Re: Is the Openshift/Origin docker image ready for production?

2016-01-11 Thread Clayton Coleman
Hi, tried to answer on stack. You should be able to mount the /var/lib/origin directory and have everything preserved (but double check the default directories created). On Mon, Jan 11, 2016 at 8:20 PM, Xiao Peng wrote: > Hi all, > > I am relatively new to Openshift

Re: S3 docker registry performance

2016-06-04 Thread Clayton Coleman
In general, S3 should be as efficient for the registry than EBS, and far more operationally easy (it also scales out horizontally). I don't know whether the encrypt option is done on the registry side - have you compared running with or without? It's currently fairly difficult to move between

Some s2i builds failing with "manifest unknown", also support for Origin for Docker versions

2016-06-08 Thread Clayton Coleman
Users may have noticed a brief window between yesterday and today where builds of our S2I based images began to fail with "manifest unknown" if you were using Docker 1.9 and had pulled the latest images. We started building S2I images with Docker 1.10 and are now in the process of reverting.

Re: Some s2i builds failing with "manifest unknown", also support for Origin for Docker versions

2016-06-08 Thread Clayton Coleman
Also note that CI is failing due to this until the new reverted images are built. Will send an email when the queue is unblocked. On Wed, Jun 8, 2016 at 12:30 PM, Clayton Coleman <ccole...@redhat.com> wrote: > Users may have noticed a brief window between yesterday and today >

Re: setting kubelet --allow-privileged ?

2016-06-03 Thread Clayton Coleman
Nodes come preconfigured with allow-privileged because SCC already protects the cluster. > On Jun 3, 2016, at 6:56 PM, Alan Jones wrote: > > Friends, > I had a privileged container running under under an OpenShift 3.2 master with > a sock k8s kubelet. > To get that to work,

Re: Upcoming image related features

2016-06-11 Thread Clayton Coleman
Yes, for now you can only import 1.9 pushed images when using docker 1.9 On Jun 11, 2016, at 6:45 PM, Philippe Lafoucrière < philippe.lafoucri...@tech-angels.com> wrote: Sadly, it's not working for me :( I'm running into this:

Re: "manifest unknown" test flakes

2016-06-08 Thread Clayton Coleman
e. I just fired up a > Centos 7 devenv AMI and it had docker 1.9. And FWIW it doesn't look like > Fedora 23 has shipped 1.10 yet either. > > On Tue, Jun 7, 2016 at 11:07 PM, Clayton Coleman <ccole...@redhat.com> > wrote: > >> Yes, but you do not need v2 metadata. >&g

Re: Starting container fails with system error

2016-06-08 Thread Clayton Coleman
There is a PR open to backport it to 1.9 https://github.com/projectatomic/docker/pull/168 On Thu, Jun 9, 2016 at 12:32 AM, Andrew Lau wrote: > Hi, > > Has anyone hit this issue where a pod is not able to start after it's been > successfully built: > > Starting container

Re: OpenShift Origin v1.2.0 released, along with the development drop of v1.3.0-alpha.1

2016-05-29 Thread Clayton Coleman
Is it just the ipfailover image that you see impacted? On May 29, 2016, at 11:26 AM, Philippe Lafoucrière < philippe.lafoucri...@tech-angels.com> wrote: FYI, v1.3.0-alpha.1 installation is broken: https://github.com/openshift/origin/issues/9077​ ___

Re: Request for a new generic release image tag on Docker hub

2016-06-16 Thread Clayton Coleman
Can you explain #2 in more detail (why you want to be using 1.3.0 image tags, which you shouldn't be doing) On Thu, Jun 16, 2016 at 1:42 PM, Devan Goodwin wrote: > If I may add another request and summarize: > > (1) Add an additional v1.2 tag pointing to the latest released

Re: pod DNS change

2016-01-15 Thread Clayton Coleman
This is so DNS is HA. Not sure why you can' get through the firewall. On Fri, Jan 15, 2016 at 11:27 AM, Luke Meyer wrote: > I rebuilt my dev cluster from HEAD recently and pods were having DNS > problems. I'm set up with dnsmasq at port 53 on the master, forwarding > cluster

Re: Router Sharding

2016-01-15 Thread Clayton Coleman
All of the core work for this is in 3.1.1, except for the ability to report back which routers the route is being served by to the API and UI. On Fri, Jan 15, 2016 at 4:49 PM, Brenton Leanhardt wrote: > On Fri, Jan 15, 2016 at 3:53 PM, Srinivas Naga Kotaru (skotaru) >

Re: When can we expect the next official release?

2016-01-18 Thread Clayton Coleman
In a few days - we're still finding and poking the last bugs in 1.1.1. > On Jan 18, 2016, at 6:19 AM, André Dietisheim wrote: > > Hi all > > Official binaries were release in the beginning of December. oc rsync has a > few fixes and enhancement we'd love to get officially

Origin v1.1.1 is now available

2016-01-18 Thread Clayton Coleman
On GitHub at https://github.com/openshift/origin/releases/tag/v1.1.1 The merge queue for master will reopen shortly. ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

Origin v1.1.2 released

2016-02-09 Thread Clayton Coleman
Release notes and downloads are up on GitHub: https://github.com/openshift/origin/releases/tag/v1.1.2 Note that this is a feature release off master, not an incremental patch release on 1.1.1. Thanks everyone for all the great new features. ___ dev

Re: Clarification on container security in OpenShift

2016-01-19 Thread Clayton Coleman
OpenShift only supports numeric UIDs and numeric GIDs - but you can specify whatever you want as an admin, or force a group of applications to run with a set of values. If you want to use a string user value, you'll need to set that in your images to a known UID. If you want to use a name for

Please hold merges of PRs containing UPSTREAM commits to origin until the rebase lands

2016-01-25 Thread Clayton Coleman
In order to get it in sooner. That is estimated for the next few days ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

Re: Route http basic auth

2016-01-26 Thread Clayton Coleman
It would be intended for you to customize the router to accomplish that. I don't think we'd add it directly into the router until we sort out some other customizations. There is a desire to make it easy for you to allow users to pass values from the routes down to the config template so you can

Re: Sky DNS and builder selector

2016-01-26 Thread Clayton Coleman
We've had the work queued for a while (to use a service or DNS name) and the problems you are roughly things we know we'd have to fix. The end goal would be to ensure that the hosts have access to the cluster CA (so the Docker daemon can verify the name of the service against a CA) and

Origin merge queue disabled while we land the rebase

2016-01-27 Thread Clayton Coleman
___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

Changes to how hack/build-go.sh uses GOPATH

2016-02-15 Thread Clayton Coleman
While simplifying the build steps (to no longer create a fake GOPATH under _output and thus work more effectively with other tools) in https://github.com/openshift/origin/pull/7281, it may cause you to have trouble running `make clean build` if you have a custom GOPATH with older files in

Re: oc export

2016-03-14 Thread Clayton Coleman
Export is a lower level tool that does not *exactly* export an entire application, but rather tries to give you the tools to build it. I would suggest instead of running "oc export all", you try "oc export dc,svc,route,is". "all" includes pods, replication controllers, build configs, and

v1.1.4 released

2016-03-14 Thread Clayton Coleman
The latest release is up on GitHub at https://github.com/openshift/origin/releases/tag/v1.1.4 ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

Re: oc export

2016-03-14 Thread Clayton Coleman
tConfig) I see annotation 'kubernetes.io/created-by: ...' >> >> Can we rely on those annotations to decide what to export and what to >> leave behind? Is this documented somewhere? >> >> >> >> >> On 03/14/2016 04:48 PM, Clayton Coleman wrote: >>

Re: Extended tests are now part of the test queue for Origin

2016-04-07 Thread Clayton Coleman
iled? Given the overall number of flakes, clicking through for every test would be a pain. On Wed, Apr 6, 2016 at 9:56 PM, Clayton Coleman <ccole...@redhat.com> wrote: > The test job for Origin now runs a subset of extended tests in a third > worker whenever you add [test] (it'll be the

Extended tests are now part of the test queue for Origin

2016-04-06 Thread Clayton Coleman
The test job for Origin now runs a subset of extended tests in a third worker whenever you add [test] (it'll be the third job when you click through to Jenkins). The job won't block merge (yet) but please don't merge if there are failures. The tests that are run are a subset of the full extended

v1.1.6 released (this is v1.2.0-rc1)

2016-04-05 Thread Clayton Coleman
Images have been pushed and GitHub has been updated https://github.com/openshift/origin/releases/tag/v1.1.6 ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

Changes to test_pr_origin CI job and the [testonlyextended]

2016-04-12 Thread Clayton Coleman
As you may have noticed, the test_pr_origin CI job on ci.openshift.redhat.com (which answers [test]) has now been split into three sub jobs: https://ci.openshift.redhat.com/jenkins/job/test_pr_origin/ - test_pull_requests_origin_check - the unit and verification tests (equivalent to `make check`)

CI test-pull-requests-origin is being changed to enable e2e, you can ignore the JUnit publisher errors

2016-04-06 Thread Clayton Coleman
Only the test is marked as failed. ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

Re: --volumes-from

2016-03-21 Thread Clayton Coleman
> > I would rather not use (an) empty volume(s) to which I would have to copy > these files upon startup. > > On Mon, Mar 21, 2016 at 10:12 PM, Clayton Coleman <ccole...@redhat.com> > wrote: >> >> The EmptyDir volume type handles that - you create a volume in y

Changes to Origin build for Go 1.6

2016-03-21 Thread Clayton Coleman
Due to the removal of code in golint and govet that supported Go 1.4, we are in the process of transitioning the Origin build pipeline to Go 1.6. The first set of changes updates openshift/origin-release to use Go 1.6 to build release binaries. test-pull-request in CI will only use that for the

Cgroup limits on builds are being temporarily disabled to allow the merge queue to proceed while we debug

2016-03-22 Thread Clayton Coleman
https://github.com/openshift/origin/issues/7549 and https://github.com/openshift/origin/pull/8196 This should unblock the merge queue. ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

Re: oc export

2016-03-22 Thread Clayton Coleman
d in the project. >> > >> > This is deliberate simplification to make things little easier >> for us. >> > We are exporting whole project, because right now I don't have >> any idea >> > how we are going to decide what is "on

Re: Hosting MySQL images in OpenShift Origin

2016-03-03 Thread Clayton Coleman
There are several ways to accomplish external routing. 1. Expose your pod network directly to the rest of your infrastructure (make 10.0.X.X routable from other places) 2. Use a service that is of type NodePort and connect to the node(s) on the port you receive directly (if you need HA, you'll

Re: ImageStream loses tags when exported

2016-04-01 Thread Clayton Coleman
Sounds like a bug, please file an issue with your scenario. We may not have correctly set export behavior for image streams. > On Mar 30, 2016, at 5:22 AM, Tomáš Nožička wrote: > > Hi, > > I am working on o2n and I am experiencing problem exporting and > importing

Re: Set UID/GID to the azure mount command

2016-04-04 Thread Clayton Coleman
At the mount point, or anywhere underneath the mount point? On Mon, Apr 4, 2016 at 9:39 AM, Diego Spinola Castro wrote: > Azure file plugin doesn't support Unix Permissions, so a pod can't manage > file ownership at a mountpoint. This is a issue for PostgreSQL images,

Origin updated to v1.1.5

2016-03-29 Thread Clayton Coleman
Release notes are here https://github.com/openshift/origin/releases/tag/v1.1.5 Note that v1.1.5 resolves an issue with Docker 1.9.1-23 and cgroups and is a recommended upgrade for all users. ___ dev mailing list dev@lists.openshift.redhat.com

Release v1.1.5 has a serious bug preventing PVC use by normal users - a fix will be released soon as v1.1.6

2016-03-30 Thread Clayton Coleman
In 1.1.5 regular users are no longer able to use PVCs due to an SCC constraint. You can relax the SCC constraint by editing your SCCs to set the `volumes` field with `*`. This allows users to continue to use PVCs. The bug is https://github.com/openshift/origin/issues/8297 Please hold off on

Approvals required for merge to origin/master as we close out 1.2

2016-03-31 Thread Clayton Coleman
Since we're getting into the final stretches of 1.2, we're now in approval mode for changes to be merged into master. Only high priority defects approved by leads / component owners should get the [merge] tag. Quick reminder: 1. Prioritize p0 and p1 changes over p2 and p3 - component leads use

Re: Set UID/GID to the azure mount command

2016-04-04 Thread Clayton Coleman
>> Sorry, you are right, files can't get other ownership than default >> (uid,gid) underneath the mount point. >> As the root is mounting, so it owns the files, pods can write because >> file_mode and dir_mode are 0777 >> >> 2016-04-04 11:45 GMT-03:00 Cl

Merge queue for post 1.2.x is still closed - BUT ...

2016-04-25 Thread Clayton Coleman
For 1.2.x, master will reopen soon. The process is: 1. We'll cut for 1.2.0-rc2. 2. I'll cut a 1.3.0-alpha0 3. We'll merge a selected set of critical PRs (specifically, those related to the rebase and test flakes) 4. We'll open master for normal [merge] rights I'll send out an email after 3 has

Origin extended test suite passed!

2016-04-22 Thread Clayton Coleman
https://ci.openshift.redhat.com/jenkins/job/origin_extended/830/ is green, for the first time in a while :) Thanks to everyone over the last few months who chipped away at flakes, improved the e2e suite (over 150 new tests), and introduced / improved / hacked on new suites. Over the 1.3 release

Origin v1.2.0-rc2 released

2016-04-25 Thread Clayton Coleman
The second release candidate for 1.2.0 has been pushed to GitHub https://github.com/openshift/origin/releases/tag/v1.2.0-rc2 and to DockerHub ___ dev mailing list dev@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/dev

Re: OpenShift Origin v1.2.0-rc1

2016-04-22 Thread Clayton Coleman
efore running those commands. If I should open an issue, let me know whatever debug / info would be of use. thanks, gabe On Thu, Apr 21, 2016 at 6:17 PM, Clayton Coleman <ccole...@redhat.com> wrote: > The first release candidate for 1.2.0 has been pushed to GitHub > htt

Re: OpenShift Origin v1.2.0-rc1

2016-04-22 Thread Clayton Coleman
Working on a fix. On Fri, Apr 22, 2016 at 1:39 PM, Clayton Coleman <ccole...@redhat.com> wrote: > Yes, let me repro. > > On Apr 22, 2016, at 1:26 PM, Gabe Montero <gmont...@redhat.com> wrote: > > Would this be an example of such an issue: > > E0422 13:18:25.77150

OpenShift Origin v1.2.0-rc1

2016-04-21 Thread Clayton Coleman
The first release candidate for 1.2.0 has been pushed to GitHub https://github.com/openshift/origin/releases/tag/v1.2.0-rc1 Because this is the first official release we've done using a semantic version tag, it's possible that some images / code may break trying to pull "v1.2.0-rc1". If you

Merge queue for master is open

2016-04-26 Thread Clayton Coleman
We're back to normal merge processes. Please note that API changes still require approval (you can ask @openshift/api-review and you can merge when you get api-approved label). Thanks for everyone's patience, and for the folks who have helped get the CI flakes knocked out. Remember, flakes are

Re: readiness probes and clustered discovery

2016-05-19 Thread Clayton Coleman
We have the basic support for this today - endpoints also contain unready IPs. We are adding two constructs that will enable easy access - a DNS entry that returns all endpoints, no matter whether they are ready or not, and an annotation on a service that instructs the endpoints list to contain

Re: Support for Kubernetes metadata when using docker --log-driver=journald?

2016-05-20 Thread Clayton Coleman
Actually, there may be an issue for this already. https://github.com/kubernetes/kubernetes/issues/15478 On Fri, May 20, 2016 at 12:38 PM, Clayton Coleman <ccole...@redhat.com> wrote: > We could support setting that on the Kubelet when we launch the > containers. I think it's reasona

Re: Support for Kubernetes metadata when using docker --log-driver=journald?

2016-05-20 Thread Clayton Coleman
We could support setting that on the Kubelet when we launch the containers. I think it's reasonable - if you open a Kube issue Derek and I can chime in. On Fri, May 20, 2016 at 12:12 PM, Rich Megginson wrote: > When using OpenShift with the standard docker log driver, there

Re: New experimental feature: import application from Docker Compose

2016-05-12 Thread Clayton Coleman
We decode the compose1 format, have not yet added compose2 On Thu, May 12, 2016 at 4:43 AM, Tomas Tomecek <ttome...@redhat.com> wrote: > Quoting Clayton Coleman (2016-05-10 18:14:46) >> PR https://github.com/openshift/origin/pull/7690 introduces a new >> command in 'oc

Re: How to specify ImageStream as a source for container

2016-05-17 Thread Clayton Coleman
Set image to " " On Tue, May 17, 2016 at 9:54 AM, Tomas Nozicka wrote: > I am not able to specify ImageStream as source of what my container is > run from in my DeploymentConfig. I can only specify image there [1] but > not ImageStream. But when I setup triggers for

Re: How to specify ImageStream as a source for container

2016-05-18 Thread Clayton Coleman
build manually it > starts from image " " and fails again. You will be stuck in this loop > and never get it deployed this way! At least I did not. > > >> On Út, 2016-05-17 at 10:56 -0400, Clayton Coleman wrote: >> There is a work going on to ensure that you don't g

Re: Excluding replacement pods from quota?

2016-05-02 Thread Clayton Coleman
Or set maxUnavailable to 100% in your rolling deployment config. On Mon, May 2, 2016 at 10:59 AM, Luke Meyer wrote: > Use the Recreate deploy strategy rather than Rolling. > https://docs.openshift.org/latest/dev_guide/deployments.html#recreate-strategy > > On Sat, Apr 30, 2016

Help needed testing new docker build functionality

2016-05-02 Thread Clayton Coleman
As part of looking to support faster and more flexibility image building under kubernetes, we've been prototyping a Docker compatible builder that is not innately tied to the Docker daemon in Origin (which would allow us to run a docker build inside a container launched by Kube). The utility code

Re: Is 1.2 out?

2016-05-03 Thread Clayton Coleman
We're just waiting for any final reports of issues to cut a 1.2.0 release. For 1.3 we will be moving to be more like Kubernetes, where features will be considered .alpha. and we will be releasing 1.3.0-alpha.0, 1.3.0-alpha.1, etc. On Tue, May 3, 2016 at 7:00 PM, Diego Spinola Castro

Re: Extended tests are now part of the test queue for Origin

2016-04-19 Thread Clayton Coleman
o run as a 4th job, though. > > On Wed, Apr 6, 2016 at 6:56 PM, Clayton Coleman <ccole...@redhat.com> wrote: >> The test job for Origin now runs a subset of extended tests in a third >> worker whenever you add [test] (it'll be the third job when you click >> thro

Re: Project limits

2016-04-13 Thread Clayton Coleman
The docs here: https://docs.openshift.org/latest/admin_guide/managing_projects.html#limit-projects-per-user Cover that. > On Apr 13, 2016, at 7:17 PM, Andrew Lau wrote: > > Hi, > > There seems to be documentation on project quotas and disabling self > provisioning,

Protobuf support merged

2016-07-25 Thread Clayton Coleman
Protobuf support has been merged to origin, which has an impact on dev workflows. If you are changing the API, you'll need to run hack/update-generated-protobuf.sh to generate the IDL for your changes, and those changes will be checked in. You need protoc 3.0.0-beta1 or newer installed. A

Re: Protobuf support merged

2016-07-25 Thread Clayton Coleman
On Mon, Jul 25, 2016 at 2:22 PM, Andy Goldstein <agold...@redhat.com> wrote: > > > On Mon, Jul 25, 2016 at 2:15 PM, Clayton Coleman <ccole...@redhat.com> > wrote: > >> Protobuf support has been merged to origin, which has an impact on dev >> workflows. &g

Re: few questions on quotas and limits

2016-08-10 Thread Clayton Coleman
On Wed, Aug 10, 2016 at 2:41 PM, Srinivas Naga Kotaru (skotaru) < skot...@cisco.com> wrote: > > > > -- > *Srinivas Kotaru* > > From: "ccole...@redhat.com" > Date: Wednesday, August 10, 2016 at 11:33 AM > To: skotaru > Cc: dev

Re: /etc/localtime

2016-07-08 Thread Clayton Coleman
a case for scheduled/cron-like > jobs being more readable with an assumed timezone. > > > > *Brandon Richins* > > > > *From: *Clayton Coleman <ccole...@redhat.com> > *Date: *Friday, July 8, 2016 at 8:56 AM > *To: *Luke Meyer <lme...@redhat.com>

Re: Building oc binary for Windows

2016-07-23 Thread Clayton Coleman
You have to build as sudo to compile the std library correctly, *or* install the Windows cross compile rpm package for go (golang-*-windows something) You can also run hack/env hack/build-cross.sh to use the release container build, which has the correct tools already installed On Jul 23, 2016,

Re: Router Defaut Timeout

2016-08-09 Thread Clayton Coleman
Is this a new variable in 1.3? Can we rename it to be more descriptive? ROUTER_HTTP_REQUEST_TIMEOUT would be more accurate. On Aug 9, 2016, at 4:02 PM, Ram Ranganathan wrote: That default for the haproxy router can be set via an environment variable in your deployment. $

Re: packaging

2016-06-29 Thread Clayton Coleman
The spec file checked in to the repo is the same one that is used to build those RPMs, isn't it? On Jun 29, 2016, at 8:12 AM, Luke Meyer wrote: The origin project itself doesn't maintain spec files. However you might find the Fedora and EPEL source rpms interesting: Fedora -

Deprecation of OpenShift CLI features in 1.5

2017-02-07 Thread Clayton Coleman
There are two features in the OpenShift CLI that we are considering deprecating because more full featured alternatives exist elsewhere. 1. oc import docker-compose - Kompose ( https://github.com/kubernetes-incubator/kompose) supports everything in this feature and has added many more features

Re: service discover - always confuse

2017-01-31 Thread Clayton Coleman
Including the list correctly. On Tue, Jan 31, 2017 at 4:06 PM, Clayton Coleman <ccole...@redhat.com> wrote: > > > On Jan 30, 2017, at 1:51 AM, Srinivas Naga Kotaru (skotaru) < > skot...@cisco.com> wrote: > > Hi > > > > Observed 2 different behaviors

Re: App is not able to talk with a third party app (installed on another infrastructure).

2017-01-30 Thread Clayton Coleman
Usually those are firewall rules blocking your access to the cluster. Have you verified that each node is able to ping your other cluster? > On Jan 30, 2017, at 11:41 AM, Francesco D'Andria wrote: > > Hi all, > > I've just installed an instance of OpenShift Origin on my

Changing release numbers for 1.6 and beyond

2017-02-20 Thread Clayton Coleman
There has been some discussion recently about changing the release numbers of Origin so that they line up with the "actual" OpenShift release history. When we reset the numbers to 1.0 for OpenShift 3 on top of Kubernetes, we did so to ensure we clearly identified for the open source community

OpenShift Origin v1.5.0-alpha.3 released

2017-02-20 Thread Clayton Coleman
Alpha 3 is out on GitHub. This will be the last alpha for 1.5.0 - the next tag will be the release candidate. https://github.com/openshift/origin/releases/tag/v1.5.0-alpha.3 We plan to branch master soon and create a release-1.5 branch that will lead to v1.5.0.

Re: metrics

2017-02-23 Thread Clayton Coleman
Resending to dev list. On Thu, Feb 23, 2017 at 5:31 PM, Clayton Coleman <ccole...@redhat.com> wrote: > Yes, the apiserver, the controllers, and the nodes all expose metrics on > their serving port. The controllers listen on localhost only today. > > You can view the

Re: `oc import docker-compose` with kompose as backend

2017-02-14 Thread Clayton Coleman
Hey Suraj, sorry for the delay responding On Fri, Feb 10, 2017 at 12:59 AM, Suraj Deshmukh wrote: > Hi Clayton, > > > This is new thread in support of `oc import docker-compose` with > kompose as backend. > > (I tried repying to your earlier mail thread but had few issues

OpenShift Origin v1.4.0, v1.3.3, and v1.5.0-alpha.2 released

2017-01-18 Thread Clayton Coleman
Thanks to everyone for their hard work in getting OpenShift v1.4.0 out the door. Images have been pushed and RPMs will be available in a few days. See the release notes on GitHub: https://github.com/openshift/origin/releases/tag/v1.4.0 In addition, we've released v1.3.3 with a security fix,

Re: openshift audit logs

2017-01-17 Thread Clayton Coleman
I believe that feature is coming in 3.4 - copying Maciej who did the impl and updates. On Jan 17, 2017, at 5:23 PM, Srinivas Naga Kotaru (skotaru) < skot...@cisco.com> wrote: We turned on audit in our platform. Currently Openshift writing audit logs to /var/log/messages log file. Is anyway we

ANN: New pull request test job added to Origin for deploying a cluster on GCE

2017-01-17 Thread Clayton Coleman
A new test job is being added (experimentally) to test_pr_origin (which runs on all Origin merge and test) that deploys a full Origin GCE cluster from your PR. The job test_pull_requests_origin_gce builds and deploys

Origin 1.3.0-rc1 has been released

2016-09-07 Thread Clayton Coleman
The GitHub release page has been updated for v1.3.0-rc1 and Docker images have been pushed. Thanks to everyone for the hard work over the last few months to continue to stabilize and improve Kubernetes and OpenShift. We expect to make

Re: Openshift and infrastructure as code

2016-08-30 Thread Clayton Coleman
On Tue, Aug 30, 2016 at 7:33 AM, Pieter Nagel <pie...@lautus.net> wrote: > Thanks all for the helpful feedback. > > On Thu, Aug 25, 2016 at 4:42 PM, Clayton Coleman <ccole...@redhat.com> > wrote: > >> Please provide any feedback about limitations in export th

Re: Feedback needed: Automating Kubernetes / OpenShift integrations - i.e. building your own controllers

2016-09-08 Thread Clayton Coleman
Thanks for the feedback - some comments inline > On Sep 8, 2016, at 3:44 AM, Tobias Florek wrote: > > Hi! > > I did not play with it yet but did find the docs: > https://github.com/openshift/origin/blob/master/docs/man/man1/oc-observe.1 > > I wrote a few simple

Origin v1.3.0 released

2016-09-15 Thread Clayton Coleman
Images have been pushed to the hub and release binaries are up on GitHub under release v1.3.0 . RPMs will take a few days to show up in the existing channels. v1.3.0 was a huge release - thanks to everyone who contributed to make it

OpenAPI schema (swagger 2.0), generated protobufs, and updated Swagger 1.2 docs

2016-09-29 Thread Clayton Coleman
PR #10983 has merged to master and will be in v1.4.0-alpha.1. It contains the following: * Updated Swagger 1.2 API specs in https://github.com/openshift/origin/tree/master/api/swagger-spec that now have correctly updated unique names (fixing the

Re: NetworkCIDR for big cluster

2016-10-07 Thread Clayton Coleman
Pod limits are now directly settable, so no longer hard coded. It sounds like you would plan for 100k pods which a 15 or 14 cidr for pods would cover. I would recommend leaving some headroom there. 14 might be safer if in the future you want to continue to grow the cluster - our target max

Re: Openshift and infrastructure as code

2016-08-25 Thread Clayton Coleman
To briefly summarize - all Openshift API objects are designed to be "config" - declarative representation of end objects. Just updating an existing object should be enough to transform the actual config. We do have "imperative" style concepts in the APIs - for instance, deployment triggers and

Re: deploymentconfigs and deployments

2016-10-19 Thread Clayton Coleman
The goal is to make Kube capable of expressing all of the things deployment configs do: Hooks Permanent failure (don't deploy bad code) Custom deployments Test deployment Image change triggers That's likely to stretch into mid or late 2017. We will support deployment configs for a very long

Re: deploying to cluster with no persistent volumes

2016-10-20 Thread Clayton Coleman
We kind of have said the opposite - that it should almost always be possible to get a PV bound unless you ask for something weird. Ie allowing local pvc, precreating pv in cluster up and the installer, and better dynamic provisioners like the nfs tools. That doesn't mean that API would be a bad

Origin v1.2.2 and v1.3.1 released

2016-10-18 Thread Clayton Coleman
They contain a security fix that we recommend applying to all v1.2.x versions. v1.3.1 contains a number of bug fixes discovered post release. ___ dev mailing list dev@lists.openshift.redhat.com

Master has branched for release 1.4

2016-11-17 Thread Clayton Coleman
The branch release-1.4 has been set up to track changes destined for the 1.4 release. Master is now open for 1.5 changes. Please ensure your fixes are in master and then cherry pick back to release-1.4. I'll be cutting a release candidate 0 build soon.

Origin v1.4.0-alpha.1 released

2016-11-11 Thread Clayton Coleman
As you may have noticed (if you were looking at the repos) v1.4.0-alpha.1 was tagged and released last week. Please see https://github.com/openshift/origin/releases/tag/v1.4.0-alpha.1 for a list of changes. This will be the final alpha - the next release will be the first release candidate.

Re: Container UUID

2016-10-11 Thread Clayton Coleman
This should be possible from the downward API as an env var (get the pod uuid as env var) but isn't supported yet. If you file an issue we can make sure it's exposed, and if important enough we could consider backporting it. On Oct 11, 2016, at 10:12 AM, Srinivas Naga Kotaru (skotaru) <

Re: web socket support

2016-12-06 Thread Clayton Coleman
You would just listen on whatever port is exposed by the route (the target port). You can create multiple routes if necessary. Router allows Connection: Upgrade headers seamlessly. Connection timeouts on the router matter, of course. The router documentation briefly describes it, mostly

Re: web socket support

2016-12-06 Thread Clayton Coleman
Tunnel mode default timeout is 1h: https://github.com/openshift/origin/blob/master/images/router/haproxy/conf/haproxy-config.template I would recommend setting it lower in high density environments. On Dec 6, 2016, at 7:16 PM, Srinivas Naga Kotaru (skotaru) < skot...@cisco.com> wrote: Ok will

Re: feedback

2016-12-06 Thread Clayton Coleman
On Dec 6, 2016, at 3:13 PM, Srinivas Naga Kotaru (skotaru) < skot...@cisco.com> wrote: we are continuously hearing 2 complaints from our users not much verbose info to troubleshott/narrow down 2 commonf failures . 1. Pod unable to come up. Why it failed, what caused?

Re: Linux on s390x release binaries for OpenShift Origin

2016-12-12 Thread Clayton Coleman
Probably the easiest integration would be to set up a Jenkins Job that can use a Z instance on linuxone as a worker and build from latest master. Alternatively, if you have a Jenkins instance under your control you could do your own setup and builds and we can link those in to the release process.

Re: storage labels

2017-01-13 Thread Clayton Coleman
Brad, can you comment? On Jan 13, 2017, at 1:59 PM, Srinivas Naga Kotaru (skotaru) < skot...@cisco.com> wrote: Perfect, that answer and clarify. Thank you, Nakayama, I was able to bound a PV which has label selectors using a PVC which doesn’t have any selectors. This behavior completely

Re: storage labels

2017-01-12 Thread Clayton Coleman
Yes On Jan 12, 2017, at 4:23 PM, Srinivas Naga Kotaru (skotaru) < skot...@cisco.com> wrote: How to represent TB storage in PV? Is it Ti , similar to Gi? -- *Srinivas Kotaru* *From: * on behalf of Srinivas Naga Kotaru *Date:

Re: Upstream PRs to Origin are on hold pending the rebase

2017-01-03 Thread Clayton Coleman
Origin 1.5 is in alpha right now - we trail Kube specifically to catch these issues and also to ensure all security policies for multi-tenancy are adapted / enforced. On Jan 3, 2017, at 2:11 PM, Andy Goldstein wrote: We will pull in Kubernetes 1.5.1 prior to releasing

Re: Binding Persistent Volumes by Labels

2017-01-04 Thread Clayton Coleman
In 1.4 quota of persistent volume claims per storage class will be available, but you have to define all of your classes up front in the quota. A whitelist approach is coming later (where adding new storage classes would not require you to change everyone's quota for that new type to be zero) On

Re: What is the current status of the branches

2017-01-04 Thread Clayton Coleman
1.3.3 will be released before the end of the week. 1.4 is simply soaking waiting for new bugs Rebase may still take a while. I cut 1.5.0-alpha.1 as the pre rebase point. On Wed, Jan 4, 2017 at 12:00 PM, Troy Dawson wrote: > Hi, > For downstream purposes I'm asking for a

Re: 1.3.2 Release

2016-12-19 Thread Clayton Coleman
We're currently waiting for another backport. Hoping to have it out soon. On Mon, Dec 19, 2016 at 12:01 PM, Patrick Tescher wrote: > v1.3.2 has been available for a week on Github but I don’t see any builds > yet. Will there be a 1.3.2 rpm package? Is there anything

Re: web socket support

2016-12-06 Thread Clayton Coleman
It's fully supported and has been since 3.0 On Tue, Dec 6, 2016 at 5:55 PM, Srinivas Naga Kotaru (skotaru) < skot...@cisco.com> wrote: > What is OpenShift strategy or plans to support web socket support at > router layer? Our clients asking web socket support since Openshift 2 days > onwards. I

Re: Question on DNS when running Master/Node on same node

2017-03-23 Thread Clayton Coleman
t;> DiG 9.9.5-9+deb8u10-Debian <<>> @MASTER_IP -p 53 www.google.com ; (1 server found) ;; global options: +cmd ;; connection timed out; no servers could be reached root@vote-1-7acnx-debug:/app# /========/ On Thu, Mar 23, 2017 at 12:49 PM, Clayton Cole

  1   2   3   >