What is the cause of the following error - "getting assigned identities for pod <namespace>/<pod_name> in CREATED state failed after 20 attempts, retry duration [5]s" , while connecting to IMDS endpoint from a pod in AKS.
I am trying to connect to Azure Key vault via user assigned managed identity from a pod of AKS. I have provided the necessary RBAC role to the identity. I have created Azure Identity and Azure Identity Binding. I have updated my deployment with…
The ClusterRoleBinding aks-cluster-admin-binding includes the User clusterUser as a subject
Hello On an RBAC & AzureRBAC enabled AKS cluster I have noticed that the cluster-admin ClusterRole is bound to two subjects through the aks-cluster-admin-binding ClusterRoleBinding: User/clusterAdmin User/clusterUser This is unexpected. As far as…
DNS label annotation doesn't work for service Ingress
The following annotation service.beta.kubernetes.io/azure-dns-label-name"="
How can I expose a TCP service using AKS Gateway Controller
Hello, I have an AKS cluster where I have successfully deployed the Azure Application Gateway controller. I have a GatewayClass for the "alb.networking.azure.io/alb-controller" However, when I want to create a Gateway resource to use this with…
Insufficient privileges to complete the operation when trying to create Service Principle
Hi, I'm trying to create a Service Principle to use Terraform to create and manage my AKS. I'm successfully logged in to Azure CLI and can list all the subscriptions and resources. My issue starts when I'm trying to use the next cli…
Azure Application Gateway websocket connections dropping after unrelated settings change
We have a AKS cluster behind a Application Gateway. In this cluster we have pods with a large number of websocket connections. The issue is that, when we changed a completely other setting in the Application Gateway (a new backend setting and updated a…
Unable to Create aks cluster on Azure stack HCI
Hello Team, We've encountered difficulties creating an AKS cluster on Azure Stack HCI. We've attempted deployment on multiple HCI clusters, but the same error persists: "The resource provision operation did not complete within the allowed timeout…
This cluster is in a failed state. If you didn't do an operation, AKS may resolve the provisioning status automatically if your cluster applications continue to run.
HI for the second time, when the subcription is reactivated because the credit has run out, I try to restart the AKS and the following error appears: This cluster is in a failed state. If you didn't do an operation, AKS may resolve the provisioning…
2024 years In AZ-104, about is Azure Kubernetes Service (AKS) still within the exam scope?
2024 years In AZ-104, about is Azure Kubernetes Service (AKS) still within the exam scope?
How to setup JNLP file containerized application?
How to set up a JNLP file containerized application? I said containerized app because I will be setting up many of these same apps for different users with different login credentials. Help me please.
AKS on VMware - aksarc unable to find vnet when creating cluster
When trying to create k8s cluster, aksarc is unable to find the vnet. +++++++++++++++++++++++++++++++++ az aksarc create -n 'k8svmware_rb03_cluster01' -g $resource_group --kubernetes-version "1.26.6" --custom-location $custom_location…
error fetching from postgres, err: x509: certificate signed by unknown authority
i have i virtual network where in 1 subnet my aks cluster is present and another subnet my private postgress flexible server is present. i am connecting my application from aks cluster to private postgress server through private network using…
What is equivalent command of "kubeadm certs check-expiration" for a Kubernetes cluster running in Azure?
What is equivalent command of "kubeadm certs check-expiration" for a Kubernetes cluster running in Azure
Unintentionally deletion of a WAF HTTP Listener Association with an AGW + AGIC + AKS. Meanwhile, the associcated AGW HTTP Listener still existing.
Here are existing components: WAF Policy: Custome rule Associated application gateways: HTTP Listener, fl-2991a50d204b26a829717bbebe722d00 AGW + AGIC + AKS: AGW has fl-2991a50d204b26a829717bbebe722d00 ->…
Not able to establish connectivity from App Gateway to Cluster Services
We have now running service on AKS Cluster with its own Internal POD IPs (2 pod) and external IP mapped to these PODs. The service is also having a path associated with it in the URL. We have now created an application gateway and created all backend…
Is it possible to mount keyvault secrets as environment variables?
Hello, I would like to know if it is possible that by obtaining the secrets from the keyvault, they can be mounted to the pod as environment variables. I was reviewing the documentation and in the examples I have only found that they are mounted within…
AKS cluster stuck in failed state
The cluser is in a a failed state and I am unable to update, upgrade or stop it. The errorCode is ResourceOperationFailure when running kubectl get nodes and kubectl get apiservices - E0706 10:06:16.489936 30640 memcache.go:287] couldn't get resource…
High CPU Utilization on Windows Core Machine with Kubernetes Pods Every Six Hours
Hello Azure Community, I have a Windows Core machine running Kubernetes pods, and I'm experiencing high CPU utilization spikes every six hours. Since I don't have a GUI, I need to diagnose and resolve this issue using command-line tools. Could someone…
Persistent TCP connections to AKS are dropping
I have a device-gateway application (ASP.NET) that accepts incoming TCP connections and keeps them alive. We have an increasing amount of connections with now close to 3.000 connections. We are expecting around 10.000 by the end of the year. I see that…
Increase in Network Out Bytes After AKS Upgrade to 1.29.x
I am upgrading my AKS cluster from version 1.27.x to 1.29.x. The upgrade process involves updating the control plane first, then creating new node pools with the same configuration as the old ones but with the newer version. After that, I drain and…