glusterfs on openshift
Hi , I am trying to create glusterfs snapshop in my origin environment. while creating volume snapshot I get this error: snapshot create: failed: Commit failed on localhost. Please check log file for details. Snapshot command failed Also I checked glusterfs.log , it says: [glusterd-snapshot-utils.c:2391:glusterd_snap_create_use_rsp_dict] 0-management: failed to get snap UUID Can anyone please help , what could be the issue? Please note dm_snapshot module is already loaded. thanks, Pri ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: query on persistent volumes
Hi Erik, Apologies for late response. I would like to know what happens to gluster storage in both cases. 1) scale up or down the gluster pods 2) scale up or down the app pods which are using gluster as persistent volume. Thanks a lot again! Thanks, Pri On Wed, Aug 16, 2017 at 5:44 AM, Erik Jacobs <ejac...@redhat.com> wrote: > Hi Pri, > > Are you asking about what happens when you scale up the Gluster pods, or > the app pods? > > --- > > ERIK JACOBS > > PRINCIPAL TECHNICAL MARKETING MANAGER, OPENSHIFT > > Red Hat Inc <https://www.redhat.com/> > > ejac...@redhat.comM: 646.462.3745 @: erikonopen > <https://red.ht/sig> > TRIED. TESTED. TRUSTED. <https://redhat.com/trusted> > > On Fri, Aug 4, 2017 at 10:59 AM, Pri <priyanka4opensh...@gmail.com> wrote: > >> Hi, >> >> I am using glusterfs (container native storage) on OCP 3.5. I have one >> doubt, what happens to the storage when we scale up the pods (replicas=5) , >> will all the pods persist data on same storage? >> >> Would be great if someone can help me understand this. >> >> Thanks in advance. >> Pri >> >> ___ >> dev mailing list >> dev@lists.openshift.redhat.com >> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >> >> > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: running privileged docker images on openshift
Thanks Paul, it works :) On Tue, Jul 25, 2017 at 6:40 PM, Paul Weil <pw...@redhat.com> wrote: > > > On Tue, Jul 25, 2017 at 9:02 AM, Pri <priyanka4opensh...@gmail.com> wrote: > >> Hi Paul, >> >> I cant understand this step,apologies: >> >> - From there you need to set the SecurityContext field in your container >> spec which is in the pod spec. >> >> Do you mean we deploy the image and then edit the pod spec ? >> >> to deploy the image I am using "oc new-app " , this creates a >> deploymentconfig and pod. So you are saying to edit the pod spec after this >> step? >> > > Yes, if you already have the deployment config from new-app then you may > edit the spec in the DC and redeploy. > > >> >> Thanks again! >> >> On Tue, Jul 25, 2017 at 6:26 PM, Paul Weil <pw...@redhat.com> wrote: >> >>> >>> >>> On Tue, Jul 25, 2017 at 8:49 AM, Pri <priyanka4opensh...@gmail.com> >>> wrote: >>> >>>> Hi Paul, >>>> >>>> thanks for the response. I need to run privileged containers using root >>>> user, so as per you mail I did >>>> >>>> 1) oc adm policy add-scc-to-user privileged root >>>> >>> >>> This is incorrect, the grant needs to be to a service account in your >>> project. From the comment below it looks like you'll be using the >>> "default" service account (which is used when no SA is specified) so the >>> command that should be executed as a cluster admin user from within the >>> project in question is: >>> >>> oc adm policy add-scc-to-user privileged -z default >>> >>> You should then be able to do an oc get scc privileged -o yaml and see >>> your service account in the form of "system:serviceaccount:>> project>:default". >>> >>> From there you need to set the SecurityContext field in your container >>> spec which is in the pod spec. >>> >>> Since the privileged SCC uses the RunAsAny user strategy it will run >>> with whatever UID is specified in the docker file. If nothing is set it >>> should run as root so you shouldn't have to set anything special there. If >>> a user is set then set the RunAsUser field in the same SecurityContext that >>> you set privileged. >>> >>> >>>> >>>> 2) I have below service account in my project , not sure where to set >>>> the SecurityContext field >>>> builder >>>> default >>>> deployer >>>> >>>> could you please help? >>>> thanks a lot! >>>> >>>> On Tue, Jul 25, 2017 at 6:07 PM, Paul Weil <pw...@redhat.com> wrote: >>>> >>>>> You need to both grant access to the privileged SCC >>>>> <https://docs.openshift.org/latest/admin_guide/manage_scc.html#grant-access-to-the-privileged-scc> >>>>> to the service account running the pod and set the >>>>> SecurityContext.Privileged field to true >>>>> <https://docs.openshift.org/latest/rest_api/kubernetes_v1.html#v1-securitycontext> >>>>> . >>>>> >>>>> Thanks! >>>>> >>>>> Paul >>>>> >>>>> On Tue, Jul 25, 2017 at 8:31 AM, Pri <priyanka4opensh...@gmail.com> >>>>> wrote: >>>>> >>>>>> Hi , >>>>>> >>>>>> Is there a way we can run docker images on openshift with >>>>>> "--privileged" mode ? >>>>>> >>>>>> Something like we do while running any docker image such as: >>>>>> >>>>>> docker run --privileged >>>>>> >>>>>> >>>>>> I tried editing privileged scc but that doesnt work for me . Could >>>>>> you please help if its possible? >>>>>> >>>>>> Thanks, >>>>>> Priy >>>>>> >>>>>> ___ >>>>>> dev mailing list >>>>>> dev@lists.openshift.redhat.com >>>>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >>>>>> >>>>>> >>>>> >>>> >>> >> > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: running privileged docker images on openshift
Hi Paul, I cant understand this step,apologies: - From there you need to set the SecurityContext field in your container spec which is in the pod spec. Do you mean we deploy the image and then edit the pod spec ? to deploy the image I am using "oc new-app " , this creates a deploymentconfig and pod. So you are saying to edit the pod spec after this step? Thanks again! On Tue, Jul 25, 2017 at 6:26 PM, Paul Weil <pw...@redhat.com> wrote: > > > On Tue, Jul 25, 2017 at 8:49 AM, Pri <priyanka4opensh...@gmail.com> wrote: > >> Hi Paul, >> >> thanks for the response. I need to run privileged containers using root >> user, so as per you mail I did >> >> 1) oc adm policy add-scc-to-user privileged root >> > > This is incorrect, the grant needs to be to a service account in your > project. From the comment below it looks like you'll be using the > "default" service account (which is used when no SA is specified) so the > command that should be executed as a cluster admin user from within the > project in question is: > > oc adm policy add-scc-to-user privileged -z default > > You should then be able to do an oc get scc privileged -o yaml and see > your service account in the form of "system:serviceaccount: project>:default". > > From there you need to set the SecurityContext field in your container > spec which is in the pod spec. > > Since the privileged SCC uses the RunAsAny user strategy it will run with > whatever UID is specified in the docker file. If nothing is set it should > run as root so you shouldn't have to set anything special there. If a user > is set then set the RunAsUser field in the same SecurityContext that you > set privileged. > > >> >> 2) I have below service account in my project , not sure where to set the >> SecurityContext field >> builder >> default >> deployer >> >> could you please help? >> thanks a lot! >> >> On Tue, Jul 25, 2017 at 6:07 PM, Paul Weil <pw...@redhat.com> wrote: >> >>> You need to both grant access to the privileged SCC >>> <https://docs.openshift.org/latest/admin_guide/manage_scc.html#grant-access-to-the-privileged-scc> >>> to the service account running the pod and set the >>> SecurityContext.Privileged field to true >>> <https://docs.openshift.org/latest/rest_api/kubernetes_v1.html#v1-securitycontext> >>> . >>> >>> Thanks! >>> >>> Paul >>> >>> On Tue, Jul 25, 2017 at 8:31 AM, Pri <priyanka4opensh...@gmail.com> >>> wrote: >>> >>>> Hi , >>>> >>>> Is there a way we can run docker images on openshift with >>>> "--privileged" mode ? >>>> >>>> Something like we do while running any docker image such as: >>>> >>>> docker run --privileged >>>> >>>> >>>> I tried editing privileged scc but that doesnt work for me . Could you >>>> please help if its possible? >>>> >>>> Thanks, >>>> Priy >>>> >>>> ___ >>>> dev mailing list >>>> dev@lists.openshift.redhat.com >>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >>>> >>>> >>> >> > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: running privileged docker images on openshift
Hi Paul, thanks for the response. I need to run privileged containers using root user, so as per you mail I did 1) oc adm policy add-scc-to-user privileged root 2) I have below service account in my project , not sure where to set the SecurityContext field builder default deployer could you please help? thanks a lot! On Tue, Jul 25, 2017 at 6:07 PM, Paul Weil <pw...@redhat.com> wrote: > You need to both grant access to the privileged SCC > <https://docs.openshift.org/latest/admin_guide/manage_scc.html#grant-access-to-the-privileged-scc> > to the service account running the pod and set the > SecurityContext.Privileged field to true > <https://docs.openshift.org/latest/rest_api/kubernetes_v1.html#v1-securitycontext> > . > > Thanks! > > Paul > > On Tue, Jul 25, 2017 at 8:31 AM, Pri <priyanka4opensh...@gmail.com> wrote: > >> Hi , >> >> Is there a way we can run docker images on openshift with "--privileged" >> mode ? >> >> Something like we do while running any docker image such as: >> >> docker run --privileged >> >> >> I tried editing privileged scc but that doesnt work for me . Could you >> please help if its possible? >> >> Thanks, >> Priy >> >> ___ >> dev mailing list >> dev@lists.openshift.redhat.com >> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >> >> > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: OpenShift dedicated/container platform multi-tenancy
Hi Steve - any thought? Hi Erik - thanks :) Thanks, Priy On Wed, Jun 7, 2017 at 10:05 PM, Erik Jacobs <ejac...@redhat.com> wrote: > Hi Pri, > > I will have to defer to Steve, but I believe that currently OpenShift > Dedicated only supports deployment within a single region (eg: us-east-1), > although I believe we span AZs within that region. > > There is room for customization of certain aspects, but things like the > size of a node (cpu/mem) are fixed. > > Thanks, > > --- > > ERIK JACOBS > > PRINCIPAL TECHNICAL MARKETING MANAGER, OPENSHIFT > > Red Hat Inc <https://www.redhat.com/> > > ejac...@redhat.comM: 646.462.3745 @: erikonopen > <https://red.ht/sig> > TRIED. TESTED. TRUSTED. <https://redhat.com/trusted> > > On Wed, Jun 7, 2017 at 7:07 AM, Pri <priyanka4opensh...@gmail.com> wrote: > >> Hi Erik, thanks a lot of responding again. Our team here is still trying >> to get in touch with RedHat representative. Meanwhile I would like to know >> if we use OpenShift dedicated for AWS infra, can we have multiple nodes >> sit in different AWS regions? lets say 2 nodes in UK region and 2 nodes in >> Singapore region, >> >> can we ask Redhat for such customisation in OpenShift Dedicated platform >> cluster? >> >> Thanks again for great help >> >> Thanks, >> Priy >> >> On Tue, Jun 6, 2017 at 7:08 PM, Erik Jacobs <ejac...@redhat.com> wrote: >> >>> Hi Pri, >>> >>> Red Hat software evaluations are not time bombed - they do not cease >>> working after the evaluation period. However, you would not have access to >>> any of the rest of the Red Hat value proposition after expiration - >>> support, updates, knowledge base access, and do on and so forth. >>> >>> Erik M Jacobs, RHCA >>> Principal Technical Marketing Manager, OpenShift Enterprise >>> Red Hat, Inc. >>> Phone: 646.462.3745 <(646)%20462-3745> >>> Email: ejac...@redhat.com >>> AOL Instant Messenger: ejacobsatredhat >>> Twitter: @ErikonOpen >>> Freenode: thoraxe >>> >>> On Jun 6, 2017 07:28, "Pri" <priyanka4opensh...@gmail.com> wrote: >>> >>> Hi Steve, >>> >>> One more query here , if we try OCP trial version, will my installation >>> stop working after trial period is over?? I have one OCP tinstallation done >>> few months back with trial version , so was curious to know this. >>> >>> Thanks, >>> Priy >>> >>> On Tue, Jun 6, 2017 at 11:11 AM, Pri <priyanka4opensh...@gmail.com> >>> wrote: >>> >>>> Thanks Steve, it is really helpful. We are trying to get in touch with >>>> RedHat representative and will be soon able to ask queries. Thanks >>>> >>>> Thanks, >>>> Priy >>>> >>>> On Mon, Jun 5, 2017 at 11:34 PM, Steve Speicher <sspei...@redhat.com> >>>> wrote: >>>> >>>>> On Wed, May 31, 2017 at 8:56 AM, Pri <priyanka4opensh...@gmail.com> >>>>> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> I believe openshift online(next gen) is multi-tenant but not >>>>>> enterprise ready. >>>>>> >>>>> >>>>>> OpenShift dedicated and Container platform I believe are enterprise >>>>>> ready (please correct if this is wrong) but all document says both are >>>>>> single-tenant. Could you please help explaining how multi-tenancy is >>>>>> achieved for these?? >>>>>> >>>>> Hi! >>>>> >>>>> From Red Hat's perspective, Dedicated is a single tenant (customer). >>>>> That customer can have many users/tenants on their cluster. This is the >>>>> same for how someone runs OpenShift Container Platform (OCP) locally. >>>>> Though with OCP, you can have fully control over the scheduler. So you >>>>> could isolate users on different nodes. >>>>> >>>>> >>>>>> I understand that there could be project level separation but we want >>>>>> to keep almost all data separate for each tenant as well as a separate >>>>>> docker registry. So that it would be easy of identify resource usage for >>>>>> each. >>>>>> >>>>>> I have used container platform before but not sure about OpenShift >>>>>> dedicate
Re: OpenShift dedicated/container platform multi-tenancy
Hi Steve, One more query here , if we try OCP trial version, will my installation stop working after trial period is over?? I have one OCP tinstallation done few months back with trial version , so was curious to know this. Thanks, Priy On Tue, Jun 6, 2017 at 11:11 AM, Pri <priyanka4opensh...@gmail.com> wrote: > Thanks Steve, it is really helpful. We are trying to get in touch with > RedHat representative and will be soon able to ask queries. Thanks > > Thanks, > Priy > > On Mon, Jun 5, 2017 at 11:34 PM, Steve Speicher <sspei...@redhat.com> > wrote: > >> On Wed, May 31, 2017 at 8:56 AM, Pri <priyanka4opensh...@gmail.com> >> wrote: >> >>> Hi, >>> >>> I believe openshift online(next gen) is multi-tenant but not enterprise >>> ready. >>> >> >>> OpenShift dedicated and Container platform I believe are enterprise >>> ready (please correct if this is wrong) but all document says both are >>> single-tenant. Could you please help explaining how multi-tenancy is >>> achieved for these?? >>> >> Hi! >> >> From Red Hat's perspective, Dedicated is a single tenant (customer). That >> customer can have many users/tenants on their cluster. This is the same for >> how someone runs OpenShift Container Platform (OCP) locally. Though with >> OCP, you can have fully control over the scheduler. So you could isolate >> users on different nodes. >> >> >>> I understand that there could be project level separation but we want to >>> keep almost all data separate for each tenant as well as a separate docker >>> registry. So that it would be easy of identify resource usage for each. >>> >>> I have used container platform before but not sure about OpenShift >>> dedicated, how user management is done, does Redhat provides only single >>> user ? >>> >> No, Red Hat connected to your identify and auth provider. More >> information is at: https://www.openshift.com/dedicated/ >> >> >>> >>> Also I would like to understand how next gen is multi-tenant , does each >>> customer gets separate OpenShift cluster or its just the different user? >>> >> OpenShift Online Next Generation is a single cluster shared by many >> users. Each user gets a certain amount of quota to run their applications. >> That quota can be applied to one or many of the nodes in the cluster. The >> cluster determines best place to place it. >> >> >>> >>> >>> Looking for clarification on these points, also would be very helpful if >>> you could share some available docs explaining the same. >>> >> >> You can also look at : https://docs.openshift.com/con >> tainer-platform/3.5/security/hosts_multitenancy.html >> >> I'd recommend reaching out to a Red Hat representative to talk through >> some of these product specific questions. This list is usually more focused >> towards developer topics with origin, so I want to make sure you get the >> right help you need. >> >> You can always reach out to me directly if you are not sure who or where >> to go. >> >> Regards, >> Steve Speicher >> >> >>> >>> >>> Thanks, >>> Priy >>> >>> >>> >>> >>> >>> ___ >>> dev mailing list >>> dev@lists.openshift.redhat.com >>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >>> >>> >> > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: issue fabric8 on openshift origin 3.3
Hi Josef, Thanks for response, I have already tried this and there are no logs in fabric8 pod after this: 2017/05/08 07:29:00 Creating config file: /site/osconsole/config.openshift.js.tmpl => /site/osconsole/config.js 2017/05/08 07:29:00 2017/05/08 07:29:00 Listening on :9090 2017/05/08 07:29:00 any other way to check this?? On Fri, May 5, 2017 at 4:40 PM, Josef Karasek <jkara...@redhat.com> wrote: > I'd encourage you to check the logs of the different services that fabric8 > runs. > > $ oc get pods -n > $ oc logs > > On Fri, May 5, 2017 at 10:41 AM, Pri <priyanka4opensh...@gmail.com> wrote: > >> Hi, >> >> I am running below fabric8 version on origin 3.3 >> >> gofabric8, version 0.4.121 (branch: 'master', revision: '835aa16') >> build date: '20170306-10:48:35' >> go version: '1.7.1' >> >> >> I am deploying microservices with CI/CD . I was able to create some >> sample apps successfully earlier in all three environments (testing, >> staging and production) but suddenly fabric8 console doesn't show pipeline >> options for new-app, there is something wrong and I am not able to deploy >> any apps further. >> >> Also sometimes fabric8 console behaves very strange few option doesn't >> come at all and its damn slow. >> >> Is there a way we can check logs whats going on? I tried checking >> openshift master and node logs but no clue. >> >> Any input on this would be very helpful. >> >> >> Thanks, >> Priya >> >> ___ >> dev mailing list >> dev@lists.openshift.redhat.com >> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >> >> > > > -- > > JOSEF KARASEK > > QUALITY ENGINEER > > Red Hat > > <https://www.redhat.com/> > <https://red.ht/sig> > TRIED. TESTED. TRUSTED. <https://redhat.com/trusted> > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
issue fabric8 on openshift origin 3.3
Hi, I am running below fabric8 version on origin 3.3 gofabric8, version 0.4.121 (branch: 'master', revision: '835aa16') build date: '20170306-10:48:35' go version: '1.7.1' I am deploying microservices with CI/CD . I was able to create some sample apps successfully earlier in all three environments (testing, staging and production) but suddenly fabric8 console doesn't show pipeline options for new-app, there is something wrong and I am not able to deploy any apps further. Also sometimes fabric8 console behaves very strange few option doesn't come at all and its damn slow. Is there a way we can check logs whats going on? I tried checking openshift master and node logs but no clue. Any input on this would be very helpful. Thanks, Priya ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: JVM console access in openshift 3.3
Thanks Josef, it works :) On Fri, Mar 24, 2017 at 6:08 PM, Josef Karasek <jkara...@redhat.com> wrote: > Pri, > > make sure you're deploying eap using a template [1]. That way you have a > guarantee that the configuration works as intended. > > Once the eap pod is ready, you can access jolokia through the UI: > [image: Inline image 1] > Should you never expose jolokia outside of openshift - this would create > severe security risk by making jmx accesible > from the outside world. > > [1] https://github.com/jboss-openshift/application-templates > > On Fri, Mar 24, 2017 at 7:21 AM, Pri <priyanka4opensh...@gmail.com> wrote: > >> Hi Erik, >> Hi Jochen, >> >> I have EAP running on OCP and the sample app from " >> https://github.com/jboss-developer/jboss-eap-quickstarts.git >> <https://github.com/jboss-developer/jboss-eap-quickstarts/tree/6.4.x/kitchensink> >> " has jolokia agent running. I can see that in logs "Jolokia: Agent >> started with URL https://10.120.1.158:8778/jolokia/ >> <https://10.128.1.154:8778/jolokia/>" >> >> But how to access the JVM console in browser? there is no link in the >> description page of pod. Could you please help on this? >> >> Thanks, >> Priy >> >> On Tue, Mar 14, 2017 at 6:49 PM, Pri <priyanka4opensh...@gmail.com> >> wrote: >> >>> Hi Jochen, >>> >>> Thanks for the response and apologies for delayed response from my side. >>> How to setup jolokia agent with in an app? could you please provide some >>> details or documents if any? >>> >>> Thanks, >>> Priy >>> >>> On Sat, Mar 11, 2017 at 2:14 AM, Jochen Cordes <jcor...@redhat.com> >>> wrote: >>> >>>> In addition to have the Jolokia agent deployed with the app, you also >>>> need a port named jolokia exposed (port number seems to be irrelavant) >>>> >>>> On Thu, Mar 9, 2017 at 5:25 PM, Erik Jacobs <ejac...@redhat.com> wrote: >>>> >>>>> Hi Priyanka, >>>>> >>>>> This is designed, IIRC, to work with the Jolokia agent that runs in >>>>> our Wildfly/EAP xPaaS images. >>>>> >>>>> Does your Java container have Jolokia running on the default port and >>>>> exposed in the service? >>>>> >>>>> I'll see if I can't scrounge up more docs on how that's supposed to >>>>> work, but, at a minimum, I think Jolokia is a requirement. >>>>> >>>>> >>>>> Erik M Jacobs, RHCA >>>>> Principal Technical Marketing Manager, OpenShift >>>>> Red Hat, Inc. >>>>> Phone: 646.462.3745 <(646)%20462-3745> >>>>> Email: ejac...@redhat.com >>>>> AOL Instant Messenger: ejacobsatredhat >>>>> Twitter: @ErikonOpen >>>>> Freenode: thoraxe >>>>> >>>>> On Tue, Mar 7, 2017 at 12:25 PM, Pri <priyanka4opensh...@gmail.com> >>>>> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> According to this document https://docs.openshift.com/con >>>>>> tainer-platform/3.3/architecture/infrastructure_components/w >>>>>> eb_console.html#jvm-console >>>>>> >>>>>> Openshift has built in JVM console for java application, but I can >>>>>> not see that in my installation, >>>>>> >>>>>> Can anyone please help? How to access JVM console, Is there any extra >>>>>> configuration required for this? >>>>>> >>>>>> Thanks, >>>>>> Priyanka >>>>>> >>>>>> ___ >>>>>> dev mailing list >>>>>> dev@lists.openshift.redhat.com >>>>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >>>>>> >>>>>> >>>>> >>>>> ___ >>>>> dev mailing list >>>>> dev@lists.openshift.redhat.com >>>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >>>>> >>>>> >>>> >>>> >>>> -- >>>> >>>> Jochen Cordes >>>> >>>> Solution Architect Middleware >>>> >>>> MesseTurm >>>> >>>> 60308 Frankfurt >>>>Germany >>>> >>>>mobile: +49 173 6609271 <+49%20173%206609271> >>>> >>>> *RED HAT | TRIED. TESTED. TRUSTED.* >>>> >>>> Find out why at Trusted | Red Hat >>>> <http://www.redhat.com/en/about/trusted> >>>> >>>> _ >>>> >>>> >>>> Red Hat GmbH, www.de.redhat.com, >>>> Registered seat: Grasbrunn, Commercial register: Amtsgericht Muenchen, >>>> HRB 153243, >>>> Managing Directors: Charles Cachera, Michael Cunningham, Michael >>>> O'Neill, Charles Peters >>>> >>> >>> >> >> ___ >> dev mailing list >> dev@lists.openshift.redhat.com >> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >> >> > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: JVM console access in openshift 3.3
Hi Erik, Hi Jochen, I have EAP running on OCP and the sample app from " https://github.com/jboss-developer/jboss-eap-quickstarts.git <https://github.com/jboss-developer/jboss-eap-quickstarts/tree/6.4.x/kitchensink> " has jolokia agent running. I can see that in logs "Jolokia: Agent started with URL https://10.120.1.158:8778/jolokia/ <https://10.128.1.154:8778/jolokia/>" But how to access the JVM console in browser? there is no link in the description page of pod. Could you please help on this? Thanks, Priy On Tue, Mar 14, 2017 at 6:49 PM, Pri <priyanka4opensh...@gmail.com> wrote: > Hi Jochen, > > Thanks for the response and apologies for delayed response from my side. > How to setup jolokia agent with in an app? could you please provide some > details or documents if any? > > Thanks, > Priy > > On Sat, Mar 11, 2017 at 2:14 AM, Jochen Cordes <jcor...@redhat.com> wrote: > >> In addition to have the Jolokia agent deployed with the app, you also >> need a port named jolokia exposed (port number seems to be irrelavant) >> >> On Thu, Mar 9, 2017 at 5:25 PM, Erik Jacobs <ejac...@redhat.com> wrote: >> >>> Hi Priyanka, >>> >>> This is designed, IIRC, to work with the Jolokia agent that runs in our >>> Wildfly/EAP xPaaS images. >>> >>> Does your Java container have Jolokia running on the default port and >>> exposed in the service? >>> >>> I'll see if I can't scrounge up more docs on how that's supposed to >>> work, but, at a minimum, I think Jolokia is a requirement. >>> >>> >>> Erik M Jacobs, RHCA >>> Principal Technical Marketing Manager, OpenShift >>> Red Hat, Inc. >>> Phone: 646.462.3745 <(646)%20462-3745> >>> Email: ejac...@redhat.com >>> AOL Instant Messenger: ejacobsatredhat >>> Twitter: @ErikonOpen >>> Freenode: thoraxe >>> >>> On Tue, Mar 7, 2017 at 12:25 PM, Pri <priyanka4opensh...@gmail.com> >>> wrote: >>> >>>> Hi, >>>> >>>> According to this document https://docs.openshift.com/con >>>> tainer-platform/3.3/architecture/infrastructure_components/w >>>> eb_console.html#jvm-console >>>> >>>> Openshift has built in JVM console for java application, but I can not >>>> see that in my installation, >>>> >>>> Can anyone please help? How to access JVM console, Is there any extra >>>> configuration required for this? >>>> >>>> Thanks, >>>> Priyanka >>>> >>>> ___ >>>> dev mailing list >>>> dev@lists.openshift.redhat.com >>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >>>> >>>> >>> >>> ___ >>> dev mailing list >>> dev@lists.openshift.redhat.com >>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >>> >>> >> >> >> -- >> >> Jochen Cordes >> >> Solution Architect Middleware >> >> MesseTurm >> >> 60308 Frankfurt >>Germany >> >>mobile: +49 173 6609271 <+49%20173%206609271> >> >> *RED HAT | TRIED. TESTED. TRUSTED.* >> >> Find out why at Trusted | Red Hat >> <http://www.redhat.com/en/about/trusted> >> >> _ >> >> >> Red Hat GmbH, www.de.redhat.com, >> Registered seat: Grasbrunn, Commercial register: Amtsgericht Muenchen, >> HRB 153243, >> Managing Directors: Charles Cachera, Michael Cunningham, Michael O'Neill, >> Charles Peters >> > > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Query on JBoss fuse in OCP
Hi, does jboss fuse integration services provided in openshift 3.3 supports Apace CXF for SOAP, XML/HTTP and RESTful HTTP applications, because the templates I see in OCP are : 1) JBoss Fuse Integration Services Java S2I images. 2) JBoss Fuse Integration Services Karaf S2I images Do they support CXF for webservices? Thanks, Pri ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: query on docker storage for openshift
Hi Thankyou,I have one more query. This document here https://access.redhat.com/sites/default/files/attachments/ocp-on-aws-7.pdf, uses S3 for the persistent storage of the OpenShift registry. Is it different from docker storage. What it stores, when we say images does it pushes images to S3?? or metadata such as binaries, temp files, logs etc is stored in S3? Would be really helpful if you can help understand this. Thanks, Priya On Tue, Jan 10, 2017 at 3:44 PM, Josef Karasek <jkara...@redhat.com> wrote: > Hi Pri, > > docker storage backend you use has huge impact on performance and > container density per machine[0]. > For example docker in rhel distribution uses LVM loopback device. This is > very easy to configure > and therefore nice default. But also fairly slow. By that I mean slow to > start a new container or build a new image. > Red Hat's docker distribution comes with a tool that makes setting up > docker storage backend much easier. > Check it out[1]. Here is a slide deck that briefly summarizes steps needed > in order to setup the backend[2] > > Here is a little old, but still very good performance analysis done by > Jeremy[3]. > > Kubernetes persistent volumes are quite different concept. They're not > used by docker daemon > but by containers in a pod. These volumes are mounted to a container at > it's creation time and their purpose > is to persistently store data that is created over the container's > lifetime. > Such example can be NFS storage for a PostgreSQL that runs in openshift. > > [0] https://developers.redhat.com/blog/2016/10/25/docker- > project-can-you-have-overlay2-speed-and-density-with-devicemapper-yep/ > [1] http://www.projectatomic.io/docs/docker-storage-recommendation/ > [2] https://josefkarasek.github.io/docker101/#/165 > [3] https://developers.redhat.com/blog/2014/09/30/overview- > storage-scalability-docker/ > > Here are some more links that I find highly useful when working with > docker storage: > http://www.projectatomic.io/blog/2016/05/docker-lvm-plugin/ > http://www.projectatomic.io/blog/2015/06/notes-on-fedora- > centos-and-docker-storage-drivers/ > http://www.projectatomic.io/blog/2015/06/using-volumes- > with-docker-can-cause-problems-with-selinux/ > > Please note that docker and openshift are living projects and things > change from time to time, so some > articles can include information that is no longer accurate. > > Josef Karasek, xPaaS > > > On Tue, Jan 10, 2017 at 4:47 AM, Pri <priyanka4opensh...@gmail.com> wrote: > >> Hi Akram & Andy >> >> Thanks for the response, really helpful. Just to be sure, do we need both >> for production setup? Will it effect my running app if I don't setup docker >> storage on each node? >> >> Thanks, >> Priya >> >> On Mon, Jan 9, 2017 at 8:25 PM, Andy Goldstein <agold...@redhat.com> >> wrote: >> >>> >>> >>> On Mon, Jan 9, 2017 at 9:45 AM, Akram Ben Aissi < >>> akram.benai...@gmail.com> wrote: >>> >>>> Hi Pri, >>>> >>>> docker storage is locally used by docker on each node to store >>>> container runtime data (binaries, temp files, logs). >>>> >>> >>> More specifically, it stores docker images and any modifications made to >>> a container's file system after you've started the container. >>> >>> >>>> >>>> persistent volumes are attachable volumes, automatically mounted on >>>> container landing that is used to store data intended to be permanent >>>> accross containers failures, restarts or re-scheduling; >>>> >>>> >>>> On 9 January 2017 at 14:31, Pri <priyanka4opensh...@gmail.com> wrote: >>>> >>>>> Hi, >>>>> >>>>> I would like to understand the difference between docker storage-setup >>>>> and persistent volumes for pods. Aren't both same? >>>>> >>>>> Do we need to configure both for production purpose? >>>>> >>>>> Would be very helpful if someone can explain this. >>>>> >>>>> Thanks a lot >>>>> Priya >>>>> >>>>> ___ >>>>> dev mailing list >>>>> dev@lists.openshift.redhat.com >>>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >>>>> >>>>> >>>> >>>> ___ >>>> dev mailing list >>>> dev@lists.openshift.redhat.com >>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >>>> >>>> >>> >> >> ___ >> dev mailing list >> dev@lists.openshift.redhat.com >> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >> >> > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: query on docker storage for openshift
Hi Akram & Andy Thanks for the response, really helpful. Just to be sure, do we need both for production setup? Will it effect my running app if I don't setup docker storage on each node? Thanks, Priya On Mon, Jan 9, 2017 at 8:25 PM, Andy Goldstein <agold...@redhat.com> wrote: > > > On Mon, Jan 9, 2017 at 9:45 AM, Akram Ben Aissi <akram.benai...@gmail.com> > wrote: > >> Hi Pri, >> >> docker storage is locally used by docker on each node to store container >> runtime data (binaries, temp files, logs). >> > > More specifically, it stores docker images and any modifications made to a > container's file system after you've started the container. > > >> >> persistent volumes are attachable volumes, automatically mounted on >> container landing that is used to store data intended to be permanent >> accross containers failures, restarts or re-scheduling; >> >> >> On 9 January 2017 at 14:31, Pri <priyanka4opensh...@gmail.com> wrote: >> >>> Hi, >>> >>> I would like to understand the difference between docker storage-setup >>> and persistent volumes for pods. Aren't both same? >>> >>> Do we need to configure both for production purpose? >>> >>> Would be very helpful if someone can explain this. >>> >>> Thanks a lot >>> Priya >>> >>> ___ >>> dev mailing list >>> dev@lists.openshift.redhat.com >>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >>> >>> >> >> ___ >> dev mailing list >> dev@lists.openshift.redhat.com >> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >> >> > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
query on docker storage for openshift
Hi, I would like to understand the difference between docker storage-setup and persistent volumes for pods. Aren't both same? Do we need to configure both for production purpose? Would be very helpful if someone can explain this. Thanks a lot Priya ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: openshift 3.3 HA cluster
Hi Erik, Akram, I would like to hear from you on this. Would you be able to look at the above inventory and let me know if that right for High availability OpenShift architecture. Thanks a lot for help! Thanks, Priy On Wed, Dec 21, 2016 at 11:47 AM, Pri <priyanka4opensh...@gmail.com> wrote: > Hi Erik, > > Thanks for response. Below is my ansible inventory, Please suggests if > this needs to be modified for HA > > # Create an OSEv3 group that contains the master, nodes, etcd, and lb > groups. > # The lb group lets Ansible configure HAProxy as the load balancing > solution. > # Comment lb out if your load balancer is pre-configured. > [OSEv3:children] > masters > nodes > etcd > > # Set variables common for all OSEv3 hosts > [OSEv3:vars] > ansible_ssh_user=root > deployment_type=openshift-enterprise > openshift_pkg_version=-3.3.1.5 > openshift_master_console_port=443 > openshift_master_api_port=443 > openshift_image_tag=v3.3.1.5 > # Uncomment the following to enable htpasswd authentication; defaults to > # DenyAllPasswordIdentityProvider. > openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': > 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', > 'filename': '/etc/origin/master/htpasswd'}] > > # Native high availbility cluster method with optional load balancer. > # If no lb group is defined installer assumes that a load balancer has > # been preconfigured. For installation the value of > # openshift_master_cluster_hostname must resolve to the load balancer > # or to one or all of the masters defined in the inventory if no load > # balancer is present. > openshift_master_cluster_method=native > openshift_master_cluster_hostname=elbhostname > openshift_master_cluster_public_hostname=elbhostname > openshift_registry_selector='region=infra' > openshift_hosted_router_selector='region=infra' > > # override the default controller lease ttl > #osm_controller_lease_ttl=30 > > # host group for masters > [masters] > masterhost1 > masterhost2 > > # host group for etcd > [etcd] > masterhost1 > masterhost2 > > > # host group for nodes, includes region info > [nodes] > infranodehost openshift_node_labels="{'region': 'infra', 'zone': > 'default'}" openshift_schedulable=true > masterhost1 openshift_node_labels="{'region': 'master1', 'zone': > 'default'}" openshift_schedulable=true > masterhost2 openshift_node_labels="{'region': 'master2', 'zone': > 'default'}" openshift_schedulable=true > > Thanks, > Priya > > On Tue, Dec 20, 2016 at 3:23 AM, Erik Jacobs <ejac...@redhat.com> wrote: > >> On Thu, Dec 15, 2016 at 2:25 AM, Pri <priyanka4opensh...@gmail.com> >> wrote: >> >>> Thanks Igor and Akram, I was able to configure with TCP on ELB. For HA >>> what if a region has only two availability zones? can we configure 2 >>> masters in one and 1 master in other AZ. >>> >>> I am not running etcd externally as of now, its embedded in master hosts >>> itself. Is this the right architecture? >>> >> >> How do you have your Ansible inventory configured? What's your Ansible >> hosts file look like? >> >> >>> Also I have one more query, how to restart master if I make any change >>> in master-config.yaml. "systemctl restart atomic-openshift-master" doesn't >>> seem to work. >>> >> >> If you have multiple masters you need to: >> >> * change it on all masters >> * restart atomic-openshift-master-controllers and -api -- the -master >> service doesn't run/do anything in an HA/multi-master cluster. >> >>> >>> Thanks, >>> Priya >>> >>> >>> On Thu, Dec 15, 2016 at 3:13 AM, Akram Ben Aissi < >>> akram.benai...@gmail.com> wrote: >>> >>>> on more point: You need 3 masters for HA, unless you are running etcd >>>> externally. >>>> >>>> >>>> On 14 December 2016 at 18:25, Igor Katson <igor.kat...@gmail.com> >>>> wrote: >>>> >>>>> Hi, Pri, here's how the setup works for us in prod: >>>>> >>>>> >>>>>- the master ELB MUST be configured to do TCP balancing on port >>>>>443. Not HTTPS. You need to do TCP, because the masters do TLS >>>>> termination >>>>>and SNI by themselves. >>>>>- the "openshift_master_cluster_hostname" variable is set to the >>>>>name of the ELB. Actually, in our setup it is an extra DNS
enable logs for openshift master
Hi, Is there a way we can enable DEBUG logs for openshift master, may be by editing master-config.yaml. Please let me know if its possible? Thanks, Pri ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: openshift 3.3 HA cluster
Thanks Igor and Akram, I was able to configure with TCP on ELB. For HA what if a region has only two availability zones? can we configure 2 masters in one and 1 master in other AZ. I am not running etcd externally as of now, its embedded in master hosts itself. Is this the right architecture? Also I have one more query, how to restart master if I make any change in master-config.yaml. "systemctl restart atomic-openshift-master" doesn't seem to work. Thanks, Priya On Thu, Dec 15, 2016 at 3:13 AM, Akram Ben Aissi <akram.benai...@gmail.com> wrote: > on more point: You need 3 masters for HA, unless you are running etcd > externally. > > > On 14 December 2016 at 18:25, Igor Katson <igor.kat...@gmail.com> wrote: > >> Hi, Pri, here's how the setup works for us in prod: >> >> >>- the master ELB MUST be configured to do TCP balancing on port 443. >>Not HTTPS. You need to do TCP, because the masters do TLS termination and >>SNI by themselves. >>- the "openshift_master_cluster_hostname" variable is set to the name >>of the ELB. Actually, in our setup it is an extra DNS record which is a >>CNAME to the ELB, so that we can change the ELB if needed. E.g. >>"internal.openshift.youdomain" that is a CNAME to the ELB. >>- the "openshift_master_cluster_public_hostname" is set to the >>publicly-visible DNS name, that also points to this ELB. E.g. >>"openshift.yourdomain", where you can get valid SSL certs issued. >> >> In case you have a public SSL cert, you may put smth like this into >> inventory (make sure it's a valid json string): >> "openshift_master_named_certificates": [ >> { >> "certfile": "your-cert-file-on-ansible-machine", // this may >> include intermediate certs bundled >> "keyfile": "your-key-file-on-ansible-machine" >> } >> ], >> >> On Wed, Dec 14, 2016 at 7:07 AM, Pri <priyanka4opensh...@gmail.com> >> wrote: >> >>> Hi, >>> >>> I am setting openshift HA cluster with 2 masters and 2 nodes on AWS. I >>> want my masters to be backed by Elastic load balancer. But it doesnt work >>> when I give "openshift_master_cluster_hostname=" as ELB hostname >>> in ansible. So I tried giving one of the masters hostnames here which >>> worked fine. After that I configured ELB on AWS and added 2 master >>> instances. Now the problem is whenever I access openshift console using ELB >>> hostname it just redirects me to master IP address which is not what we >>> want, hostname on browser should always be consistent. >>> >>> Also I am not very sure which SSL certificate to configure on ELB when >>> it listens of HTTPS port 443 for console access. >>> >>> >>> Could you please help me with this? >>> >>> Thanks a lot for help >>> >>> Thanks, >>> Priya >>> >>> ___ >>> dev mailing list >>> dev@lists.openshift.redhat.com >>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >>> >>> >> >> ___ >> dev mailing list >> dev@lists.openshift.redhat.com >> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev >> >> > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
openshift 3.3 HA cluster
Hi, I am setting openshift HA cluster with 2 masters and 2 nodes on AWS. I want my masters to be backed by Elastic load balancer. But it doesnt work when I give "openshift_master_cluster_hostname=" as ELB hostname in ansible. So I tried giving one of the masters hostnames here which worked fine. After that I configured ELB on AWS and added 2 master instances. Now the problem is whenever I access openshift console using ELB hostname it just redirects me to master IP address which is not what we want, hostname on browser should always be consistent. Also I am not very sure which SSL certificate to configure on ELB when it listens of HTTPS port 443 for console access. Could you please help me with this? Thanks a lot for help Thanks, Priya ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
openshift pod restarts and fails frequently
Hi, I am creating an app in Origin 3.1 using my Docker image. Whenever I create image new pod gets created but it restarts again and again and finally gives status as "CrashLoopBackOff". I analysed logs for pod but it gives no error, all log data is as expected for a successfully running app. Hence, not able to determine the cause. I came across below link today, which says "running an application inside of a container as root still has risks, OpenShift doesn't allow you to do that by default and will instead run as an arbitrary assigned user ID." http://stackoverflow.com/questions/35710965/what-is-crashloopbackoff-status-for-openshift-pods Here my image is using root user only, what to do to make this work? as logs shows no error but pod keeps restarting. Could anyone please help me with this. Thanks, Priy ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Fwd: metering services in openshift v3
Hi everybody, I came across this link https://blog.openshift.com/metering-microservices-on-openshift-with-6fusions-delano-seymour-commons-briefing-13/ wanted to understand if this is available to use with openshift v3, if yes how users can use this to charge services ? Thankyou so much! ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
Re: metering services in openshift v3
Hi Chris, thanks a lot , looking forward to use the same for billing. Thanks, Pri On Mon, Jan 18, 2016 at 8:57 PM, Chris Morgan <cmor...@redhat.com> wrote: > Hi Pri, > > I brought this to the attention of the partner — they should reach out to > you soon. > > Cheers, > Chris > > On Jan 18, 2016, at 2:04 AM, Pri <priyanka4opensh...@gmail.com> wrote: > > Hi everybody, > > I came across this link > https://blog.openshift.com/metering-microservices-on-openshift-with-6fusions-delano-seymour-commons-briefing-13/ > > > > wanted to understand if this is available to use with openshift v3, if yes > how users can use this to charge services ? > > Thankyou so much! > > ___ > dev mailing list > dev@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/dev > > > ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev