Re: OpenShift Origin on AWS

2018-10-07 Thread Joel Pearson 
Have you seen the AWS reference architecture?
https://access.redhat.com/documentation/en-us/reference_architectures/2018/html/deploying_and_managing_openshift_3.9_on_amazon_web_services/index#
On Tue, 2 Oct 2018 at 3:11 am, Peter Heitman  wrote:

> I've created a CloudFormation Stack for simple lab-test deployments of
> OpenShift Origin on AWS. Now I'd like to understand what would be best for
> production deployments of OpenShift Origin on AWS. In particular I'd like
> to create the corresponding CloudFormation Stack.
>
> I've seen the Install Guide page on Configuring for AWS and I've looked
> through the RedHat QuickStart Guide for OpenShift Enterprise but am still
> missing information. For example, the RedHat QuickStart Guide creates 3
> masters, 3 etcd servers and some number of compute nodes. Where are the
> routers (infra nodes) located? On the masters or on the etcd servers? How
> are the ELBs configured to work with those deployed routers? What if some
> of the traffic you are routing is not http/https? What is required to
> support that?
>
> I've seen the simple CloudFormation stack (
> https://sysdig.com/blog/deploy-openshift-aws/) but haven't found anything
> comparable for something that is closer to production ready (and likely
> takes advantage of using the AWS VPC QuickStart (
> https://aws.amazon.com/quickstart/architecture/vpc/).
>
> Does anyone have any prior work that they could share or point me to?
>
> Thanks in advance,
>
> Peter Heitman
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: https route stopped working

2018-10-07 Thread Joel Pearson 
Have you tried looking at the generated haproxy file inside the router? It
might give some hints as to what went wrong. I presume you’ve already tried
recreating the route?
On Wed, 3 Oct 2018 at 2:30 am, Tim Dudgeon  wrote:

> We've hit a problem with a HTTPS route that used to work fine has now
> stopped working.
> Instead of the application we're are seeing the 'Application is not
> available' page from the router.
>
> The route is using 'reencrypt' termination type to hit the service on
> port 8443.
> The service itself and its pod is running OK as indicated by being able
> to curl it from inside the router pod using:
>
> curl -kL https://secure-sso.openrisknet-infra.svc:8443/auth
>
> (the -k is needed).
>
> An equivalent HTTP route that hits the HTTP service on port 8080 is
> working fine.
>
> The only thing I can think of that might have caused this is redeploying
> the master certificates using the 'redeploy-certificates.yml' playbook,
> but I can't see how that would cause this.
> This is all with Origin 3.7.
>
> Any thoughts on what might be wrong here?
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users