Thanks Igor and Akram, I was able to configure with TCP on ELB. For HA what if a region has only two availability zones? can we configure 2 masters in one and 1 master in other AZ.
I am not running etcd externally as of now, its embedded in master hosts itself. Is this the right architecture? Also I have one more query, how to restart master if I make any change in master-config.yaml. "systemctl restart atomic-openshift-master" doesn't seem to work. Thanks, Priya On Thu, Dec 15, 2016 at 3:13 AM, Akram Ben Aissi <[email protected]> wrote: > on more point: You need 3 masters for HA, unless you are running etcd > externally. > > > On 14 December 2016 at 18:25, Igor Katson <[email protected]> wrote: > >> Hi, Pri, here's how the setup works for us in prod: >> >> >> - the master ELB MUST be configured to do TCP balancing on port 443. >> Not HTTPS. You need to do TCP, because the masters do TLS termination and >> SNI by themselves. >> - the "openshift_master_cluster_hostname" variable is set to the name >> of the ELB. Actually, in our setup it is an extra DNS record which is a >> CNAME to the ELB, so that we can change the ELB if needed. E.g. >> "internal.openshift.youdomain" that is a CNAME to the ELB. >> - the "openshift_master_cluster_public_hostname" is set to the >> publicly-visible DNS name, that also points to this ELB. E.g. >> "openshift.yourdomain", where you can get valid SSL certs issued. >> >> In case you have a public SSL cert, you may put smth like this into >> inventory (make sure it's a valid json string): >> "openshift_master_named_certificates": [ >> { >> "certfile": "your-cert-file-on-ansible-machine", // this may >> include intermediate certs bundled >> "keyfile": "your-key-file-on-ansible-machine" >> } >> ], >> >> On Wed, Dec 14, 2016 at 7:07 AM, Pri <[email protected]> >> wrote: >> >>> Hi, >>> >>> I am setting openshift HA cluster with 2 masters and 2 nodes on AWS. I >>> want my masters to be backed by Elastic load balancer. But it doesnt work >>> when I give "openshift_master_cluster_hostname=<myELB>" as ELB hostname >>> in ansible. So I tried giving one of the masters hostnames here which >>> worked fine. After that I configured ELB on AWS and added 2 master >>> instances. Now the problem is whenever I access openshift console using ELB >>> hostname it just redirects me to master IP address which is not what we >>> want, hostname on browser should always be consistent. >>> >>> Also I am not very sure which SSL certificate to configure on ELB when >>> it listens of HTTPS port 443 for console access. >>> >>> >>> Could you please help me with this? >>> >>> Thanks a lot for help >>> >>> Thanks, >>> Priya >>> >>> _______________________________________________ >>> dev mailing list >>> [email protected] >>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >>> >>> >> >> _______________________________________________ >> dev mailing list >> [email protected] >> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >> >> >
_______________________________________________ dev mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
