Re:

2018-04-30 Thread Cesar Wong 
Hi Tien,

Make sure that before you run 'oc cluster up' your DOCKER_HOST is pointing
to the docker-machine that you just created:
eval "$(docker-machine env openshift)"

and make sure that 'docker info' also returns your insecure registry
setting.

On Mon, Apr 30, 2018 at 7:12 AM, Tien Hung Nguyen 
wrote:

> Hi,
>
> I'm trying to start OpenShift Origin on Docker Toolbox (Boot2Docker) which
> uses VirtualBox to start Docker.
>
> However, I'm getting the following error:
>
> $ oc cluster up
> Starting OpenShift using openshift/origin:v3.6.1 ...
> -- Checking OpenShift client ... OK
> -- Checking Docker client ... OK
> -- Checking Docker version ... OK
> -- Checking for existing OpenShift container ... OK
> -- Checking for openshift/origin:v3.6.1 image ... OK
> -- Checking Docker daemon configuration ... FAIL
>Error: did not detect an --insecure-registry argument on the Docker
> daemon
>Solution:
>
>  Ensure that the Docker daemon is running with the following argument:
> --insecure-registry 172.30.0.0/16
>
>  You can run this command with --create-machine to create a machine
> with the
>  right argument.
>
>
> I have already added the insecure-registry by the following commands:
>
>
>- docker-machine create openshift --engine-insecure-registry
>172.30.0.0/16
>
>
>- oc cluster up
>
>
>
> When I do the command 'docker-machine inspect openshift' I get the
> following results:
>
> {
> "ConfigVersion": 3,
> "Driver": {
> "IPAddress": "192.168.99.103",
> "MachineName": "openshift",
> "SSHUser": "docker",
> "SSHPort": 54818,
> "SSHKeyPath": "d:\\Profiles\\username\\.
> docker\\machine\\machines\\openshift\\id_rsa",
> "StorePath": "d:\\Profiles\\username\\.docker\\machine",
> "SwarmMaster": false,
> "SwarmHost": "tcp://0.0.0.0:3376",
> "SwarmDiscovery": "",
> "VBoxManager": {},
> "HostInterfaces": {},
> "CPU": 1,
> "Memory": 1024,
> "DiskSize": 2,
> "NatNicType": "82540EM",
> "Boot2DockerURL": "",
> "Boot2DockerImportVM": "",
> "HostDNSResolver": false,
> "HostOnlyCIDR": "192.168.99.1/24",
> "HostOnlyNicType": "82540EM",
> "HostOnlyPromiscMode": "deny",
> "UIType": "headless",
> "HostOnlyNoDHCP": false,
> "NoShare": false,
> "DNSProxy": true,
> "NoVTXCheck": false,
> "ShareFolder": ""
> },
> "DriverName": "virtualbox",
> "HostOptions": {
> "Driver": "",
> "Memory": 0,
> "Disk": 0,
> "EngineOptions": {
> "ArbitraryFlags": [],
> "Dns": null,
> "GraphDir": "",
> "Env": [],
> "Ipv6": false,
> "InsecureRegistry": [
> "172.30.0.0/16"
> ],
> "Labels": [],
> "LogLevel": "",
> "StorageDriver": "",
> "SelinuxEnabled": false,
> "TlsVerify": true,
> "RegistryMirror": [],
> "InstallURL": "https://get.docker.com;
> },
> "SwarmOptions": {
> "IsSwarm": false,
> "Address": "",
> "Discovery": "",
> "Agent": false,
> "Master": false,
> "Host": "tcp://0.0.0.0:3376",
> "Image": "swarm:latest",
> "Strategy": "spread",
> "Heartbeat": 0,
> "Overcommit": 0,
> "ArbitraryFlags": [],
> "ArbitraryJoinFlags": [],
> "Env": null,
> "IsExperimental": false
> },
> "AuthOptions": {
> "CertDir": "d:\\Profiles\\username\\.docker\\machine\\certs",
> "CaCertPath": "d:\\Profiles\\username\\.
> docker\\machine\\certs\\ca.pem",
> "CaPrivateKeyPath": "d:\\Profiles\\username\\.
> docker\\machine\\certs\\ca-key.pem",
> "CaCertRemotePath": "",
> "ServerCertPath": "d:\\Profiles\\username\\.
> docker\\machine\\machines\\openshift\\server.pem",
> "ServerKeyPath": "d:\\Profiles\\username\\.
> docker\\machine\\machines\\openshift\\server-key.pem",
> "ClientKeyPath": "d:\\Profiles\\username\\.
> docker\\machine\\certs\\key.pem",
> "ServerCertRemotePath": "",
> "ServerKeyRemotePath": "",
> "ClientCertPath": "d:\\Profiles\\username\\.
> docker\\machine\\certs\\cert.pem",
> "ServerCertSANs": [],
> "StorePath": "d:\\Profiles\\username\\.
> docker\\machine\\machines\\openshift"
> }
> },
> "Name": "openshift"
> }
>
> Please, could you tell me why it is not working and how I can fix this in
> order to start OpenShift Origin wit Docker Toolbox?
>
> Regards
> Tien
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
>

Re: No such file or dir (was Re: Permission denied trying to mount persistent vol)

2018-04-18 Thread Cesar Wong 
Hi Tracy,

The problem you're running into is due to oc cluster up running the kubelet
in a container. The kubelet will try to find /tmp/data in its own
filesystem (the container's) and unless it has been mounted from the host,
the directory won't be there.

The good news is that cluster up does create pv's for you on a host
directory and mounts that directory into the kubelet container. You can
control what that directory is with --host-pv-dir.

You should not have to create a PersistentVolume yourself. Just create a
pvc and it should bind to what cluster up has created.

On Wed, Apr 18, 2018 at 8:40 PM, Tracy Reed  wrote:

> Oops...got the error message wrong on the subject. Changing.
>
> On Wed, Apr 18, 2018 at 05:36:55PM PDT, Tracy Reed spake thusly:
> > So I'm trying to setup my first openshift cluster and I'm using the
> > following docs to get started:
> >
> > Setup prereqs:
>
>
>
> >
> > https://docs.openshift.com/container-platform/3.5/
> install_config/install/host_preparation.html
> >
> > Then oc cluster up:
>
>
>
> >
> > https://docs.openshift.org/latest/getting_started/administrators.html
>
> >
> > Then I'm trying to setup a container which requires a persistent
> volume.  I'm using a dead simple pv.yaml to configure it:
> >
> > kind: PersistentVolume
> > apiVersion: v1
> > metadata:
> > name: mycontainer-pv
> > labels:
> > app-volume: "mycontainer"
> > spec:
> > capacity:
> > storage: 10Gi
> > accessModes:
> > - ReadWriteOnce
> > hostPath:
> > path: /tmp/data
> >
> > I created the /tmp/data dir, created the pv with oc create -f ./pv.yaml
> > and it shows up in oc get pv:
> >
> > # oc get pv | grep tw-console-pv
> > mycontainer-pv   10Gi   RWO   Retain  Bound
> mycontainer/mycontainer-console 18h
> >
> > but when I start my container it fails to start. In the logs I see:
> >
> > Apr 19 00:13:33 cto-ose4-1 journal: E0419 00:13:33.165666   29278
> docker_manager.go:2313] container start failed: RunContainerError:
> GenerateRunContainerOptions: lstat /tmp/data: no such file or directory
> > Apr 19 00:13:33 cto-ose4-1 journal: E0419 00:13:33.165746   29278
> pod_workers.go:184] Error syncing pod 970b0907-431c-11e8-bc09-42010af00084,
> skipping: failed to "StartContainer" for "mycontainer-console" with
> RunContainerError: "GenerateRunContainerOptions: lstat /tmp/data: no such
> file or directory"
> > Apr 19 00:13:40 cto-ose4-1 journal: E0419 00:13:40.258411   29278
> utils.go:91] Unable to get uid from job persistent-volume-setup in
> namespace default
> > Apr 19 00:13:42 cto-ose4-1 journal: I0419 00:13:42.975542   29278
> operation_executor.go:1079] MountVolume.SetUp succeeded for volume "
> kubernetes.io/secret/7c6f7215-42c7-11e8-bc09-42010af00084-registry-token-
> gwxgv" (spec.Name: "registry-token-gwxgv") pod 
> "7c6f7215-42c7-11e8-bc09-42010af00084"
> (UID: "7c6f7215-42c7-11e8-bc09-42010af00084").
> > Apr 19 00:13:45 cto-ose4-1 journal: I0419 00:13:45.988758   29278
> operation_executor.go:1079] MountVolume.SetUp succeeded for volume "
> kubernetes.io/secret/970b0907-431c-11e8-bc09-42010af00084-mycontainer-
> console-token-7j0m5" (spec.Name: "mycontainer-console-token-7j0m5") pod
> "970b0907-431c-11e8-bc09-42010af00084" (UID: "970b0907-431c-11e8-bc09-
> 42010af00084").
> > Apr 19 00:13:45 cto-ose4-1 journal: I0419 00:13:45.991621   29278
> operation_executor.go:1079] MountVolume.SetUp succeeded for volume "
> kubernetes.io/configmap/970b0907-431c-11e8-bc09-42010af00084-mycontainer-
> config-volume" (spec.Name: "mycontainer-config-volume") pod
> "970b0907-431c-11e8-bc09-42010af00084" (UID: "970b0907-431c-11e8-bc09-
> 42010af00084").
> > Apr 19 00:13:46 cto-ose4-1 journal: E0419 00:13:46.163184   29278
> docker_manager.go:2313] container start failed: RunContainerError:
> GenerateRunContainerOptions: lstat /tmp/data: no such file or directory
> > Apr 19 00:13:46 cto-ose4-1 journal: E0419 00:13:46.163247   29278
> pod_workers.go:184] Error syncing pod 970b0907-431c-11e8-bc09-42010af00084,
> skipping: failed to "StartContainer" for "mycontainer-console" with
> RunContainerError: "GenerateRunContainerOptions: lstat /tmp/data: no such
> file or directory"
> >
> > Why does it say "no such file or directory"?
> >
> > # ls -ld /tmp/data/
> > drwxr-xr-x. 2 nobody nobody 6 Apr 18 06:05 /tmp/data/
> >
> > I've tried various permissions and ownership and it's not selinux
> > because there are no denials in /var/log/audit/audit.log.
> >
> > What could be the problem here?
> >
> > Ideas are very much appreciated!
> >
> > --
> > Tracy Reed
> > http://tracyreed.org
> > Digital signature attached for your safety.
>
>
>
> > ___
> > users mailing list
> > users@lists.openshift.redhat.com
> > http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>
> --
> Tracy Reed
> http://tracyreed.org
> Digital signature attached for your safety.
>
> ___
> users mailing list
>

Re: Absence of master-config.yaml

2018-02-08 Thread Cesar Wong 
If using cluster up, you will find the config by default both inside the
container and on the file system of the host at
/var/lib/origin/openshift.local.config/master

If you need to make a change to the master-config.yaml, start the cluster,
bring it back down (with `oc cluster down`), make the change, and start the
next time with the `--use-existing-config` flag so your changes get picked
up and don't get overwritten.

On Thu, Feb 8, 2018 at 9:36 AM, Luke Meyer  wrote:

>
>
> On Thu, Feb 8, 2018 at 2:43 AM, Gaurav Ojha  wrote:
>
>> Thank you for your reply. Just a couple more questions:
>>
>>
>>1. Is there any way to create this file when I launch by openshift
>>start?
>>
>>
> openshift start --write-config= ...
> (see --help and also note --master-config and --node-config flags)
>
>
>>1. Pardon me, but when you say "it should be inside the container",
>>you mean the host on which I am running openshift on, or the openshift
>>container which starts as a result of this?
>>
>>
> Inside the container named "origin" that "oc cluster up" runs on docker.
>
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: No persistent volumes available in OpenShift Origin 3.7.1

2018-02-07 Thread Cesar Wong 
Hi Tien,

Docker for Mac introduced an internal proxy with Docker CE version 17.12.x.
This has been causing problems with apps that didn't expect to see a proxy
there, and certain settings like the NO_PROXY env var are ignored. Issues
have been reported on github and they seem to be working on them. Until
they have a fix, I would recommend downgrading to a pre- 17.12.0 version.
You can find download links in their release notes page:
https://docs.docker.com/docker-for-mac/release-notes/

Version 17.09.0-ce-mac35 should work fine.

On Wed, Feb 7, 2018 at 9:22 AM, Tien Hung Nguyen 
wrote:

> I have rechecked it and there are indeed no persistent volumes available
> by default. All what I did was just to execute this commands 'oc cluster up
> --host-data-dir /Users/user/oc-data' on Docker for Mac following this
> tutorial: https://github.com/openshift/origin/blob/master/
> docs/cluster_up_down.md
> My Docker for Machine has just the Insecure Registry 172.30.0.0/16 added.
>
> Furthermore, when I start openshift with the command 'oc cluster up
> --host-data-dir /Users/user/oc-data' it shows me the following output
> message after it has successfully started:
>
> oc cluster up --host-data-dir /Users/user/oc-data
>
> Starting OpenShift using openshift/origin:v3.7.1 ...
>
> Pulling image openshift/origin:v3.7.1
>
> Pulled 1/4 layers, 26% complete
>
> Pulled 1/4 layers, 80% complete
>
> Pulled 2/4 layers, 81% complete
>
> Pulled 3/4 layers, 92% complete
>
> Pulled 4/4 layers, 100% complete
>
> Extracting
>
> Image pull complete
>
> OpenShift server started.
>
>
> The server is accessible via web console at:
>
> https://127.0.0.1:8443
>
>
> You are logged in as:
>
> User: developer
>
> Password: 
>
>
> To login as administrator:
>
> oc login -u system:admin
>
>
> WARNING: An HTTP proxy (docker.for.mac.http.internal:3128) is configured
> for the Docker daemon, but you did not specify one for cluster up
>
> WARNING: An HTTPS proxy (docker.for.mac.http.internal:3129) is configured
> for the Docker daemon, but you did not specify one for cluster up
>
> WARNING: A proxy is configured for Docker, however 172.30.1.1 is not
> included in its NO_PROXY list.
>
>172.30.1.1 needs to be included in the Docker daemon's NO_PROXY
> environment variable so pushes to the local OpenShift registry can succeed.
>
>  I'm sure that I don't have a proxy enabled since I'm working from home
> where is no proxy configured.
>
> Please, could tell me how to solve this problem? I didn't have these
> problems when I used OpenShift version 3.6 CLI.
>
> Now, I'm using the following version:
>
> oc v3.7.1+ab0f056
>
> kubernetes v1.7.6+a08f5eeb62
>
> features: Basic-Auth
>
>
> Server https://127.0.0.1:8443
>
> openshift v3.7.1+ab0f056
>
> kubernetes v1.7.6+a08f5eeb62
>
>
> Regards
> Tien
>
>
> 2018-02-04 15:17 GMT+01:00 Michail Kargakis :
>
>> Used to be in default as the rest of the infra components.
>>
>> On Sat, Feb 3, 2018 at 8:53 PM, Clayton Coleman 
>> wrote:
>>
>>> There’s a job that oc cluster up runs to create host PVs.  You may want
>>> to check that that job ran successfully.  I don’t remember exactly what
>>> namespace it was created it in
>>>
>>> On Feb 3, 2018, at 1:10 PM, Tien Hung Nguyen 
>>> wrote:
>>>
>>> Hello,
>>>
>>> I'm using OpenShift Origin v3.7.1 Client and Server installed on my
>>> local Computer (Mac) via Docker on Mac. I started OpenShift using the
>>> command oc cluster up --host-data-dir /Users/username/oc-data and tried to
>>> deploy my appliocations using a .yml template. However, the deployment
>>> stucks because it gives me the following error:
>>>
>>> Events:
>>>
>>>   FirstSeen LastSeen Count From SubObjectPath Type Reason Message
>>>
>>>   -  -  -  -- ---
>>>
>>>   17m 1m 63 persistentvolume-controller Normal FailedBinding no
>>> persistent volumes available for this claim and no storage class is set
>>>
>>>
>>> After checking my persistent volumes with the command oc get pv, I
>>> realized that my containers don't have any pvs available (Message: No
>>> resources found. ). Please, could you tell me why the new OpenShift
>>> Origin 3.7.1 version doesn't create any pvs by default at the beginning?
>>> When I used the old OpenShift Origin 3.6.1 version, I never had that
>>> problem when using the same .yaml template for deployment.
>>>
>>> How can I fix that problem?
>>>
>>> Regards
>>> Tien
>>>
>>> ___
>>> users mailing list
>>> users@lists.openshift.redhat.com
>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>>>
>>>
>>> ___
>>> users mailing list
>>> users@lists.openshift.redhat.com
>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>>>
>>>
>>
>
> ___
> users mailing list
>

Re: oc cluster up - router not starting

2017-10-25 Thread Cesar Wong 

Hi Jan,
So I see this in your log:
E1025 15:45:01.408533 6242 pod_workers.go:182] Error syncing pod 
6734f809-b99b-11e7-9b1d-3a4633f0fe38 
("router-1-fmvnv_default(6734f809-b99b-11e7-9b1d-3a4633f0fe38)"), skipping: 
failed to "CreatePodSandbox" for 
"router-1-fmvnv_default(6734f809-b99b-11e7-9b1d-3a4633f0fe38)" with 
CreatePodSandboxError: "CreatePodSandbox for pod 
\"router-1-fmvnv_default(6734f809-b99b-11e7-9b1d-3a4633f0fe38)\" failed: 
rpc error: code = 2 desc = failed to start sandbox container for pod 
\"router-1-fmvnv\": Error response from daemon: {\"message\":\"driver 
failed programming external connectivity on endpoint 
k8s_POD_router-1-fmvnv_default_6734f809-b99b-11e7-9b1d-3a4633f0fe38_23 
(dc57db8d5856b460dd0b7ba84d320f5e24f46e4577e1d30288c28c086986237a): Error 
starting userland proxy: Bind for 0.0.0.0:80: unexpected error (Failure 
EADDRINUSE)\"}"
Looks like either there is a pod or a process on your machine using port 80 
and it's not letting the router bind to that port.___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: oc cluster up - router not starting

2017-10-25 Thread Cesar Wong 
Can you send the output of `docker logs origin` ? (Either as an attachment, 
gist, pastebin ... may be big)


On Wed, Oct 25, 2017 at 11:32 AM, Jan Hellar <jhel...@redhat.com> wrote:
Thanks for reply. I've tried to assign 8-12gb of memory and 4-6 processors. 
Still the same issue. I've also tried to completely reinstall docker.
On Wed, Oct 25, 2017 at 5:28 PM, Cesar Wong < cew...@redhat.com 
[cew...@redhat.com] > wrote:
I just tried it on my mac and things ran ok for me. I would check the 
memory/cpu you're assigning Docker. I'd at least give it 4-6gb of memory 
and half to all your processors.
On Wed, Oct 25, 2017 at 11:22 AM, Jan Hellar < jhel...@redhat.com 
[jhel...@redhat.com] > wrote:

Hi Cesar,
I've just used "oc cluster up" with no other parameters.
Regards, Jan
On Wed, Oct 25, 2017 at 4:56 PM, Cesar Wong < cew...@redhat.com 
[cew...@redhat.com] > wrote:

Hi Jan,
Can you include the exact command you're using to start cluster up ? Are 
you specifying a different version of the images?


On Wed, Oct 25, 2017 at 8:16 AM, Jan Hellar < jhel...@redhat.com 
[jhel...@redhat.com] > wrote:

Hi,
recently I have tried to run `oc cluster up` on mac. When running `oc 
cluster status` I get `Notice: Router is not yet ready`. When running `oc 
get pods` in `default` project, I can see that pod for router is in 
ContainerCreating state. Looking at events for the router pod I can see 
these two events: - Sandbox changed - Pod sandbox changed, it will be 
killed and re-created. 12 times in the last minute

- Failed sync - Error syncing pod - 13 times in the last minute
I have latest version of docker installed (Version 17.09.0-ce-mac35 
(19611)). Tried latest version (3.6.0) of openshift-cli from both github 
and brew.

Can anybody help with this issue? Thank you.
Best regards,
Jan Hellar


--
Jan Hellar



--
Jan Hellar___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: oc cluster up - router not starting

2017-10-25 Thread Cesar Wong 
I just tried it on my mac and things ran ok for me. I would check the 
memory/cpu you're assigning Docker. I'd at least give it 4-6gb of memory 
and half to all your processors.

On Wed, Oct 25, 2017 at 11:22 AM, Jan Hellar <jhel...@redhat.com> wrote:
Hi Cesar,
I've just used "oc cluster up" with no other parameters.
Regards, Jan
On Wed, Oct 25, 2017 at 4:56 PM, Cesar Wong < cew...@redhat.com 
[cew...@redhat.com] > wrote:

Hi Jan,
Can you include the exact command you're using to start cluster up ? Are 
you specifying a different version of the images?


On Wed, Oct 25, 2017 at 8:16 AM, Jan Hellar < jhel...@redhat.com 
[jhel...@redhat.com] > wrote:

Hi,
recently I have tried to run `oc cluster up` on mac. When running `oc 
cluster status` I get `Notice: Router is not yet ready`. When running `oc 
get pods` in `default` project, I can see that pod for router is in 
ContainerCreating state. Looking at events for the router pod I can see 
these two events: - Sandbox changed - Pod sandbox changed, it will be 
killed and re-created. 12 times in the last minute

- Failed sync - Error syncing pod - 13 times in the last minute
I have latest version of docker installed (Version 17.09.0-ce-mac35 
(19611)). Tried latest version (3.6.0) of openshift-cli from both github 
and brew.

Can anybody help with this issue? Thank you.
Best regards,
Jan Hellar


--
Jan Hellar___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: oc cluster up - router not starting

2017-10-25 Thread Cesar Wong 

Hi Jan,
Can you include the exact command you're using to start cluster up ? Are 
you specifying a different version of the images?


On Wed, Oct 25, 2017 at 8:16 AM, Jan Hellar  wrote:
Hi,
recently I have tried to run `oc cluster up` on mac. When running `oc 
cluster status` I get `Notice: Router is not yet ready`. When running `oc 
get pods` in `default` project, I can see that pod for router is in 
ContainerCreating state. Looking at events for the router pod I can see 
these two events: - Sandbox changed - Pod sandbox changed, it will be 
killed and re-created. 12 times in the last minute

- Failed sync - Error syncing pod - 13 times in the last minute
I have latest version of docker installed (Version 17.09.0-ce-mac35 
(19611)). Tried latest version (3.6.0) of openshift-cli from both github 
and brew.

Can anybody help with this issue? Thank you.
Best regards,
Jan Hellar___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: service account for rest api

2017-10-19 Thread Cesar Wong 
Julio,

Depending on your version of curl, you may be hitting this: 
https://bugzilla.redhat.com/show_bug.cgi?id=1260178 
[https://bugzilla.redhat.com/show_bug.cgi?id=1260178]
On Thu, Oct 19, 2017 at 12:11 PM, Julio Saura  wrote:
umm that works …
weird
Julio Saura Alejandre Responsable Servicios Gestionados hiberus TRAVEL Tel.: + 
34 902 87 73 92 Ext. 659 Parque Empresarial PLAZA Edificio EXPOINNOVACIÓN C/. 
Bari 25 Duplicado, Escalera 1, Planta 2ª. 50197 Zaragoza www.hiberus.com 
[http://www.hiberus.com]Crecemos contigo

Este mensaje se envía desde la plataforma de correo de Hiberus Este mensaje y 
los documentos que, en su caso, lleve anexos, se dirigen exclusivamente a su 
destinatario y pueden contener información privilegiada o confidencial. Si tú 
no eres el destinatario indicado, queda notificado de que la utilización, 
divulgación y/o copia sin autorización está prohibida en virtud de la 
legislación vigente. Por ello, se informa a quien lo reciba por error, que la 
información contenida en el mismo es reservada y su uso no autorizado está 
prohibido legalmente, por lo que en tal caso te rogamos que nos lo comuniques 
vía e-mail o teléfono, te abstengas de realizar copias del mensaje o remitirlo 
o entregarlo a terceras personas y procedas a devolverlo a su emisor y/o 
destruirlo de inmediato.
El 19 oct 2017, a las 18:01, Frederic Giloux < fgil...@redhat.com 
[fgil...@redhat.com] > escribió:
oc get rc -n project1 --as=system:serviceaccounts:project1:inciga___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Invalid output reference

2017-09-06 Thread Cesar Wong 
The tag will be created by the build when it runs, but it expects the image 
stream to exist. When the web console created the build config, it also created 
the output image stream.

You can recreate it by running:

oc create imagestream myapp

> On Sep 6, 2017, at 8:59 AM, Tim Dudgeon <tdudgeon...@gmail.com> wrote:
> 
> No. Isn't that what's being created by the build (as its output)?
> 
> Those parameters were taken from the build config that had just successfully 
> been created and built using the web console, and then the build config 
> exported as YAML.
> 
> Tim
> 
> 
> On 06/09/2017 13:44, Cesar Wong wrote:
>> Does the myapp image stream exist?
>> 
>>> On Sep 6, 2017, at 6:35 AM, Tim Dudgeon <tdudgeon...@gmail.com> wrote:
>>> 
>>> I'm trying to get to grips with build configs. In this case a Java build 
>>> using Maven.
>>> I managed to get the build to work fine using the web console and now want 
>>> to allow this to be automated using cli.
>>> So I export the build config as YAML using `oc get bc/myapp -o yaml > 
>>> myapp-bc.yaml`, delete the old one and then try to re-load using the YAML 
>>> using `oc create -f myapp-bc.yaml` and then start the build.
>>> 
>>> But the build never starts complaining of an 'Invalid output reference'.
>>> Presumably this refers to the output section of the YAML that looks like 
>>> this:
>>> 
>>>>   output:
>>>> to:
>>>>   kind: ImageStreamTag
>>>>   name: myapp:latest
>>> Any pointers to what is wrong?
>>> 
>>> Thanks
>>> Tim
>>> 
>>> 
>>> 
>>> 
>>> ___
>>> users mailing list
>>> users@lists.openshift.redhat.com
>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
> 


___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Invalid output reference

2017-09-06 Thread Cesar Wong 
Does the myapp image stream exist?

> On Sep 6, 2017, at 6:35 AM, Tim Dudgeon  wrote:
> 
> I'm trying to get to grips with build configs. In this case a Java build 
> using Maven.
> I managed to get the build to work fine using the web console and now want to 
> allow this to be automated using cli.
> So I export the build config as YAML using `oc get bc/myapp -o yaml > 
> myapp-bc.yaml`, delete the old one and then try to re-load using the YAML 
> using `oc create -f myapp-bc.yaml` and then start the build.
> 
> But the build never starts complaining of an 'Invalid output reference'.
> Presumably this refers to the output section of the YAML that looks like this:
> 
>>   output:
>> to:
>>   kind: ImageStreamTag
>>   name: myapp:latest
> Any pointers to what is wrong?
> 
> Thanks
> Tim
> 
> 
> 
> 
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users


___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Where are the s2i images for "oc new-app"· defined

2017-08-23 Thread Cesar Wong 
Hi Tako,

new-app will use image streams with "supports" tags in either your current 
namespace or the openshift namespace.

For origin, these image streams get imported in the openshift namespace by 
default:
https://github.com/openshift/origin/blob/master/examples/image-streams/image-streams-centos7.json
 

> On Aug 23, 2017, at 10:49 AM, Tako Schotanus  wrote:
> 
> Hmm, using "oc export" on an app created with "oc new-app" and looking around 
> in that I see a reference to "centos/nodejs-4-centos7".
> So perhaps all the images mentioned here https://hub.docker.com/u/centos/ 
>  are the ones used for "oc new-app"?
> 
> On Wed, Aug 23, 2017 at 4:36 PM, Tako Schotanus  > wrote:
> Hi,
> 
> I'd like to find out where the images are defined that "oc new-app" uses to 
> detect and build when provided with a link to a code repository?
> 
> For example if I pass it a link to a repository containing a NodeJS app I get 
> the following output:
> 
> --> Found image ccdf360 (5 weeks old) in image stream "openshift/nodejs" 
> under tag "4" for "nodejs"
> 
> Given this I'd like to know where I can find the original "openshift/nodejs" 
> image to see how it was made.
> 
> Thanks!
> 
> -- 
> TAKO SCHOTANUS
> SENIOR SOFTWARE ENGINEER
> Red Hat 
> 
>  
>  
> 
> 
> 
> 
> -- 
> TAKO SCHOTANUS
> SENIOR SOFTWARE ENGINEER
> Red Hat 
> 
>  
>  
> 
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Can't push to registry after ansible install

2017-08-22 Thread Cesar Wong 
I saw the same thing on a new cluster. I resolved it manually by:

1) adding ‘search cluster.local’ to the node’s /etc/resolv.conf
2) adding docker-registry.default.svc and 
docker-registry.default.svc.cluster.local to the docker daemon’s insecure 
registries

then stopped the node service, restarted docker and started the node service

Maybe #2 is unnecessary once you add the search directive to resolv.conf, but 
didn’t try.

Scott, it seems the default is now to use the registry host name instead of the 
numeric service IP. Is there a variable that controls that?

> On Aug 22, 2017, at 7:17 AM, Tim Dudgeon  wrote:
> 
> Hi All,
> 
> I'm having problems with the ansible installer.
> I've created a very simple 1 node cluster using an inventory file like this:
> 
>> OSEv3:children]
>> masters
>> nodes
>> 
>> [OSEv3:vars]
>> ansible_ssh_user=root
>> openshift_deployment_type=origin
>> openshift_disable_check=docker_storage,memory_availability
>> openshift_hostname=MASTER_PRIVATE_FQDN
>> openshift_master_cluster_hostname=MASTER_PRIVATE_FQDN
>> openshift_master_cluster_public_hostname=MASTER_PUBLIC_FQDN
>> openshift_master_identity_providers=[{'name': 'htpasswd_auth', 'login': 
>> 'true', 'challenge': 'true', 'kind': 'HTPasswdPasswordIdentityProvider', 
>> 'filename': '/etc/origin/master/users.htpasswd'}]
>> 
>> [masters]
>> MASTER_PRIVATE_FQDN ansible_connection=local
>> [etcd]
>> MASTER_PRIVATE_FQDN ansible_connection=local
>> 
>> [nodes]
>> MASTER_PRIVATE_FQDN openshift_node_labels="{'region': 'infra'}" 
>> openshift_schedulable=true ansible_connection=local
> 
> 
> The installer seems to run OK and the web console is accessible, but when I 
> try to do a build it fails as it can't push to the docker repo. The end of 
> the log file shows this:
> 
>> Pushing image docker-registry.default.svc:5000/simple/nodejs-ex:latest ...
>> Registry server Address:
>> Registry server User Name: serviceaccount
>> Registry server Email: serviceacco...@example.org
>> Registry server Password: <>
>> error: build error: Failed to push image: Get 
>> https://docker-registry.default.svc:5000/v1/_ping: dial tcp: lookup 
>> docker-registry.default.svc on 10.1.162.87:53: no such host
> 
> 'oc get all' shows this:
> 
>> NAME  DOCKER REPO
>>  TAGS UPDATED
>> is/registry-console 
>> docker-registry.default.svc:5000/default/registry-console latest22 
>> minutes ago
>> 
>> NAME  REVISION   DESIRED   CURRENT   TRIGGERED BY
>> dc/docker-registry1  1 1 config
>> dc/registry-console   1  1 1 config
>> dc/router 1  1 1 config
>> 
>> NAMEDESIRED   CURRENT   READY AGE
>> rc/docker-registry-11 1 1 23m
>> rc/registry-console-1   1 1 1 22m
>> rc/router-1 1 1 1 25m
>> 
>> NAME HOST/PORT PATH  SERVICES   PORT  TERMINATION   WILDCARD
>> routes/docker-registry 
>> docker-registry-default.router.default.svc.cluster.local docker-registry
>>  passthrough   None
>> routes/registry-console 
>> registry-console-default.router.default.svc.cluster.local registry-console   
>>  passthrough   None
>> 
>> NAME   CLUSTER-IP   EXTERNAL-IP PORT(S)  
>>  AGE
>> svc/docker-registry172.30.157.1345000/TCP  23m
>> svc/kubernetes 172.30.0.1443/TCP,53/UDP,53/TCP 31m
>> svc/registry-console   172.30.175.45 9000/TCP  22m
>> svc/router 172.30.208.16480/TCP,443/TCP,1936/TCP   25m
>> 
>> NAME  READY STATUSRESTARTS   AGE
>> po/docker-registry-1-wps111/1   Running   0  23m
>> po/registry-console-1-d8ss8   1/1   Running   0  22m
>> po/router-1-3p2nn 1/1   Running   0  24m
> 
> Any ideas what is wrong?
> 
> Tim
> 
> 
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users


___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Configuring custom certs

2017-07-28 Thread Cesar Wong 
Hi Tim, 

You may want to enable additional logging by running 'oc cluster up 
--loglevel=5 --server-loglevel=5

If the origin container can't start, there's something wrong with the 
master-config.yaml (could be as simple as a formatting issue)

> On Jul 28, 2017, at 6:17 AM, Tim Dudgeon  wrote:
> 
> I'm trying to work out how to deploy custom certificates so that the OS 
> console doesn't complain about untrested certs.
> I've obtained certificates using Let's Encrypt, so have the following files:
> cert.pem chain.pem fullchaim.pem privkey.pem
> 
> Now I try to update my master-config.yaml to use these.
> I was thinking that the minimum needed would be to edit:
> 
> assetConfig.ServingInfo.certFile to point to fullchain.pem
> 
> assetConfig.ServingInfo.keyFile to point to privkey.pem
> 
> and leave assetConfig.ServingInfo.clientCA as empty.
> 
> I made no other changes.
> 
> Unfortunately this does not work. oc cluster up fails badly without saying 
> much that is useful:
> 
> 
> Starting OpenShift using openshift/origin:v3.6.0-rc.0 ...
> -- Checking OpenShift client ... OK
> -- Checking Docker client ... OK
> -- Checking Docker version ... OK
> -- Checking for existing OpenShift container ...
>  Deleted existing OpenShift container
> -- Checking for openshift/origin:v3.6.0-rc.0 image ... OK
> -- Checking Docker daemon configuration ... OK
> -- Checking for available ports ... OK
> -- Checking type of volume mount ...
>  Using nsenter mounter for OpenShift volumes
> -- Creating host directories ... OK
> -- Finding server IP ...
>  Using 127.0.0.1 as the server IP
> -- Starting OpenShift container ...
>  Starting OpenShift using container 'origin'
> FAIL
>  Error: could not start OpenShift container "origin"
>  Details:
>  No log available from "origin" container
> 
> Any pointers to how to do this correctly?
> 
> Thanks
> Tim
> 
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users


___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Projects created with CLI or not visiable in UI console

2017-06-08 Thread Cesar Wong 
You cannot login to the web console as system:admin since it doesn't have an 
oauth token associated with it. 

You can grant any user the cluster-admin role with:

oc adm policy add-cluster-role-to-user cluster-admin myuser

Then login with that user

> On Jun 8, 2017, at 1:07 PM, Marcin Zajączkowski  wrote:
> 
> Dnia Czwartek, 8 Czerwca 2017 19:04 Jessica Forrester  > napisał(a)
> If you are using the same user this can't happen.  Is there a chance you were 
> running as the system admin when you were using the CLI?
>  
> Yes system:admin both from CLI and UI. It's Minishift and I haven't changed 
> anything with users there.
>  
> Marcin
>  
>  
> 
> On Thu, Jun 8, 2017 at 12:28 PM, Marcin Zajączkowski  > wrote:
> Hi,
> 
> Projects created with CLI are not visible in the UI console. Is it possible 
> to add them there?
> 
> OpeShift 1.5.1, Minishift 1.1.0.
> 
> Marcin
> 
> --
> http://blog.solidsoft.info/  - Working code is 
> not enough
> 
> 
> 
> ___
> users mailing list
> users@lists.openshift.redhat.com 
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users 
> 
> 
> 
> --
> http://blog.solidsoft.info/  - Working code is 
> not enough
>  
> 
> ___
> users mailing list
> users@lists.openshift.redhat.com 
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users 
> 
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Bad line length character. Git URL no longer works

2017-04-06 Thread Cesar Wong 
At least it shows the exact git clone command … can you try doing ‘git clone 
—recursive —depth=1 [the-url]’ from your local machine? 

I suspect that the —depth=1 may be what’s throwing it off

> On Apr 6, 2017, at 12:24 PM, Dean Peterson <peterson.d...@gmail.com> wrote:
> 
> Thank you, that is helpful;
> 
> It has been hung for about 5 minutes now. I have included the log in a gist:
> 
> https://gist.github.com/deanpeterson/6b83f10ae100093f29b2530beb9de0fc 
> <https://gist.github.com/deanpeterson/6b83f10ae100093f29b2530beb9de0fc>
> 
> Is there anything useful in there?
> 
> On Thu, Apr 6, 2017 at 11:04 AM, Cesar Wong <cew...@redhat.com 
> <mailto:cew...@redhat.com>> wrote:
> You can try setting the BUILD_LOGLEVEL env var to something high:
> 
> $ oc set env bc/[your-bc] BUILD_LOGLEVEL=10
> 
>> On Apr 6, 2017, at 12:00 PM, Dean Peterson <peterson.d...@gmail.com 
>> <mailto:peterson.d...@gmail.com>> wrote:
>> 
>> Yes, I can take that exact url and clone at the command line on windows and 
>> on RHEL 7.3. It only takes about a second. On Openshift, it spins for about 
>> 5-10 minutes then fails with that error. Is there a way to see the entire 
>> error message? I can't seem to find it in any Docker of Openshift logs.
>> 
>> Thanks
>> 
>> On Thu, Apr 6, 2017 at 10:51 AM, Cesar Wong <cew...@redhat.com 
>> <mailto:cew...@redhat.com>> wrote:
>> Are you able to clone outside of openshift using that URL? 
>> 
>> Just looking at what the bad line length character being reported is (> my guess is that the git server is responding with an HTML doc/error of some 
>> kind.
>> 
>>> On Apr 6, 2017, at 11:43 AM, Dean Peterson <peterson.d...@gmail.com 
>>> <mailto:peterson.d...@gmail.com>> wrote:
>>> 
>>> Hi Cesar,
>>> 
>>> Version
>>> 
>>> OpenShift Master:
>>> v1.4.1
>>> Kubernetes Master:
>>> v1.4.0+776c994
>>> 
>>> On Thu, Apr 6, 2017 at 10:19 AM, Cesar Wong <cew...@redhat.com 
>>> <mailto:cew...@redhat.com>> wrote:
>>> Hi Dean, 
>>> 
>>> What version of openshift are you using?
>>> 
>>>> On Apr 6, 2017, at 11:07 AM, Dean Peterson <peterson.d...@gmail.com 
>>>> <mailto:peterson.d...@gmail.com>> wrote:
>>>> 
>>>> Hello,
>>>> 
>>>> I just installed the latest version of Origin. A build that worked before 
>>>> is failing with the following:
>>>> 
>>>> Cloning "https://someone <https://someone/>%40gmail.com 
>>>> <http://40gmail.com/>:somepassword%40morepassword...@enterprisewebservice.kilnhg.com/Code/EnterpriseWebService/Openshift-Docker-Builds/wildfly-jdk-8.git
>>>>  
>>>> <http://omepassword%40morepassword...@enterprisewebservice.kilnhg.com/Code/EnterpriseWebService/Openshift-Docker-Builds/wildfly-jdk-8.git>"
>>>>  ...
>>>> error: build error: fatal: protocol error: bad line length character: >>> fatal: The remote end hung up unexpectedly
>>>> 
>>>> I have verified that builds with public github urls work, but this url 
>>>> that worked before is no longer working.
>>>> 
>>>> Also, builds often hang on cloning, regardless for up to 5 minutes before 
>>>> success or failing. 
>>>> 
>>>> Has something changed to prevent a url with escaped @ symbols in the 
>>>> username/pass section from working?
>>>> 
>>>> Thank you
>>>> ___
>>>> users mailing list
>>>> users@lists.openshift.redhat.com <mailto:users@lists.openshift.redhat.com>
>>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users 
>>>> <http://lists.openshift.redhat.com/openshiftmm/listinfo/users>
>>> 
>>> 
>> 
>> 
> 
> 

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Bad line length character. Git URL no longer works

2017-04-06 Thread Cesar Wong 
You can try setting the BUILD_LOGLEVEL env var to something high:

$ oc set env bc/[your-bc] BUILD_LOGLEVEL=10

> On Apr 6, 2017, at 12:00 PM, Dean Peterson <peterson.d...@gmail.com> wrote:
> 
> Yes, I can take that exact url and clone at the command line on windows and 
> on RHEL 7.3. It only takes about a second. On Openshift, it spins for about 
> 5-10 minutes then fails with that error. Is there a way to see the entire 
> error message? I can't seem to find it in any Docker of Openshift logs.
> 
> Thanks
> 
> On Thu, Apr 6, 2017 at 10:51 AM, Cesar Wong <cew...@redhat.com 
> <mailto:cew...@redhat.com>> wrote:
> Are you able to clone outside of openshift using that URL? 
> 
> Just looking at what the bad line length character being reported is ( my guess is that the git server is responding with an HTML doc/error of some 
> kind.
> 
>> On Apr 6, 2017, at 11:43 AM, Dean Peterson <peterson.d...@gmail.com 
>> <mailto:peterson.d...@gmail.com>> wrote:
>> 
>> Hi Cesar,
>> 
>> Version
>> 
>> OpenShift Master:
>> v1.4.1
>> Kubernetes Master:
>> v1.4.0+776c994
>> 
>> On Thu, Apr 6, 2017 at 10:19 AM, Cesar Wong <cew...@redhat.com 
>> <mailto:cew...@redhat.com>> wrote:
>> Hi Dean, 
>> 
>> What version of openshift are you using?
>> 
>>> On Apr 6, 2017, at 11:07 AM, Dean Peterson <peterson.d...@gmail.com 
>>> <mailto:peterson.d...@gmail.com>> wrote:
>>> 
>>> Hello,
>>> 
>>> I just installed the latest version of Origin. A build that worked before 
>>> is failing with the following:
>>> 
>>> Cloning "https://someone <https://someone/>%40gmail.com 
>>> <http://40gmail.com/>:somepassword%40morepassword...@enterprisewebservice.kilnhg.com/Code/EnterpriseWebService/Openshift-Docker-Builds/wildfly-jdk-8.git
>>>  
>>> <http://omepassword%40morepassword...@enterprisewebservice.kilnhg.com/Code/EnterpriseWebService/Openshift-Docker-Builds/wildfly-jdk-8.git>"
>>>  ...
>>> error: build error: fatal: protocol error: bad line length character: >> fatal: The remote end hung up unexpectedly
>>> 
>>> I have verified that builds with public github urls work, but this url that 
>>> worked before is no longer working.
>>> 
>>> Also, builds often hang on cloning, regardless for up to 5 minutes before 
>>> success or failing. 
>>> 
>>> Has something changed to prevent a url with escaped @ symbols in the 
>>> username/pass section from working?
>>> 
>>> Thank you
>>> ___
>>> users mailing list
>>> users@lists.openshift.redhat.com <mailto:users@lists.openshift.redhat.com>
>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users 
>>> <http://lists.openshift.redhat.com/openshiftmm/listinfo/users>
>> 
>> 
> 
> 

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Bad line length character. Git URL no longer works

2017-04-06 Thread Cesar Wong 
Are you able to clone outside of openshift using that URL? 

Just looking at what the bad line length character being reported is ( On Apr 6, 2017, at 11:43 AM, Dean Peterson <peterson.d...@gmail.com> wrote:
> 
> Hi Cesar,
> 
> Version
> 
> OpenShift Master:
> v1.4.1
> Kubernetes Master:
> v1.4.0+776c994
> 
> On Thu, Apr 6, 2017 at 10:19 AM, Cesar Wong <cew...@redhat.com 
> <mailto:cew...@redhat.com>> wrote:
> Hi Dean, 
> 
> What version of openshift are you using?
> 
>> On Apr 6, 2017, at 11:07 AM, Dean Peterson <peterson.d...@gmail.com 
>> <mailto:peterson.d...@gmail.com>> wrote:
>> 
>> Hello,
>> 
>> I just installed the latest version of Origin. A build that worked before is 
>> failing with the following:
>> 
>> Cloning "https://someone <https://someone/>%40gmail.com 
>> <http://40gmail.com/>:somepassword%40morepassword...@enterprisewebservice.kilnhg.com/Code/EnterpriseWebService/Openshift-Docker-Builds/wildfly-jdk-8.git
>>  
>> <http://omepassword%40morepassword...@enterprisewebservice.kilnhg.com/Code/EnterpriseWebService/Openshift-Docker-Builds/wildfly-jdk-8.git>"
>>  ...
>> error: build error: fatal: protocol error: bad line length character: > fatal: The remote end hung up unexpectedly
>> 
>> I have verified that builds with public github urls work, but this url that 
>> worked before is no longer working.
>> 
>> Also, builds often hang on cloning, regardless for up to 5 minutes before 
>> success or failing. 
>> 
>> Has something changed to prevent a url with escaped @ symbols in the 
>> username/pass section from working?
>> 
>> Thank you
>> ___
>> users mailing list
>> users@lists.openshift.redhat.com <mailto:users@lists.openshift.redhat.com>
>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users 
>> <http://lists.openshift.redhat.com/openshiftmm/listinfo/users>
> 
> 

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Bad line length character. Git URL no longer works

2017-04-06 Thread Cesar Wong 
Hi Dean, 

What version of openshift are you using?

> On Apr 6, 2017, at 11:07 AM, Dean Peterson  wrote:
> 
> Hello,
> 
> I just installed the latest version of Origin. A build that worked before is 
> failing with the following:
> 
> Cloning "https://someone 
> %40gmail.com:somepassword%40morepassword...@enterprisewebservice.kilnhg.com/Code/EnterpriseWebService/Openshift-Docker-Builds/wildfly-jdk-8.git
>  
> "
>  ...
> error: build error: fatal: protocol error: bad line length character:  fatal: The remote end hung up unexpectedly
> 
> I have verified that builds with public github urls work, but this url that 
> worked before is no longer working.
> 
> Also, builds often hang on cloning, regardless for up to 5 minutes before 
> success or failing. 
> 
> Has something changed to prevent a url with escaped @ symbols in the 
> username/pass section from working?
> 
> Thank you
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: [aos-devel] Changing the default routing suffix for oc cluster up (xip.io -> nip.io)

2017-02-23 Thread Cesar Wong 
Adding users and dev lists,


Thx Maciej


Jon, 

I’ve only found anecdotal evidence [1][2], but from my own (very short) 
experience, it does seem more reliable.

[1] 
http://stackoverflow.com/questions/36958846/chrome-error-105-err-name-not-resolved-xip-io
 
<http://stackoverflow.com/questions/36958846/chrome-error-105-err-name-not-resolved-xip-io>
[2] 
https://lists.cloudfoundry.org/archives/list/cf-...@lists.cloudfoundry.org/thread/HLIK46WQLCZAMJKJKVJNQLPZPZRO6SYZ/
 
<https://lists.cloudfoundry.org/archives/list/cf-...@lists.cloudfoundry.org/thread/HLIK46WQLCZAMJKJKVJNQLPZPZRO6SYZ/>



> On Feb 23, 2017, at 10:05 AM, Jonathan Yu <jaw...@redhat.com> wrote:
> 
> 
> 
> On Thu, Feb 23, 2017 at 7:00 AM, Jimmi Dyson <jdy...@redhat.com 
> <mailto:jdy...@redhat.com>> wrote:
> Yes it's still very flaky outside of RHT network.
> 
> Interesting, I'm surprised to hear that given xip.io <http://xip.io/>'s 
> popularity.
> 
> Looking at the source code/descriptions, both sites seem to use the same 
> technique - a PowerDNS server with a pipe backend [0, 1] so I'm curious what 
> the differences are/why nip.io <http://nip.io/> is seen to be more reliable.
> 
> [0] https://github.com/basecamp/xip-pdns 
> <https://github.com/basecamp/xip-pdns>
> [1] https://xp-dev.com/sc/150354/HEAD/%2Fsrc%2Fbackend.py 
> <https://xp-dev.com/sc/150354/HEAD//src/backend.py>
> 
> On Thu, Feb 23, 2017 at 2:58 PM, Jonathan Yu <jaw...@redhat.com 
> <mailto:jaw...@redhat.com>> wrote:
> Is xip.io <http://xip.io/> reliability a problem outside of the Red Hat 
> network? I thought it was intentionally blacklisted by our resolvers for some 
> reason?
> 
> On Thu, Feb 23, 2017 at 1:47 AM, Maciej Szulik <maszu...@redhat.com 
> <mailto:maszu...@redhat.com>> wrote:
> I'd suggest public dev and users lists as well.
> 
> On Wed, Feb 22, 2017 at 7:45 PM, Cesar Wong <cew...@redhat.com 
> <mailto:cew...@redhat.com>> wrote:
> Hi folks,
> 
> With PR #13023 [ https://github.com/openshift/origin/pull/13023 
> <https://github.com/openshift/origin/pull/13023> ] we’ll be changing the 
> default routing domain suffix that `oc cluster up` uses from xip.io 
> <http://xip.io/> to nip.io <http://nip.io/> which so far is more reliable. 
> 
> You will still be able to use xip.io <http://xip.io/> if you like by 
> specifying a —routing-suffix argument of [your-ip].xip.io <http://xip.io/> 
> 
> Please let us know if this will cause any issues for you.
> 
> 
> 
> 
> -- 
> Jonathan Yu / Software Engineer, OpenShift by Red Hat / 140-character rants 
> 'n raves <https://twitter.com/jawnsy>
> “Ever tried. Ever failed. No matter. Try again. Fail again. Fail better.” — 
> Samuel Beckett
> 
> 
> 
> 
> -- 
> Jonathan Yu / Software Engineer, OpenShift by Red Hat / 140-character rants 
> 'n raves <https://twitter.com/jawnsy>
> “Ever tried. Ever failed. No matter. Try again. Fail again. Fail better.” — 
> Samuel Beckett

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Unable to start openshift in VM, AWS or google cloud

2016-11-03 Thread Cesar Wong 
Hi Ravi,

On AWS, the magic incantation is:

oc cluster up --public-hostname=[public dns name] --routing-suffix=[ip 
address].xip.io 

Don't specify the numeric ip address in --public-hostname, rather the dns name.

You can then access the web console at https://[public  dns 
name]:8443/


On Windows 7 + VirtualBox + Ubuntu ... is it unable to connect to a route 
because the address/port is not reachable or because the dns name is not found?

> On Nov 2, 2016, at 9:34 PM, Ravi  wrote:
> 
> 
> I am not able to start openshift, I tried three different ways.
> 
> 1. Windows 7 + Virtual Box + Ubuntu
> oc cluster up works well. I went to console and launched nodejs-ex example. 
> Console shows it is up, however when I click on route, it says "unable to 
> connect". I tried going directly to POD's IP address and it does work. In 
> other words, somehow load balancer was failing in virtualbox Ubuntu VM.
> 
> 2. Then I moved on to AWS. I launched a RedHat image and installed docker and 
> started openshift. Here, OC starts on private IP address, so I am not able to 
> access it from public internet. I even tried
> oc cluster up --public-hostname='my ip address' but since the public ip 
> address is some magic, oc is not able to detect etcd etc and fails.
> 
> 3. Then I tried on google cloud. I faced exactly same issue as AWS.
> 
> If any one of them works, I will be ok but no idea how to get past these 
> issues.
> 
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Secure SSL route

2016-10-19 Thread Cesar Wong 
You can also just serve http from your container and edit your route to use 
'edge' type termination. It should use the default cert/key from the router.

> On Oct 19, 2016, at 12:02 PM, Andy Goldstein  wrote:
> 
> If you want any web server to talk https, you'll need to specify certificate 
> and key information for it.
> 
> On Wed, Oct 19, 2016 at 7:44 AM, Den Cowboy  > wrote:
> Hi,
> 
> 
> we have an app which is hosted by nginx inside the same container. We used 
> the default.conf of nginx which is listening to port 80.
> 
> 443 and 80 are exposed but only 80 is 'in use'. We're able to create a secure 
> route with the openshift webconsole (or oc expose svc..). But of course there 
> was nothing to show.
> 
> 
> Now we try to edit our nginx configuration so we can use a secure route on 
> our service (above the pod). 
> In the container we changed the default.conf:
> 
> 
> listen 443;
> 
> I have a bit experience with using apache (not nginx) to use ssl but than I 
> need my self signed certificates inside my container and that kind of stuff. 
> Do I need this for OpenShift?
> 
> 
> I saw in my browser:
> 
> SSL_ERROR_RX_RECORD_TOO_LONG
> 
> 
> 
> I edit again to
> 
> 
> listen   443 ssl http2;
> But now I see in the logs of my pod:
> 
> *1 no "ssl_certificate" is defined in server listening on SSL port while SSL 
> handshaking, client: 10.x.x.x, server: 0.0.0.0:443 
> 
> ___
> users mailing list
> users@lists.openshift.redhat.com 
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users 
> 
> 
> 
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Problem authenticating to private docker registry

2016-08-10 Thread Cesar Wong 
Hmm, I didn't know the issue existed between 1.10 and 1.12 as well. 

Andy, what would you recommend?

> On Aug 10, 2016, at 1:58 PM, Tony Saxon <tony.sa...@gmail.com> wrote:
> 
> Ok, maybe that is the issue. I can not do the docker pull referencing the 
> sha256 hash on the node.
> 
> The docker version running on the node is docker 1.10.3, and the docker 
> version on the machine that pushed the image is 1.12.0. Is there a potential 
> workaround for this, or do I need to get the docker version updated on the 
> nodes? For reference, I installed the openshift platform using the ansible 
> advanced installation referenced in the documentation.
> 
> On Wed, Aug 10, 2016 at 1:46 PM, Cesar Wong <cew...@redhat.com 
> <mailto:cew...@redhat.com>> wrote:
> Tony,
> 
> The only other time that I've seen the manifest not found error was when 
> there was a version mismatch between the Docker version that pushed the image 
> vs the version that was consuming the image (ie. images pushed with Docker 
> 1.9 and pulled with Docker 1.10). Are you able to pull the image spec 
> directly from your node using the Docker cli?
> 
> $ docker pull 
> docker-lab.example.com:5000/testwebapp@sha256:9799a25cd6fd7f7908bad740fc0c85823e38aa22afb22f687a5b8a3ed2bf9ec3
>  
> <http://docker-lab.example.com:5000/testwebapp@sha256:9799a25cd6fd7f7908bad740fc0c85823e38aa22afb22f687a5b8a3ed2bf9ec3>
> 
>> On Aug 10, 2016, at 1:02 PM, Tony Saxon <tony.sa...@gmail.com 
>> <mailto:tony.sa...@gmail.com>> wrote:
>> 
>> I'm not sure if this has anything to do with it, but I looked at the details 
>> of the imagestream that I imported and see that it has this as the docker 
>> image reference:
>> 
>> status:
>>   dockerImageRepository: 172.30.11.167:5000/testwebapp/testwebapp 
>> <http://172.30.11.167:5000/testwebapp/testwebapp>
>>   tags:
>>   - items:
>> - created: 2016-08-10T13:26:01Z
>>   dockerImageReference: 
>> docker-lab.example.com:5000/testwebapp@sha256:9799a25cd6fd7f7908bad740fc0c85823e38aa22afb22f687a5b8a3ed2bf9ec3
>>  
>> <http://docker-lab.example.com:5000/testwebapp@sha256:9799a25cd6fd7f7908bad740fc0c85823e38aa22afb22f687a5b8a3ed2bf9ec3>
>>   generation: 1
>>   image: 
>> sha256:9799a25cd6fd7f7908bad740fc0c85823e38aa22afb22f687a5b8a3ed2bf9ec3
>> tag: latest
>> 
>> I also see these errors show up on the docker registry when I try to deploy 
>> the app:
>> 
>> time="2016-08-10T16:58:26Z" level=warning msg="error authorizing context: 
>> basic authentication challenge for realm \"Registry Realm\": invalid 
>> authorization credential" go.version=go1.6.3 
>> http.request.host="docker-lab.evolveip.net:5000 
>> <http://docker-lab.evolveip.net:5000/>" http.request.id 
>> <http://http.request.id/>=ecce6c57-6273-42d6-b7a9-441877c0338f 
>> http.request.method=GET http.request.remoteaddr="192.168.122.156:35858 
>> <http://192.168.122.156:35858/>" http.request.uri="/v2/" 
>> http.request.useragent="docker/1.10.3 go/go1.4.2 
>> git-commit/9419b24-unsupported kernel/3.10.0-327.22.2.el7.x86_64 os/linux 
>> arch/amd64" instance.id 
>> <http://instance.id/>=f0d70491-6e34-44eb-a51c-3b13eae8daa6 version=v2.5.0
>> 192.168.122.156 - - [10/Aug/2016:16:58:26 +] "GET /v2/ HTTP/1.1" 401 87 
>> "" "docker/1.10.3 go/go1.4.2 git-commit/9419b24-unsupported 
>> kernel/3.10.0-327.22.2.el7.x86_64 os/linux arch/amd64"
>> time="2016-08-10T16:58:26Z" level=error msg="response completed with error" 
>> auth.user.name <http://auth.user.name/>=maven err.code="manifest unknown" 
>> err.detail="unknown manifest name=testwebapp 
>> revision=sha256:9799a25cd6fd7f7908bad740fc0c85823e38aa22afb22f687a5b8a3ed2bf9ec3"
>>  err.message="manifest unknown" go.version=go1.6.3 
>> http.request.host="docker-lab.evolveip.net:5000 
>> <http://docker-lab.evolveip.net:5000/>" http.request.id 
>> <http://http.request.id/>=b994a477-6beb-4908-8589-c051b9048e87 
>> http.request.method=GET http.request.remoteaddr="192.168.122.156:35860 
>> <http://192.168.122.156:35860/>" 
>> http.request.uri="/v2/testwebapp/manifests/sha256:9799a25cd6fd7f7908bad740fc0c85823e38aa22afb22f687a5b8a3ed2bf9ec3"
>>  http.request.useragent="docker/1.10.3 go/go1.4.2 
>> git-commit/9419b24-unsupported kernel/3.10.0-327.22.2.el7.x86_64 os/linux 
>> arch/amd64" http.response.contenttype="application/json; charse

Re: Problem authenticating to private docker registry

2016-08-10 Thread Cesar Wong 
rcfg 
> <http://kubernetes.io/dockercfg>   1 1d
> default-token-vbcmckubernetes.io/service-account-token 
> <http://kubernetes.io/service-account-token>   3 1d
> default-token-xffu5kubernetes.io/service-account-token 
> <http://kubernetes.io/service-account-token>   3 1d
> deployer-dockercfg-lfiuw   kubernetes.io/dockercfg 
> <http://kubernetes.io/dockercfg>   1 1d
> deployer-token-9euo2   kubernetes.io/service-account-token 
> <http://kubernetes.io/service-account-token>   3 1d
> deployer-token-mq6vw   kubernetes.io/service-account-token 
> <http://kubernetes.io/service-account-token>   3 1d
> docker-lab     kubernetes.io/dockercfg 
> <http://kubernetes.io/dockercfg>   1 19h
> 
> [root@os-master ~]# oc describe sa default
> Name:   default
> Namespace:  testwebapp
> Labels: 
>  
> Image pull secrets: default-dockercfg-pfota
> docker-lab
>  
> Mountable secrets:  default-token-xffu5
> default-dockercfg-pfota
>  
> Tokens: default-token-vbcmc
> default-token-xffu5
> 
> 
> One thing to note is that the "link" command didn't work. I had to use 'oc 
> secrets add default docker-lab --for=pull'
> 
> 
> Can you open an issue it's not working? Either docs should be updated or code 
> fixed.
>  
> 
>  
> Does it need to be added to a different service account? Here are the 
> accounts that currently exist:
> 
> [root@os-master ~]# oc get sa
> NAME   SECRETS   AGE
> builder2 1d
> default2 1d
> deployer   2 1d
> 
> On Wed, Aug 10, 2016 at 10:09 AM, Maciej Szulik <maszu...@redhat.com 
> <mailto:maszu...@redhat.com>> wrote:
> 
> 
> On Wed, Aug 10, 2016 at 3:59 PM, Cesar Wong <cew...@redhat.com 
> <mailto:cew...@redhat.com>> wrote:
> Hi Tony, 
> 
> Sorry for over-complicating it then :)
> 
> Using the image stream name is the right thing to do. However, new-app won't 
> include the pull secret in the deployment config that it generates. So you 
> have to specify it manually by editing the generated dc 
> 
> Unless, (Maciej, you'd know better than me) there is some magic that the 
> deployer uses to figure out the right secret to use.
> 
> 
> You need to provide the secrets as described here: 
> https://docs.openshift.org/latest/dev_guide/managing_images.html#allowing-pods-to-reference-images-from-other-secured-registries
>  
> <https://docs.openshift.org/latest/dev_guide/managing_images.html#allowing-pods-to-reference-images-from-other-secured-registries>
>  
> 
>> On Aug 10, 2016, at 9:47 AM, Tony Saxon <tony.sa...@gmail.com 
>> <mailto:tony.sa...@gmail.com>> wrote:
>> 
>> Thanks Cesar, but actually Maciej had it right. I'm trying to use a 
>> preexisting private docker registry as the source of the image. The 
>> preexisting registry is tied in with our current CI system, so my ultimate 
>> goal is to use an image from that repository as the source for an app in 
>> Openshift for a continuous deployment system.
>> 
>> I went and did the import and it imported successfully:
>> 
>> # oc import-image testwebapp --confirm 
>> --from=docker-lab.example.com:5000/testwebapp:latest 
>> <http://docker-lab.example.com:5000/testwebapp:latest>
>> The import completed successfully.
>>  
>> Name:   testwebapp
>> Created:1 seconds ago
>> Labels: 
>> Annotations:
>> openshift.io/image.dockerRepositoryCheck=2016-08-10T13:26:01Z 
>> <http://openshift.io/image.dockerRepositoryCheck=2016-08-10T13:26:01Z>
>> Docker Pull Spec:   172.30.11.167:5000/testwebapp/testwebapp 
>> <http://172.30.11.167:5000/testwebapp/testwebapp>
>>  
>> Tag SpecCreated 
>> PullSpecImage
>> latest  docker-lab.example.com:5000/testwebapp:latest 
>> <http://docker-lab.example.com:5000/testwebapp:latest>  1 seconds ago   
>> docker-lab.example.com:5000/testwebapp@sha256:9799a25cd6fd7f. 
>> <http://docker-lab.example.com:5000/testwebapp@sha256:9799a25cd6fd7f.>.. 
>>
>>  
>> # oc get is
>> NAME DOCKER REPOTAGS  UPDATED
>> testwebapp   172.30.11.167:5000/testwebapp/testwebapp 
>> <http://172.30.11.167:5000/testwebapp/testwebapp>   la

Re: Problem authenticating to private docker registry

2016-08-10 Thread Cesar Wong 
Maciej,

In this case, Tony is trying to connect to the OpenShift registry, so the 
secret should exist; the dockercfg secret for the project's default service 
account. 

Tony, two things that may be your issue:

1) You're using a route for your registry (docker-lab.example.net 
). The dockercfg secret will likely only have 
an entry for the ip address of the registry and not the route. (Maciej, maybe 
you know of a way to get the secrets to include an entry for the host of the 
route). Otherwise, you're better off specifying the service ip when invoking 
new-app.

You can check what hosts are included in the dockercfg secret by doing 'oc 
describe secret/default-dockercfg-' where  is whatever suffix is used 
in your project.

2) The image ref that you're using in your new-app invocation doesn't include a 
namespace. All images on the OpenShift registry will have a namespace and name 
like:
 [registry-host]:[port]/projectname/testwebapp:latest. Make sure you have the 
full spec for the image (from 'oc get is').

> On Aug 10, 2016, at 5:44 AM, Maciej Szulik  wrote:
> 
> You need to follow the docs here: 
> https://docs.openshift.org/latest/dev_guide/managing_images.html#private-registries
>  
> 
> to setup the secret in the same project your ImageStream is created and then 
> re-import the image. 
> During import proper secrets will be picked automatically based on the urls 
> of the registry and your image metadata
> should be downloaded to the server. This will handle the import part, now for 
> actually using an image from private
> registry you need to follow this: 
> https://docs.openshift.org/latest/dev_guide/managing_images.html#allowing-pods-to-reference-images-from-other-secured-registries
>  
> 
> 
> Hope that helps,
> Maciej
> 
> On Tue, Aug 9, 2016 at 4:00 PM, Tony Saxon  > wrote:
> I'm not sure what I'm missing here. I have a private docker registry that is 
> set up securely and uses authentication. I followed the docs at 
> https://docs.openshift.org/latest/dev_guide/managing_images.html#using-image-pull-secrets
>  
> 
>  to create the secret with the username and password to authenticate with the 
> docker registry. I verified that I can manually login to the docker registry 
> from the master and the nodes. However, when I go to deploy a new app based 
> on an image from the docker registry it seem to be failing to authenticate. 
> The command that I'm running to create the new app:
> 
> oc new-app docker-lab.example.net:5000/testwebapp:latest 
> 
> 
> It creates the imagestream and attempts to deploy the pod. I get the 
> following in the logs on the pod:
> 
> # oc logs testwebapp-1-us1wu
> Error from server: container "testwebapp" in pod "testwebapp-1-us1wu" is 
> waiting to start: image can't be pulled
> 
> The logs on the docker registry show:
> 
> time="2016-08-09T13:54:45Z" level=warning msg="error authorizing context: 
> basic authentication challenge for realm \"Registry Realm\": invalid 
> authorization credential" go.version=go1.6.3 
> http.request.host="docker-lab.example.net:5000 
> " http.request.id 
> =f5aeb8b9-ce4e-41b7-86a8-76e8c520bd22 
> http.request.method=GET http.request.remoteaddr="192.168.122.158:54436 
> " http.request.uri="/v2/" 
> http.request.useragent="docker/1.10.3 go/go1.4.2 
> git-commit/9419b24-unsupported kernel/3.10.0-327.22.2.el7.x86_64 os/linux 
> arch/amd64" instance.id 
> =f0d70491-6e34-44eb-a51c-3b13eae8daa6 version=v2.5.0
> 192.168.122.158 - - [09/Aug/2016:13:54:45 +] "GET /v2/ HTTP/1.1" 401 87 
> "" "docker/1.10.3 go/go1.4.2 git-commit/9419b24-unsupported 
> kernel/3.10.0-327.22.2.el7.x86_64 os/linux arch/amd64"
> time="2016-08-09T13:54:45Z" level=error msg="response completed with error" 
> auth.user.name =tsaxon err.code="manifest unknown" 
> err.detail="unknown manifest name=testwebapp 
> revision=sha256:9799a25cd6fd7f7908bad740fc0c85823e38aa22afb22f687a5b8a3ed2bf9ec3"
>  err.message="manifest unknown" go.version=go1.6.3 
> http.request.host="docker-lab.example.net:5000 
> " http.request.id 
> =130a9014-7c19-48f7-bef3-2b8cfe0470a0 
> http.request.method=GET http.request.remoteaddr="192.168.122.158:54438 
> " 
> http.request.uri="/v2/testwebapp/manifests/sha256:9799a25cd6fd7f7908bad740fc0c85823e38aa22afb22f687a5b8a3ed2bf9ec3"
>

Re: cluster up - reuse registry address

2016-08-08 Thread Cesar Wong 
Hi Lionel,

You can always reuse the same data/config dirs and keep your service ips:

oc cluster up --host-data-dir=blah --host-config-dir=blah --use-existing-config

> On Aug 7, 2016, at 9:17 PM, Lionel Orellana  wrote:
> 
> Thanks Clayton. 
> 
> Would be nice to have a way of setting the address when using cluster up 
> though.
> On Mon, 8 Aug 2016 at 11:03 AM, Clayton Coleman  > wrote:
> When you create the registry you can specify the service IP that is assigned 
> (as long as another service hasn't claimed it).
> 
> $ oadm registry -o yaml > registry.yaml
> $ vi registry.yaml
> # Set the registry service `spec.clusterIP` field to a valid service IP 
> (must be within the service CIDR, typically 172.30.0.0/16 
> )
> $ oc create -f registry.yaml
> 
> 
> On Sun, Aug 7, 2016 at 8:55 PM, Lionel Orellana  > wrote:
> Hi
> 
> I'm facing a similar problem to this: 
> https://github.com/openshift/origin/issues/7879 
> 
> 
> Basically I need to configure the  NO_PROXY variable of the Docker deamon to 
> include the registry address. Problem is with cluster up I can't control the 
> ip address that will be assigned to the registry. Or at least I can't find a 
> way to do it. Is there an option that I'm not seeing?
> 
> Thanks
> 
> Lionel.
> 
> ___
> users mailing list
> users@lists.openshift.redhat.com 
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users 
> 
> 
> 
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users