Re: Create service account for pushing images in 3.7

2018-02-03 Thread Marc Boorshtein 
>
>
>>
>> $ docker  login --username=$(oc whoami) --password=$(oc whoami -t)
>> os-registry-ext.myos.io
>>
>
> I don't think our auth flow likes the colons in the service account
> username here.  You don't actually need to provide the username anyway, the
> token is sufficient, so just run:
>
>  docker login --username=anything --password=$(oc whoami -t)
> yourregistry.com
>
>
>>
That did it, thanks!
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Create service account for pushing images in 3.7

2018-02-03 Thread Ben Parees 
On Sat, Feb 3, 2018 at 5:07 PM, Marc Boorshtein 
wrote:

> I'm trying to create a service account that will let me push images into
> my registry.  The registry is exposed, has a commercial cert and i can push
> images with my cluster admin so I'm pretty sure its configured correctly.
> I'm looking at a few blog posts and tried to:
>
> 1.  Create the service account
>
> $ oc create sa jenkins-ext
>
> 2.  I then grant it the edit role in my project
>
> $ oc policy add-role-to-user edit system:serviceaccount:my-
> project:jenkins-ext
>
> 3.  Then I get the secret and run oc login https://myos --token=...
>
> I get this message:
>
> Logged into "https://myos:443; as 
> "system:serviceaccount:my-project:jenkins-ext"
> using the token provided.
>
> You don't have any projects. Contact your system administrator to request
> a project.
>
> 4.  Then login to docker
>
> $ docker  login --username=$(oc whoami) --password=$(oc whoami -t)
> os-registry-ext.myos.io
>

I don't think our auth flow likes the colons in the service account
username here.  You don't actually need to provide the username anyway, the
token is sufficient, so just run:

 docker login --username=anything --password=$(oc whoami -t)
yourregistry.com


>
> Error response from daemon: Get https://os-registry-ext.myos.io/v2/:
> unauthorized: authentication required
>
> Same docker login command works when I login with creds from my own suer
> from the dashboard.
>
> Am I missing a step?  This is origin 3.7
>
> Thanks
> Marc
>
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>


-- 
Ben Parees | OpenShift
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Create service account for pushing images in 3.7

2018-02-03 Thread Marc Boorshtein 
I'm trying to create a service account that will let me push images into my
registry.  The registry is exposed, has a commercial cert and i can push
images with my cluster admin so I'm pretty sure its configured correctly.
I'm looking at a few blog posts and tried to:

1.  Create the service account

$ oc create sa jenkins-ext

2.  I then grant it the edit role in my project

$ oc policy add-role-to-user edit
system:serviceaccount:my-project:jenkins-ext

3.  Then I get the secret and run oc login https://myos --token=...

I get this message:

Logged into "https://myos:443; as
"system:serviceaccount:my-project:jenkins-ext" using the token provided.

You don't have any projects. Contact your system administrator to request a
project.

4.  Then login to docker

$ docker  login --username=$(oc whoami) --password=$(oc whoami -t)
os-registry-ext.myos.io

Error response from daemon: Get https://os-registry-ext.myos.io/v2/:
unauthorized: authentication required

Same docker login command works when I login with creds from my own suer
from the dashboard.

Am I missing a step?  This is origin 3.7

Thanks
Marc
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Pre-installation OpenShift Origin v3.7 and activate Pro

2018-02-03 Thread Mohamed Akram Blouza 
Hello,

When I tried to start pre-install check  ( OpenShift Origin v3.7 ), the
global proxy options was skipped (
https://docs.openshift.com/container-platform/3.5/install_config/install/advanced_install.html#advanced-install-configuring-global-proxy)
so my check is failed.

I have the same problem in the installation phase (check is activated)

Do you know how to activate it without changing playbooks ?


Thanks

Akram
-- 
Mohamed Akram BLOUZA
-
Paris
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: No persistent volumes available in OpenShift Origin 3.7.1

2018-02-03 Thread Clayton Coleman 
There’s a job that oc cluster up runs to create host PVs.  You may want to
check that that job ran successfully.  I don’t remember exactly what
namespace it was created it in

On Feb 3, 2018, at 1:10 PM, Tien Hung Nguyen 
wrote:

Hello,

I'm using OpenShift Origin v3.7.1 Client and Server installed on my local
Computer (Mac) via Docker on Mac. I started OpenShift using the command oc
cluster up --host-data-dir /Users/username/oc-data and tried to deploy my
appliocations using a .yml template. However, the deployment stucks because
it gives me the following error:

Events:

  FirstSeen LastSeen Count From SubObjectPath Type Reason Message

  -  -  -  -- ---

  17m 1m 63 persistentvolume-controller Normal FailedBinding no persistent
volumes available for this claim and no storage class is set


After checking my persistent volumes with the command oc get pv, I realized
that my containers don't have any pvs available (Message: No resources
found. ). Please, could you tell me why the new OpenShift Origin 3.7.1
version doesn't create any pvs by default at the beginning?
When I used the old OpenShift Origin 3.6.1 version, I never had that
problem when using the same .yaml template for deployment.

How can I fix that problem?

Regards
Tien

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

No persistent volumes available in OpenShift Origin 3.7.1

2018-02-03 Thread Tien Hung Nguyen 
Hello,

I'm using OpenShift Origin v3.7.1 Client and Server installed on my local
Computer (Mac) via Docker on Mac. I started OpenShift using the command oc
cluster up --host-data-dir /Users/username/oc-data and tried to deploy my
appliocations using a .yml template. However, the deployment stucks because
it gives me the following error:

Events:

  FirstSeen LastSeen Count From SubObjectPath Type Reason Message

  -  -  -  -- ---

  17m 1m 63 persistentvolume-controller Normal FailedBinding no persistent
volumes available for this claim and no storage class is set


After checking my persistent volumes with the command oc get pv, I realized
that my containers don't have any pvs available (Message: No resources
found. ). Please, could you tell me why the new OpenShift Origin 3.7.1
version doesn't create any pvs by default at the beginning?
When I used the old OpenShift Origin 3.6.1 version, I never had that
problem when using the same .yaml template for deployment.

How can I fix that problem?

Regards
Tien
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users