tmux movew -r
Given a kernel message like this:
Memory cgroup stats for /kubepods/burstable/poda38ff820-1609-44cc-9778-7aa9f8e1ac88/f2b5ea544ea9bbf38034d5a42df74d5cd131bd1d1a808d4e40615ca9f636b34c:
The container id is : f2b5ea544ea9bbf38034d5a42df74d5cd131bd1d1a808d4e40615ca9f63
-- the bit after the pod id (after the slash)
Use docker ps to find the container: docker ps | grep f2b5ea544ea
Kernel errors like:
kubernetes cgroup: fork rejected by pids controller in /kubepods/burstable/...
accompainied by errors creating threads or starting processes on base OS can be caused by the kubepods cgroup pids.max
being to low
cat /sys/fs/cgroup/pids/kubepods/pids.max
If this is low, it can be reset by setting kernel.pid_max to a large number (kernel.pid_max=4194304) then restart kubelet. After a bit, kubepods/pids.max should be bumped up to the same number (can take a few minutes)
https://github.com/kvaps/kubectl-node-shell |
TAG_NAME="Name" | |
INSTANCE_ID="`wget -qO- http://instance-data/latest/meta-data/instance-id`" | |
REGION="`wget -qO- http://instance-data/latest/meta-data/placement/availability-zone | sed -e 's:\([0-9][0-9]*\)[a-z]*\$:\\1:'`" | |
TAG_VALUE="`aws ec2 describe-tags --filters "Name=resource-id,Values=$INSTANCE_ID" "Name=key,Values=$TAG_NAME" --region $REGION --output=text | cut -f5`" |
Timers provide a great help in troubleshooting network problems. All values are | |
reported in milliseconds (ms). These timers should be used in conjunction with | |
the session termination flags. In TCP mode with "option tcplog" set on the | |
frontend, 3 control points are reported under the form "Tw/Tc/Tt", and in HTTP | |
mode, 5 control points are reported under the form "TR/Tw/Tc/Tr/Ta". In | |
addition, three other measures are provided, "Th", "Ti", and "Tq". | |
Timings events in HTTP mode: | |
first request 2nd request |
#!/bin/bash | |
# This allows inbound traffic from the vpn to be routed through the thernet interface | |
# Im this exampe, 192.168.5.0/24 is the vpn subnet, eno1 is the ethernet interface | |
# These entries allow traffic to/from the vpn subnet to be forwarded to/from the | |
# ethernet inteface. Note that outbound traffic will be masqueraded | |
iptables -A FORWARD -i tun+ -j ACCEPT | |
iptables -A FORWARD -i tun+ -o eno1 -m state --state RELATED,ESTABLISHED -j ACCEPT | |
iptables -A FORWARD -i eno1 -o tun+ -m state --state RELATED,ESTABLISHED -j ACCEPT | |
iptables -t nat -A POSTROUTING -s 192.168.5.0/24 -o eno1 -j MASQUERADE |
open "rdp://full%20address=s:192.168.1.2&username=s:misteruser" |