Comments (13)
This is now fixed by the merging of #172.
from acs-engine.
There's actually an example cluster definition that enables it: https://github.com/Azure/acs-engine/blob/master/examples/vnet/kubernetesvnet.json
However, I've not tested it and I've heard there might be a problem with it. If you want to give it a shot we can troubleshoot it if the cluster's not working at the end.
from acs-engine.
Thanks for the speedy response!
Your response made me go back and have another look - it works!
So the reason i'd given up so easily was going off the warning on this page. I got an error, complaining that the resource (VNET) couldn't be found, even thought the IDs were correct, even though looking at the IDs, they were correct.
For me the issue was that i was deploying the cluster in a different region to the original vnet - oops.
I'll issue a pull request with the updated doc in a bit.
I'll close this now, thanks for the help. Do you have a roadmap or a list of tasks that need implementing? Happy to contribute.
Thanks again
from acs-engine.
Can you please run some containers and make sure they start properly and let me know?
And docs PRs are hugely appreciated. We should get some sort of roadmap up for features we want to build. I'll make a note and try to add something soon.
from acs-engine.
Yeah sure, i'll double check and post back here. Reopening...
from acs-engine.
Yep, all seems to work.
I first deployed to one of our dev environments, which has a locked down vnet/subnets, that failed. I then created a temporary vnet to test this out with no custom NSG rules, all was good. :) Ran a few pods fine.
Would you guy be interested in http_proxy support? I may spend some time tomorrow looking at how to add proxy support here. Looking at the templates, some script actions are called, plus the docker config would need to include the proxy... Also depends how etcd cluster is initiated too, if that calls out to a registration service then that would need it too. I'll have a good dig in the morning.
Thanks again for your help
from acs-engine.
Is http_proxy
meaning something that docker
knows about to be able to pull
through a restrictive firewall?
I don't think we have any need for it, but I think it's something we would consider merging, depending on the size of the change, how much it would take to support it, etc.
In the current kubernetes configuration, there is a single master that has etcd running as a systemd unit.
from acs-engine.
+1000 for docs patches :-)
Twitter: @rgardler
From: Cole Mickens [email protected]
Sent: Tuesday, November 15, 2016 6:08:14 PM
To: Azure/acs-engine
Subject: Re: [Azure/acs-engine] Question: Kubernetes and a custom VNET (#99)
Can you please run some containers and make sure they start properly and let me know?
And docs PRs are hugely appreciated. We should get some sort of roadmap up for features we want to build. I'll make a note and try to add something soon.
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHubhttps://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FAzure%2Facs-engine%2Fissues%2F99%23issuecomment-260832524&data=02%7C01%7Cross.gardler%40microsoft.com%7Cac652325818d4f7391c208d40dc56d3f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636148588970668229&sdata=A3vFTvpv0xn9keV1xw0I0eZzTB412LGUYU1OnEXZby8%3D&reserved=0, or mute the threadhttps://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAAPRgDk9Wub8Ym-Dy0mIUcWK-w_lSi62ks5q-mWOgaJpZM4KzK0e&data=02%7C01%7Cross.gardler%40microsoft.com%7Cac652325818d4f7391c208d40dc56d3f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636148588970668229&sdata=SDc8KwoB88x46hESUd77ju7Iwi4LONCp5fTc7i8o%2F00%3D&reserved=0.
from acs-engine.
Yeah as in proxy support for clusters that have to run in locked down networks, the same way we run our cluster on premise today. I wouldn't be surprised if we aren't the only ones interested in that support.
Thanks for the etcd notes. I only asked since on premise we run an etcd instance on each master (3 node masters) which runs in containers managed by the kubelet, so docker on those nodes have the proxy set. I guess in this case it's not needed :) We do this as the hyperkube instances for controller-manager/api-server/scheduler also run in containers managed by the kubelet too. I'll have a dig around this cluster in the morning to see how it's currently configured.
from acs-engine.
Will make a PR for docs tomorrow. :)
from acs-engine.
Reopening this, I've had multiple reports that things aren't actually working right. Another person reported the same issue, the cluster might appear to be okay, but containers aren't actually getting scheduled. There was also an assertion that the route table wasn't getting updated as expected.
from acs-engine.
No worries, yeah so i had a strange issue whereby the agent VMs weren't
being created properly - complaining that the storage account didn't exist.
So i thought there may have been a dependson
statement missing from the
VMAS but that wasn't the issue. Still not sure what is casuing it but it's
intermittent. For the moment i'm putting it down to DNS updates in
repeatedly creating/destroying storage accounts. When the VMs are created
successfully it all seems to work fine for me.
I'll repeat the test in a new empty VNET in a different RG and report back
on what i see.
On Sat, Nov 19, 2016 at 1:38 AM, Cole Mickens [email protected]
wrote:
—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub
#99 (comment), or mute
the thread
https://github.com/notifications/unsubscribe-auth/AH0ngeHLLhQb216LUDYdgZKRM4FwngGPks5q_lMwgaJpZM4KzK0e
.
from acs-engine.
VNET support is being fixed in #172
from acs-engine.
Related Issues (20)
- Can't create services with internal load balancer - failed to ensure host in pool: "azure - ARM rate limited(read) for operation:NicGet" HOT 1
- NetworkPolicy azure won't use kubernetes network policies HOT 6
- New version of K8S required due to CVE-2018-1002105
- generateCmd doesn't support Kubernetes Orchestrator Version 1.11.5 HOT 3
- Is there a way to have both `kubenet` and `azure` network plugins behavior in the same cluster? HOT 1
- Cannot upgrade to the latest Kubernetes orchestrator using the latest acs-engine (0.26.0) HOT 4
- Day 2 operations increasing max pods, upgrading k8s version HOT 3
- X502Certificate2 fails HOT 1
- CustomScript "exit status=98"- ERR_APT_DAILY_TIMEOUT HOT 4
- ACS generated k8s Nodes showing up as NOT READY HOT 4
- Kubectl "unauthorized error" with kubernetes v1.9.2 HOT 3
- Wrong source IP in pod-to-pod communication (kubenet) HOT 2
- Latest release is missing the usual assets (v0.26.3) HOT 2
- Trying to install K8s ACS Private cluster with AKS Engine v.29 but keep on failing with errors# HOT 4
- l get node
- Met an issue when scale up my agent pool HOT 2
- docker-engine breaks acs-engine clusters prior to v0.25.0
- Azure Kubernetes VM node size change not reflecting in Azure Kubernetes Service
- How to update cluster certificate? HOT 3
- My pod is not able to identify the external services DNS HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from acs-engine.