Відео

@@ricardocosta9336 thank you. Much appreciated but don't worry. I am making this series to document my journey and hope it helps someone.

Hi @rhmanjahdaa212. you are absolutely correct. I should have separated some of the functionality and have separate instances for certain tools. I didn't go there as my server can only handle so many VMs and I ran a bit short on resources. I am going to create another video on the architecture in the future in which I will highlight separating some of these tools. I appreciate you pointing this option out. Thank you.

Thanks for your feedback. Glad you liked the video.

😂 Thank you. Much appreciated. I'll keep going 🤘

Thanks so much for your kind comment @prashlovessamosa.

Hi @shamstabrez2986. Thanks for your comment. Your suggestion is great and challenging at the same time considering the infinite use cases of a production based architecture. Is it a cluster which will offer kubernetes services to other customers or a cluster within a company which will run services for that organization exclusively? These two cases have very different setups and the microservices that will be run on these clusters. However, they also have some commonalities which I can highlight. Please don't expect such a series any time soon though as the topics are quite complex and will require in-depth research to make sure the topic gets treated with the diligence it deserves.

@@ILoveOpenSourceSoftware I know the things I asked to u is tough that's y I was asking to an expert like u take your time man no worrie at all actually I want to become a kubernetes architect I want to learn and know the stuffs how all the components work together like message queues etc inside kubernetes I hope u r getting my points

@@shamstabrez2986 Thanks for the trust you put in me. However, as much as I appreciate that, if you are looking to become a k8s architect, please review sites such as the official kubernetes documentation (kubernetes.io), the Linux Foundation (www.linuxfoundation.org/) or the Cloud Native Computing Foundation (www.cncf.io/) to get more information on a possible career path you highlighted in your previous comment. The Cloud Native Computing Foundation has a few trainings and certifications, which, if you review their study guides, can give you a good indication what information you need in that journey. As much as I appreciate the trust you put in me, I am just a hobbyist. I will take a look into your suggestion but cannot and should not be your sole source.

Hi @rachelwooddk2485, thank you for your comment. Much appreciated. I will take another look at the video and if I find the discrepancies you mention I will put the fixed/changes in the description. Also, if there are commands I usually put these in the descriptions. Whatever I missed, I will add. Sorry for these inconveniences.

Thank you for your kind feedback. I very much appreciate it.

Hi @dannydenovi29, thanks for your comment. I have not thought about that yet but your suggestion sounds interesting. What would you want to see in such a video? I could create a video with whatever I could think of but please let me know what makes sense for you. I don't want to create something for the sake of creating it. I want the content to make sense and what might make sense for me might not for you. Please post some of your questions and ideas (the more the better) and I will see what I can do. Cannot guarantee a timeline though.

@@ILoveOpenSourceSoftware It could be useful for an automated high availability and scalability use cases or backup purposes 😉

Thank you for your comment

Hi @mogallapu_ram, thanks for your suggestion. That is a great idea. I have planned to establish this kind of backup myself. I already have a script that I am running on my VMs that creates a backup file of the different databases. I tried the script the other day and unfortunately some of the details I have to modify to make them work but I will look into that and as soon as I figured that process out I will make a video and post it here. No promises on the timeline, however. Sorry.

Hi @TopGizmo_net Thanks for your comment. I am not sure I know which file you are referring to. At minute 28 I am reviewing the certificate that I am creating for nextcloud. You are right, I have not shared that in my repo. I will add that file to the description of the video. But somehow I have the feeling that is not the file you are looking for. So I added the file nginx-deploy.yaml to my github repo here: github.com/darealShadow/k8s-nextcloud-root please have a look and let me know should these two files not be the ones you are looking for. I still have some work to do on the documentation side, i.e. updating my github repos and make sure everything is available there.

@@ILoveOpenSourceSoftware Good day. Thank you very much for your quick response. I messed up the timing of the video a little. The correct timing is 36:51. Yes, this is exactly this file. Today I’ll try to finish the installation (although I have a closed circuit, an internal domain and there is no way to issue an external certificate), but nevertheless I’ve almost reached the final stage with your excellent course. Thank you very much for your efforts!

​@@TopGizmo_net I am glad I could help.

@@TopGizmo_net I also believe that there is a solution for your certificate issue. Depending on the amount of clients you have you could create a self signed certificate. That itself won't solve your certificate warning but if you create your own certificate signing authority and install that root certificate on all your clients the warning, that the certificate is not valid, should disappear. That is a bit more work but with the basic cert-manage (my video [09.01]) should be sufficient to get you started. The only thing I do not explain in my series is the creation of the root certificate and how to use that root certificate in the creation of the ssl certificate itself. But there are plenty of instructions out there that should help you solve that issue.

@@ILoveOpenSourceSoftware Yes, we have our own CA and even have a separate nginx, with which we add domains and certificates for end users. But here's the real problem that I haven't been able to overcome yet: When installing nginx-deploy (from the file you recently added to your repository) I get the error: Warning: would violate PodSecurity "restricted:v1.24": allowPrivilegeEscalation != false (container "nginx" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "nginx" must set securityContext.capabilities.drop=["ALL"]), restricted volume types (volume "tz-edmonton" uses restricted volume type "hostPath"), runAsNonRoot != true (pod or container "nginx" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "nginx" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost") When I fulfill the podsecurity requirements, and the pod starts, I can’t get the necessary rights to the nginx folders... /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh 10-listen-on-ipv6-by-default.sh: info: can not modify /etc/nginx/conf.d/default.conf (read-only file system?) /docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh 20-envsubst-on-templates.sh: ERROR: /etc/nginx/templates exists, but /etc/nginx/conf.d is not writable /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh /docker-entrypoint.sh: Configuration complete; ready for start up 2024/03/22 12:52:14 [warn] 1#1: the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:1 nginx: [warn] the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:1 2024/03/22 12:52:14 [emerg] 1#1: mkdir() "/var/cache/nginx/client_temp" failed (13: Permission denied) nginx: [emerg] mkdir() "/var/cache/nginx/client_temp" failed (13: Permission denied) Maybe you have encountered something similar in your scenarios?

Thank you so much for your feedback. Much appreciated.

Thank you @amitchettri_ac for your kind encouragement. I am preparing my next video right now. Please feel free to let me know what you would like to see. I cannot promise anything but who knows...

@@ILoveOpenSourceSoftware thanks for your response and willingness to share your knowledge How about if you can cover below 1. Kube-vip 2. Kubespray for HA cluster deployment with HA load balancer to access the same cluster. (Deployment in airgap if possible) 3. Running vm In k8s cluster using kube-virt

Hello, thanks for your comment. It is quite difficult to diagnose that issue. Most of the time I found that these pending states are a result of the external storage not being provisioned. Check the storage volume, that is created, is bound (kubectl get pvc -n <YOUR NAMESPACE HERE>). Check the external storage section in the values file for the database cluster. That should start somewhere around line 602 and ensure your configuration matches your cluster setup. Especially your storage class name is something you should verify. If you created claims manually, the configuration is different from the video and needs adjusting. Sorry I can't be more specific but diagnosing a pending state is really difficult without having access to the cluster and reviewing the config file you used to implement your solution. I hope the suggestions help.

The answer is no. The installation I walk through in this video is on a blank cluster but you will need additional components such as external storage for persistence. The minimum requirements for this database setup are the cluster, the pod network, external storage (whichever one you want to use) and then the database. I have a lot more installed but from a "just getting the database to work" perspective these would be the components you would need. I hope that helps

You are absolutely correct. Thank you for pointing this part out. Unfortunately I can't replace the video but I hope people will see your comment. Thank you.

Great videos anyway 😄 You can update it in video description if someone is copying it from there

Thank you. I will do my best.

Thank you very much. That means a lot. I am glad you find my videos helpful.

Thank you very much for that feedback. I appreciate it.

Hi @BadSanta514 Thanks for your encouraging words. I am going to try my best. Let me know if you want to see something in particular. I am always open for inspiration and new ideas.

Thank you very much @gsilos. Your kind words are very much appreciated.

Thank you for your comment. I hope I can share some of what I learned. However, I do not consider myself a pro.