Known Issues and solutions

Nginx ingress

308 redirect to HTTPS

Solution

Edit ingress configmap.

kubectl -n ingress-external edit configmaps ingress-controller-leader-nginx

Add the following annotations:

use-forwarded-headers: "true"
force-ssl-redirect: "false"

Restart controller.

kubectl -n ingress-external scale deployment --replicas=0 ingress-external-nginx-ingress-controller
kubectl -n ingress-external scale deployment --replicas=2 ingress-external-nginx-ingress-controller

References

https://github.com/kubernetes/ingress-nginx/issues/1957

Duplicate location "/healthz"

Complete nginx pod log:

It happens when you have an ingress object conflicting with "/healthz" path.

Solution

Make sure to not have an ingress object overlapping "/healthz".

Pod sandbox changed, it will be killed and re-created

Cause

This error happens when deploying a pod. It is caused most liked because of Docker processes crashed or is unstable on the node due IO peak.

Solution

The solution is to reboot the node.

References

https://plugaru.org/2018/05/21/pod-sandbox-changed-it-will-be-killed-and-re-created/

failed to watch file "/var/log/pods/6438eb52-202a-11ea-8dce-e279cb2777e2/my-app/0.log": no space left on device

Symptom

When you run.

The command outputs a few lines of log and then breaks.

Cause

The obvious reason is the node's HD is full. Although this error can be caused by other reasons.

This error (ENOSPC) comes from the inotify_add_watch syscall, and actually has multiple meanings (the message comes from golang). Most likely the problem is from exceeding the maximum number of watches, not filling the disk. This can be increased with the fs.inotify.max_user_watches sysctl.

Solution

Increase max_user_watches.

If you do not have SSH connection to the node, apply the following manifest (not recommended for production environments).

References

https://github.com/google/cadvisor/issues/1581

https://github.com/Azure/AKS/issues/772