Re: Machine parsing of 'oc adm release mirror'

2019-11-28 Thread Clayton Coleman 
> On Nov 26, 2019, at 12:30 PM, Jon Stanley  wrote:
>
>> On Tue, Nov 26, 2019 at 10:29 AM Clayton Coleman  wrote:
>> The standard kube object
>> is what we would normally output.  You should be able to drop that in
>> the manifests dir the installer creates to obviate the need for the
>> content sources.
>
> Not sure that I follow here - should I use openshift-install create
> manifests and then drop the kube object into the manifests dir (and
> then presumably run openshift-install create ignition-configs) and
> that obviates the need to add anything to install-config.yaml? I
> thought that the use of create manifests was...discouraged :)

Excessively depending on the contents of the manifest dir is “bad”.
Adding your own things there is not.

>
>> Also, in the future there will be other kube objects we output like a
>> configmap containing the payload signature.
>
> OK, this is fine for me and my test clusters, but at $DAYJOB it's
> going to get a bit more complicated to do that. We have a remote
> registry setup to proxy out to quay.io, which we consider untrusted.
> To get images into the internal registry, there's another process that
> we already use for vendor images that we were hoping to leverage for
> this (which includes a security scan). Requiring us to use the oc
> tooling to get that configmap and any other future items would be
> hard. There should be a way to output those objects without doing any
> mirroring as such.

That is what —dry-run will do in 4.3

>
>> Do not hardcode!  :)  We plan to change locations in the future.
>
> You mean to something that doesn't say dev for production images? :)

Where do you think baby production images come from?  :)

>


___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: where does CRC store its data?

2019-11-28 Thread Joel Pearson 
Hi Marvin,

Did you ever use minishift? It behaves in the same way, all the data is
inside the CRC VM.  If you manage to get into the CRC VM, and you get to
/mnt/pv-data then you'd see lots of directories pv0001, pv0002 etc.  If you
create yourself a PVC then it will automatically attach to an existing
PV's, so yes you can use it for applications if you want.

minishift used to have an option, "minishift ssh", which would ssh into the
VM that minishift was running inside.  But I can't see that as a
command-line option for crc.

On my windows installation of crc (it has since expired), I found the ssh
private key for the instance at

C:\Users\\.crc\machines\crc

You can get the ip of the VM with "crc ip"

I'm not totally sure what the ssh username is, but it's probably one of
crc, core, openshift.

ssh -i C:\Users\\.crc\machines\crc\id_rsa  @

Otherwise, a slightly shady way of getting to the host is to start a
special pod and get a root shell, using one of the techniques here:
https://gist.github.com/jjo/a8243c677f7e79f2f1d610f02365fdd7
I used that technique once when ssh had died and I wanted to restart ssh
without restarting the whole machine.
You might need to use kubeadmin or some privileged user.

Anyway, good luck.

On Fri, 22 Nov 2019 at 11:44, Just Marvin <
marvin.the.cynical.ro...@gmail.com> wrote:

> Hi,
>
> On my host system, I see:
>
> [zaphod@oc6010654212 code]$ oc get pv
> NAME CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS  CLAIM
> STORAGECLASS   REASON   AGE
> pv0001   100Gi  RWO,ROX,RWXRecycle  Bound
> openshift-image-registry/crc-image-registry-storage
>   22d
> pv0002   100Gi  RWO,ROX,RWXRecycle  Available
> 22d
> pv0003   100Gi  RWO,ROX,RWXRecycle  Available
> 22d
> pv0004   100Gi  RWO,ROX,RWXRecycle  Available
> 22d
> .
> .
> .
> pv0030   100Gi  RWO,ROX,RWXRecycle  Available
> 22d
> [zaphod@oc6010654212 code]$ oc describe pv pv0001
> Name:pv0001
> Labels:  volume=pv0001
> Annotations: pv.kubernetes.io/bound-by-controller: yes
> Finalizers:  [kubernetes.io/pv-protection]
> StorageClass:
> Status:  Bound
> Claim:   openshift-image-registry/crc-image-registry-storage
> Reclaim Policy:  Recycle
> Access Modes:RWO,ROX,RWX
> VolumeMode:  Filesystem
> Capacity:100Gi
> Node Affinity:   
> Message:
> Source:
> Type:  HostPath (bare host directory volume)
> Path:  /mnt/pv-data/pv0001
> HostPathType:
> Events:
> [zaphod@oc6010654212 code]$ ls -l /mnt/pv-data/pv0001
> ls: cannot access /mnt/pv-data/pv0001: No such file or directory
> [zaphod@oc6010654212 code]$ ls -l /mnt
> total 0
>
> What gives? Where is CRC actually storing the data in its registry,
> etc? More importantly, if I want to use one of those unbound pv's for
> applications, can I?
>
> Regards,
> Marvin
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users