Category : google-kubernetes-engine

How to push my app (using python-flask + redis) to gcr.io and deploy to google kubernetes (by yaml file)? And I want to set env variable for my app import os import redis from flask import Flask from flask import request, redirect, render_template, url_for from flask import Response app = Flask(__name__) redis_host = os.environ[‘REDIS_HOST’] app.redis ..

Read more

I’m using these docs to set up a github workflow to automatically update some docker images upon creating a release: https://docs.github.com/en/actions/guides/deploying-to-google-kubernetes-engine Now I have a service account that I used many times to push to GCR from my laptop, and it has the required permissions (storage object admin). Yet, at the publish step, I get ..

Read more

I generated a CA certificate, then issued a certificate based on it for a private registry, that located in the same GKE cluster. Put the server certificates to the private registry and the CA certificate to all GKE nodes and run: update-ca-certificates && systemctl restart docker Images are building and putting into the private registry ..

Read more

I have a cluster on GKE currently on version v1.19.9-gke.1400. Accordingly do kubernetes release notes, on 1.20 dockershim will be deprecated. My cluster is configured to auto-upgrades and in one specific application I use docker socket mapped to the application, where I run direct containers through their API. My question: In a hypothetical upgrade of ..

Read more

I am trying to implement flask-healthz (https://pypi.org/project/flask-healthz/) for my python application to get return on liveness and rediness probes. But somehow it doesn’t work for me. Below is my code snippet : from flask import Flask from flask_healthz import healthz from flask_healthz import HealthError def printok(): print("Everything is fine") app = Flask(__name__) app.register_blueprint(healthz, url_prefix="/healthz") def ..

Read more

I have a private docker registry in a google cloud k8s cluster that could be accessed only by IP. What I’ve tried to do: Wrote script to generate self-signed certificate. Use generated self-signed client key and certificate on the docker registry side. Put CA certificate on each k8s node to /etc/ssl/certs/registry-proxy-ca.pem and run systemctl restart ..

Read more