3s[2373903]: time="2025-04-28T17:14:30+12:00" level=error msg="flannel exited: failed to register flannel network: failed to configure interface flannel.1: failed to set interface flannel.1 to UP state: address already in use"

How do i see what is using flannel Here is my server arguments:

ExecStart=/usr/local/bin/k3s \
    server \
        --kubelet-arg=allowed-unsafe-sysctls=net.core.rmem_max,net.core.wmem_max,net.ipv4.ip_forward \
        --flannel-backend vxlan \
        --disable=traefik \
        --write-kubeconfig-mode 644

So I am using the default flannel backend, I tried repeatedly uninstalling then re-installing k3s, I deleted the current flannel interface with ip link, there is no other k3s instance is running, so why am I getting this issue?

external/com_github_google_tcmalloc/tcmalloc/system-alloc.cc:625] MmapAligned() failed - unable to allocate with tag (hint, size, alignment) - is something limiting address placement? 0x177840000000 1073741824 1073741824 @ 0x555b5fccc4 0x555b5f90e0 0x555b5f89a0 0x555b5d81d0 0x555b5f6694 0x555b5f6468 0x555b5cd988 0x555b4e3c84 0x555b4e09a0 0x7fb3918614
external/com_github_google_tcmalloc/tcmalloc/arena.cc:58] FATAL ERROR: Out of memory trying to allocate internal tcmalloc data (bytes, object-size); is something preventing mmap from succeeding (sandbox, VSS limitations)? 131072 632 @ 0x555b5fd034 0x555b5d8260 0x555b5f6694 0x555b5f6468 0x555b5cd988 0x555b4e3c84 0x555b4e09a0 0x7fb3918614
spiderunderurbed@raspberrypi:~/k8s $ 

Does anyone know how to fix the memory issue with cilium? or could link me to the docs or any issues about this. I just followed the instructions to install cilium, most stuff is up, I think tje daemon set is down? more specifically this pod cilium-envoy-chzf8 is in a crashloop of this memory issue, I have 3gbs+ of RAM avalible, but I dont think cilium would take up the rest of my memory nor does it look like size is a issue, here is a example:

               total        used        free      shared  buff/cache   available
Mem:           7.6Gi       4.0Gi       374Mi       197Mi       3.7Gi       3.7Gi
Swap:          511Mi       188Mi       323Mi
spiderunderurbed@raspberrypi:~/k8s $ 

Cilium status: https://pastebin.com/yRRbcT6v

[EDIT] Soo.. kinda fixed? It was my backend, turns out, it forwards /nextcloud onto the nextcloud service, which does not know what to do with it unless I set something like site-url to include that path. So I made a middleware to strip the prefix, but now it cannot access any of its files because it will use the wrong path. I will look for siteurl settings but I dont think all of my services have one, so any advice would be appreciated for a general solution

So currently my raspberrypi is connected to my internet under the ip, 192.168.68.77, (I configured traefik to work with that host and alternative hosts if need be). According to traefik logs I think that it does not work because it is missing access to the api server, although i could be wrong, i installed traefik via helm, and I have a config file for it, and disabled the default traefik given by k3s. here is the traefik config and logs: config: https://pastebin.com/XYH2LKF9 logs: https://pastebin.com/sbjPZCXv pods and svcs (all): https://pastebin.com/4y8h5YUK

The ingress is exposed properly, I know because of the curl behavior, so traffic going to 192.168.68.77 is going to traefik, and trying any of the services I have exposed like /traefik or /nextcloud does not work (404 error):

***
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: nextcloud-route
  namespace: default
spec:
  entryPoints:
    - web
  routes:
    - match: (Host(`192.168.68.77`) && PathPrefix(`/nextcloud`)) || (Host(`192.168.1.22`) && PathPrefix(`/nextcloud`))
      kind: Rule
      middlewares:
        - name: general-middleware
      services:
        - name: nextcloud-service
          port: 80

Example of my routes

It was my backend, turns out, it forwards /nextcloud onto the nextcloud service, which does not know what to do with it unless I set something like site-url to include that path. So I made a middleware to strip the prefix, but now it cannot access any of its files because it will use the wrong path.

By this I mean, I have a powerdns server running in my cluster, I would like Kubernetes to add/update dns entries in my dns server to reflect all services or any domains that would be used within the cluster, this is to fix a current issue I am having, and for general control and centralization purposes.