Re: Enabling TLS on Jenkins deployed on OpenShift

2018-10-24 Thread Gaurav Ojha 
Thank you. That worked. Stuck in a different issue but that is now related to 
access permissions on the server.

Regards
Gaurav

Get Outlook for iOS<https://aka.ms/o0ukef>


From: Ben Parees 
Sent: Tuesday, October 23, 2018 17:53
To: Gaurav Ojha
Cc: users
Subject: Re: Enabling TLS on Jenkins deployed on OpenShift



On Tue, Oct 23, 2018 at 5:24 PM, Gaurav Ojha 
mailto:gauravo...@gmail.com>> wrote:
Hi,

So I deployed Jenkins on OpenShift via the catalog, and installed the Email 
plugin to send out emails via my smtp server. I have all the details correct, 
but it seems my server expects only SMTPS. I found this link here, which 
mentions the exact error I am seeing

https://stackoverflow.com/questions/20188456/how-to-change-the-security-type-from-ssl-to-tls-in-jenkins

So it seems that if I can enable TLS, I can solve this problem. But I can’t 
think of a suitable way to enable this setting (apart from probably mounting 
the exact Jenkins config in /etc/default/jenkins). Also, I am unable to modify 
the file with the terminal disallowing access.

Has anyone enabled TLS in past who could give me pointers to look at? Or if it 
would be better to just use a docker image instead of the catalog for this 
purpose.


Based on my reading of that link, you need to set 
"-Dmail.smtp.starttls.enable=true" as an arg to jenkins.  Assuming that's true, 
you can do that by setting/adding an env var on your jenkins deploymentconfig:

"JENKINS_JAVA_OVERRIDES=-Dmail.smtp.starttls.enable=true"



Regards


___
users mailing list
users@lists.openshift.redhat.com<mailto:users@lists.openshift.redhat.com>
http://lists.openshift.redhat.com/openshiftmm/listinfo/users




--
Ben Parees | OpenShift

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Enabling TLS on Jenkins deployed on OpenShift

2018-10-23 Thread Gaurav Ojha 
Hi,

So I deployed Jenkins on OpenShift via the catalog, and installed the Email 
plugin to send out emails via my smtp server. I have all the details correct, 
but it seems my server expects only SMTPS. I found this link here, which 
mentions the exact error I am seeing

https://stackoverflow.com/questions/20188456/how-to-change-the-security-type-from-ssl-to-tls-in-jenkins
 

 

So it seems that if I can enable TLS, I can solve this problem. But I can’t 
think of a suitable way to enable this setting (apart from probably mounting 
the exact Jenkins config in /etc/default/jenkins). Also, I am unable to modify 
the file with the terminal disallowing access.

Has anyone enabled TLS in past who could give me pointers to look at? Or if it 
would be better to just use a docker image instead of the catalog for this 
purpose.

Regards

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: OKD 3.10 keeps switching between the certificates

2018-10-01 Thread Gaurav Ojha 
Hi,

Sorry about the delayed update. I just reverted to a clean snapshot of my VMs 
and ran a fresh cluster deployment, and the issue isn’t present anymore. Seems 
it was related to a failure I had faced quite early on in the deployment phase.

Regards


> On Oct 1, 2018, at 17:51, Daniel Comnea  wrote:
> 
> I suggest you open a github issue too.
> 
> On Mon, Oct 1, 2018 at 10:05 AM Gaurav Ojha  <mailto:gauravo...@gmail.com>> wrote:
> Basically facing two different issues.
> 
> OpenShift Origin 3.10 keeps switching between the custom named certificate 
> deployed and the internal certificate being used. The web console randomly 
> reports Server Connection Interrupted, and then switches to the internal 
> certificate, but a fresh loading of the page serves the custom certificate.
> Even though the publicMasterURL is configured, the browser still redirects to 
> the masterURL
> oc v3.10.0+0c4577e-1
> kubernetes v1.10.0+b81c8f8
> features: Basic-Auth GSSAPI Kerberos SPNEGO
> 
> Server https://lb.okd.cloud.rnoc.gatech.edu:8443 
> <https://lb.okd.cloud.rnoc.gatech.edu:8443/>
> openshift v3.10.0+fd501dd-48
> kubernetes v1.10.0+b81c8f8
> Steps To Reproduce
> 
> Configure a publicMasterURL and a masterURL. In my case they are 
> publicMasterURL=okd-cluster.cloud.mydomain.com 
> <http://okd-cluster.cloud.mydomain.com/> and masterURL=lb.cloud.mydomain.com 
> <http://lb.cloud.mydomain.com/>. Note that here lb refers to the load 
> balancer of my multi-master cluster.
> Deploy the certificates generated when installing through ansible. This works 
> fine, I can see in my master-config.yml the correct values. The value for 
> publicMasterURL points to okd-cluster.cloud.mydomain.com:8443 
> <http://okd-cluster.cloud.mydomain.com:8443/> and masterURL to 
> lb.cloud.mydomain.com:8443 <http://lb.cloud.mydomain.com:8443/>. In the 
> servingInfo, the correct certificates are pointed to. The generated 
> certificate has a common name of lb.cloud.mydomain.com 
> <http://lb.cloud.mydomain.com/> and an alternative name of 
> okd-cluster.cloud.mydomain.com <http://okd-cluster.cloud.mydomain.com/>.
> Access the web console. The certificate served is valid.
> Here, okd-cluster.cloud.mydomain.com <http://okd-cluster.cloud.mydomain.com/> 
> is a CNAME to lb.cloud.mydomain.com <http://lb.cloud.mydomain.com/>
> Current Result
> 
> Even though I enter okd-cluster.cloud.mydomain.com:8443 
> <http://okd-cluster.cloud.mydomain.com:8443/>, the browser redirects to 
> lb.cloud.mydomain.com:8443 <http://lb.cloud.mydomain.com:8443/>. I have 
> checked and nowhere does the publicMasterURL points to lb.cloud.mydomain.com 
> <http://lb.cloud.mydomain.com/>
> When logged in, the console randomly throws an error saying Server Connection 
> Interrupted, and at times, refreshes and now reverts to the internal 
> certificate and serves it. This goes away if I close the browser and reload 
> the page. The correct certificate is again served, but again randomly reverts 
> to the internal certificate.
> My expectation is that once deployed, accessing 
> okd-cluster.cloud.mydomain.com <http://okd-cluster.cloud.mydomain.com/> 
> should always use that address, and the certificate should be served 
> correctly always.
> 
> Is it because comman name is same as the masterURL and the alternative name 
> holds the same value as the publicMasterURL ? I am not sure if this is the 
> case, but it would be great to get some retrospective on this problem I am 
> seeing.
> 
> Regards
> Gaurav
> ___
> users mailing list
> users@lists.openshift.redhat.com <mailto:users@lists.openshift.redhat.com>
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users 
> <http://lists.openshift.redhat.com/openshiftmm/listinfo/users>

___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Where to mount the NFS volume

2018-10-01 Thread Gaurav Ojha 
Hi,

Just a quick question. I have a multi-master cluster, with 2 masters, 2
compute nodes and 2 infrastructure nodes, and I want to use NFS for
persistence. But I cant seem to understand a basic question like where do I
mount the volume? Do I mount it inside each compute node, or the master or
the infra node?

My guess is that it cannot be the master node, and should be in both of the
compute nodes?

Regards
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

OKD 3.10 keeps switching between the certificates

2018-10-01 Thread Gaurav Ojha 
Basically facing two different issues.

   1. OpenShift Origin 3.10 keeps switching between the custom named
   certificate deployed and the internal certificate being used. The web
   console randomly reports Server Connection Interrupted, and then switches
   to the internal certificate, but a fresh loading of the page serves the
   custom certificate.
   2. Even though the publicMasterURL is configured, the browser still
   redirects to the masterURL

oc v3.10.0+0c4577e-1
kubernetes v1.10.0+b81c8f8
features: Basic-Auth GSSAPI Kerberos SPNEGO

Server https://lb.okd.cloud.rnoc.gatech.edu:8443
openshift v3.10.0+fd501dd-48
kubernetes v1.10.0+b81c8f8

Steps To Reproduce

   1. Configure a publicMasterURL and a masterURL. In my case they are
   publicMasterURL=okd-cluster.cloud.mydomain.com and masterURL=
   lb.cloud.mydomain.com. Note that here lb refers to the load balancer of
   my multi-master cluster.
   2. Deploy the certificates generated when installing through ansible.
   This works fine, I can see in my master-config.yml the correct values. The
   value for publicMasterURL points to okd-cluster.cloud.mydomain.com:8443
   and masterURL to lb.cloud.mydomain.com:8443. In the servingInfo, the
   correct certificates are pointed to. The generated certificate has a common
   name of lb.cloud.mydomain.com and an alternative name of
   okd-cluster.cloud.mydomain.com.
   3. Access the web console. The certificate served is valid.

Here, okd-cluster.cloud.mydomain.com is a CNAME to lb.cloud.mydomain.com
Current Result

   1. Even though I enter okd-cluster.cloud.mydomain.com:8443, the browser
   redirects to lb.cloud.mydomain.com:8443. I have checked and nowhere does
   the publicMasterURL points to lb.cloud.mydomain.com
   2. When logged in, the console randomly throws an error saying Server
   Connection Interrupted, and at times, refreshes and now reverts to the
   internal certificate and serves it. This goes away if I close the browser
   and reload the page. The correct certificate is again served, but again
   randomly reverts to the internal certificate.

My expectation is that once deployed, accessing
okd-cluster.cloud.mydomain.com should always use that address, and the
certificate should be served correctly always.

Is it because comman name is same as the masterURL and the alternative name
holds the same value as the publicMasterURL ? I am not sure if this is the
case, but it would be great to get some retrospective on this problem I am
seeing.


Regards

Gaurav
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Help on an error being seen in a cluster

2018-09-29 Thread Gaurav Ojha 
Hi,

I just deployed an OpenShift v3.10 HA cluster. And on each of the nodes, I
see the following error being reported.

Sep 29 19:28:42 master1 origin-node: E0929 19:28:42.143035   23090
summary.go:102] Failed to get system container stats for
"/system.slice/origin-node.service": failed to get cgroup stats for
"/system.slice/origin-node.service": failed to get container info for
"/system.slice/origin-node.service": unknown container
"/system.slice/origin-node.service"

I cannot find any information why I can be seeing this. Can I get some help
on finding why this is happening? This is on a RHEL 7.5 with Docker 1.13.1.

Thanks,
Gaurav
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

New SSL certs not being reflected on secure routes

2018-08-24 Thread Gaurav Ojha 
Hi,

I am facing a problem, which I am unable to understand how to solve. I am
using Openshift Origin 3.7, and have three routes corresponding to 3
deployments as follows (dummy data)


1) App 1 ---> www.domain.edu/
2) App 2 ---> www.domain.edu/path1
3) App 3 ---> www.domain.edu/path2

Since all the domain was the same, while configuring the secure route, I
provided the same Certificate and private key on all these routes, and it
worked great, until recently, when the certificate is due for renewal. I
generated a new certificate, deleted the old routes and created new,
identical routes, with the new certificate details.

But when I access the routes on my browser, still the older certificate is
displayed. Am I skipping some step, which needs to be done. When adding the
certificate, I only uploaded the certificate and key on the create route
window and nowhere else. Do I have to redeploy the entire service etc.

Help on this would be greatly appreciated.

THanks
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Reverse Proxy using Nginx

2018-03-20 Thread Gaurav Ojha 
Oh yes, it is solved. Should have mentioned that previously. Sorry about
that.

Regards
Gaurav

On Tue, Mar 20, 2018, 4:05 PM Joel Pearson <japear...@agiledigital.com.au>
wrote:

> So your problem is solved then?
> On Wed, 21 Mar 2018 at 4:47 am, Gaurav Ojha <gauravo...@gmail.com> wrote:
>
>> Hi,
>>
>> Thanks for the reply. I have router, but have a bunch of APIs behind
>> gunicorn which I wanted to route through nginx.
>>
>> I deployed a nginx image and am using it.
>>
>> On Tue, Mar 20, 2018, 9:43 AM Joel Pearson <japear...@agiledigital.com.au>
>> wrote:
>>
>>> What do you want Nginx for? OpenShift has a component called the Router
>>> which routes traffic. It is based on Haproxy. You could run an nginx
>>> container that the router will send traffic to, but if you’re just trying
>>> to expose other apps. Then just use the built in Router.
>>>
>>> Unless you’re talking about the kubernetes reference nginx ingress
>>> controller?
>>> On Sat, 17 Mar 2018 at 5:05 am, Gaurav Ojha <gauravo...@gmail.com>
>>> wrote:
>>>
>>>> Hello,
>>>>
>>>> I have a single host OpenShift cluster. Is it possible to install Nginx
>>>> (run it as a docker image) and route traffic using Nginx?
>>>>
>>>> If so, can someone point out the configurations for NO_PROXY and
>>>> HTTP_PROXY in this case?
>>>>
>>>> I dont want any OpenShift instance IP managed by OpenShift. What I am
>>>> confused about is this part of the document
>>>>
>>>> HTTP_PROXY=http://:@:/
>>>> HTTPS_PROXY=https://:@:/
>>>> NO_PROXY=master.hostname.example.com,10.1.0.0/16,172.30.0.0/16
>>>>
>>>>
>>>> It mentions that NO_PROXY has the hostname of the master included in
>>>> NO_PROXY. But since my cluster only has 1 host, so all my routes are
>>>> managed through that hostname. In this case, do I just assign some random
>>>> routes, and route through Nginx?
>>>>
>>>> Regards
>>>>
>>>> ___
>>>> users mailing list
>>>> users@lists.openshift.redhat.com
>>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>>>>
>>>
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Reverse Proxy using Nginx

2018-03-20 Thread Gaurav Ojha 
Hi,

Thanks for the reply. I have router, but have a bunch of APIs behind
gunicorn which I wanted to route through nginx.

I deployed a nginx image and am using it.

On Tue, Mar 20, 2018, 9:43 AM Joel Pearson <japear...@agiledigital.com.au>
wrote:

> What do you want Nginx for? OpenShift has a component called the Router
> which routes traffic. It is based on Haproxy. You could run an nginx
> container that the router will send traffic to, but if you’re just trying
> to expose other apps. Then just use the built in Router.
>
> Unless you’re talking about the kubernetes reference nginx ingress
> controller?
> On Sat, 17 Mar 2018 at 5:05 am, Gaurav Ojha <gauravo...@gmail.com> wrote:
>
>> Hello,
>>
>> I have a single host OpenShift cluster. Is it possible to install Nginx
>> (run it as a docker image) and route traffic using Nginx?
>>
>> If so, can someone point out the configurations for NO_PROXY and
>> HTTP_PROXY in this case?
>>
>> I dont want any OpenShift instance IP managed by OpenShift. What I am
>> confused about is this part of the document
>>
>> HTTP_PROXY=http://:@:/
>> HTTPS_PROXY=https://:@:/
>> NO_PROXY=master.hostname.example.com,10.1.0.0/16,172.30.0.0/16
>>
>>
>> It mentions that NO_PROXY has the hostname of the master included in
>> NO_PROXY. But since my cluster only has 1 host, so all my routes are
>> managed through that hostname. In this case, do I just assign some random
>> routes, and route through Nginx?
>>
>> Regards
>>
>> ___
>> users mailing list
>> users@lists.openshift.redhat.com
>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>>
>
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Reverse Proxy using Nginx

2018-03-16 Thread Gaurav Ojha 
Hello,

I have a single host OpenShift cluster. Is it possible to install Nginx
(run it as a docker image) and route traffic using Nginx?

If so, can someone point out the configurations for NO_PROXY and HTTP_PROXY
in this case?

I dont want any OpenShift instance IP managed by OpenShift. What I am
confused about is this part of the document

HTTP_PROXY=http://:@:/
HTTPS_PROXY=https://:@:/
NO_PROXY=master.hostname.example.com,10.1.0.0/16,172.30.0.0/16


It mentions that NO_PROXY has the hostname of the master included in
NO_PROXY. But since my cluster only has 1 host, so all my routes are
managed through that hostname. In this case, do I just assign some random
routes, and route through Nginx?

Regards
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Help regarding mounting hostPath volumes

2018-03-06 Thread Gaurav Ojha 
Hi,

I would like some help from you guys if possible.

I am trying to mount a directory on my host machine to my OpenShift
instance.

As per the kubernetes document here
 , it
mentions that changing the pod spec by simply adding the hostPath volume
should work, however, when I do that,  OpenShift throws an error whereby it
says that I am not permitted to modify other than a few handful.

Is there any way to get this permission? I already have added set the
allowHostDirVolumePlugin to true and my containers run as root.

Any guidance on this would be appreciated.

Regards
Gaurav
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Mounting Volumes inside OpenShift

2018-03-04 Thread Gaurav Ojha 
Hi,

I am in need of some help.

I had a couple of applications deployed using Docker on a single server.
Recently I migrated everything to a OpenShift cluster, but currently on a
minimal All-in-One cluster.

I have a few folders which I want to mount inside the OpenShift Application.

A quick comparison would be evident from (this is what I have in my
docker-compose.yml)

volumes:
 - /data/docker/nfs-share/php:/usr/share/php

So, previously on my docker machine, I had a nfs-share/php folder at
/data/docker which I mounted inside the docker container.

How do I do the same in case of OpenShift? Is there no way to simply mount
the volume inside OpenShift, or is it a requirement to have a NFS setup and
then mount the volume through PVC?

Regards
Gaurav
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: TSB fails to start

2018-02-28 Thread Gaurav Ojha 
Hi,

I had a similar issue when setting up OpenShift through the playbooks. What
solved it for me was realizing that I had not defined my node with region
infra which is required for the router and registry to run (link here
),
and also that I hadnt configured the Template Service Broker properly (here
).
I did these two, and it all started to work.

I am not sure if this is something which you also might have overlooked, so
you could confirm if that is the case.

Regards
Gaurav

On Wed, Feb 28, 2018 at 1:50 PM, Nobuhiro Sue  wrote:

> Tim,
>
> It seems to be DNS issue. I guess your environment is on OpenStack, so
> please check resolver (lookup / reverse lookup).
> You can see how DNS works on OpenShift 3.6 or above:
> https://blog.openshift.com/dns-changes-red-hat-openshift-
> container-platform-3-6/
>
> 2018-03-01 0:06 GMT+09:00 Tim Dudgeon :
>
>> Hi
>>
>> I'm having problems getting an Origin cluster running, using the ansible
>> playbooks.
>> It fails at this point:
>>
>> TASK [template_service_broker : Verify that TSB is running]
>> 
>> **
>> FAILED - RETRYING: Verify that TSB is running (120 retries left).
>> FAILED - RETRYING: Verify that TSB is running (119 retries left).
>> 
>> FAILED - RETRYING: Verify that TSB is running (1 retries left).
>> fatal: [master-01.novalocal]: FAILED! => {"attempts": 120, "changed":
>> false, "cmd": ["curl", "-k", "https://apiserver.openshift-t
>> emplate-service-broker.svc/healthz"], "delta": "0:00:01.529402", "end":
>> "2018-02-28 14:49:30.190842", "msg": "non-zero return code", "rc": 7,
>> "start": "2018-02-28 14:49:28.661440", "stderr": "  % Total% Received %
>> Xferd Average Speed   TimeTime Time Current\n
>> Dload  Upload   Total SpentLeft  Speed\n\r  0 00 00
>> 0 0  0 --:--:-- --:--:-- --:--:-- 0\r  0 00 0 0
>> 0  0  0 --:--:--  0:00:01 --:--:-- 0curl: (7) Failed connect to
>> apiserver.openshift-template-service-broker.svc:443; No route to host",
>> "stderr_lines": ["  % Total% Received % Xferd  Average Speed   Time
>> Time Time  Current", " Dload
>> Upload   Total   Spent Left  Speed", "", "  0 00 00
>> 0  0  0 --:--:-- --:--:-- --:--:-- 0", "  0 00 0
>> 0 0  0  0 --:--:--  0:00:01 --:--:-- 0curl: (7) Failed connect
>> to apiserver.openshift-template-service-broker.svc:443; No route to
>> host"], "stdout": "", "stdout_lines": []}
>>
>> All I can find in the logs on the master that seems relevant is:
>>
>> Feb 28 14:43:25 master-01.novalocal origin-master-controllers[9396]:
>> E0228 14:43:25.3943269396 daemoncontroller.go:255]
>> openshift-template-service-broker/apiserver failed with : error storing
>> status for daemon set {TypeMeta:v1.TypeMeta{Kind:"",
>> APIVersion:""}, ObjectMeta:v1.ObjectMeta{Name:"apiserver",
>> GenerateName:"", Namespace:"openshift-template-service-broker",
>> SelfLink:"/apis/extensions/v1beta1/namespaces/openshift-temp
>> late-service-broker/daemonsets/apiserver", 
>> UID:"baa14f98-1c95-11e8-8a02-fa163e3f98d8",
>> ResourceVersion:"2972", Generation:1, 
>> CreationTimestamp:v1.Time{Time:time.Time{sec:63655425804,
>> nsec:0, loc:(*time.Location)(0x111a3dc0)}},
>> DeletionTimestamp:(*v1.Time)(nil), DeletionGracePeriodSeconds:(*int64)(nil),
>> Labels:map[string]string{"apiserver":"true"},
>> Annotations:map[string]string{"kubectl.kubernetes.io/last-ap
>> plied-configuration":"{\"apiVersion\":\"extensions/v1beta1\"
>> ,\"kind\":\"DaemonSet\",\"metadata\":{\"annotations\":{},\"
>> labels\":{\"apiserver\":\"true\"},\"name\":\"apiserver\",\"
>> namespace\":\"openshift-template-service-broker\"},\"spec\":
>> {\"template\":{\"metadata\":{\"labels\":{\"apiserver\":\"
>> true\"},\"name\":\"apiserver\"},\"spec\":{\"containers\":[{\
>> "command\":[\"/usr/bin/openshift\",\"start\",\"
>> template-service-broker\",\"--secure-port=8443\",\"--audit-
>> log-path=-\",\"--tls-cert-file=/var/serving-cert/tls.
>> crt\",\"--tls-private-key-file=/var/serving-cert/tls.key\",\
>> "--loglevel=0\",\"--config=/var/apiserver-config/apiserver
>> -config.yaml\"],\"image\":\"docker.io/openshift/origin:latest\
>> ",\"imagePullPolicy\":\"
>> IfNotPresent\",\"name\":\"c\",\"ports\":[{\"containerPort\":
>> 8443}],\"readinessProbe\":{\"httpGet\":{\"path\":\"/healthz\
>> ",\"port\":8443,\"scheme\":\"HTTPS\"}},\"volumeMounts\":[{\"
>> mountPath\":\"/var/serving-cert\",\"name\":\"serving-cert\"}
>> ,{\"mountPath\":\"/var/apiserver-config\",\"name\":\"apiserv
>>

Re: Absence of master-config.yaml

2018-02-08 Thread Gaurav Ojha 
Never mind. Got it running.

Thank you once again

On Thu, Feb 8, 2018 at 4:35 PM, Gaurav Ojha <gauravo...@gmail.com> wrote:

> Sure thank you very much. This helped me solve a lot of my headaches.
>
> Just one last thing, I used *openshift start* with write-config and now
> the config file is created inside openshift.local.config/master and I have
> made a few changes to it. So if my understanding is correct, whenever I
> start openshift now, will it automatically pick the config up, or should i
> be using --master-config and --node-config falgs each time as Luke
> mentioned above?
>
> Thank you guys once again. This has been great for me.
>
> On Thu, Feb 8, 2018 at 4:24 PM, Graham Dumpleton <gdump...@redhat.com>
> wrote:
>
>>
>>
>> On 9 Feb 2018, at 1:50 am, Cesar Wong <cew...@redhat.com> wrote:
>>
>> If using cluster up, you will find the config by default both inside the
>> container and on the file system of the host at
>> /var/lib/origin/openshift.local.config/master
>>
>>
>> Just be aware that if using Docker for Mac or Docker for Windows, the
>> file is on the file system of the VM host that Docker is run in, not the
>> Mac/Windows file system.
>>
>> If you need to make a change to the master-config.yaml, start the
>> cluster, bring it back down (with `oc cluster down`), make the change, and
>> start the next time with the `--use-existing-config` flag so your changes
>> get picked up and don't get overwritten.
>>
>> On Thu, Feb 8, 2018 at 9:36 AM, Luke Meyer <lme...@redhat.com> wrote:
>>
>>>
>>>
>>> On Thu, Feb 8, 2018 at 2:43 AM, Gaurav Ojha <gauravo...@gmail.com>
>>> wrote:
>>>
>>>> Thank you for your reply. Just a couple more questions:
>>>>
>>>>
>>>>1. Is there any way to create this file when I launch by openshift
>>>>start?
>>>>
>>>>
>>> openshift start --write-config= ...
>>> (see --help and also note --master-config and --node-config flags)
>>>
>>>
>>>>1. Pardon me, but when you say "it should be inside the container",
>>>>you mean the host on which I am running openshift on, or the openshift
>>>>container which starts as a result of this?
>>>>
>>>>
>>> Inside the container named "origin" that "oc cluster up" runs on docker.
>>>
>>>
>>> ___
>>> users mailing list
>>> users@lists.openshift.redhat.com
>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>>>
>>>
>> ___
>> users mailing list
>> users@lists.openshift.redhat.com
>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>>
>>
>>
>> ___
>> users mailing list
>> users@lists.openshift.redhat.com
>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>>
>>
>
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Absence of master-config.yaml

2018-02-08 Thread Gaurav Ojha 
Sure thank you very much. This helped me solve a lot of my headaches.

Just one last thing, I used *openshift start* with write-config and now the
config file is created inside openshift.local.config/master and I have made
a few changes to it. So if my understanding is correct, whenever I start
openshift now, will it automatically pick the config up, or should i be
using --master-config and --node-config falgs each time as Luke mentioned
above?

Thank you guys once again. This has been great for me.

On Thu, Feb 8, 2018 at 4:24 PM, Graham Dumpleton <gdump...@redhat.com>
wrote:

>
>
> On 9 Feb 2018, at 1:50 am, Cesar Wong <cew...@redhat.com> wrote:
>
> If using cluster up, you will find the config by default both inside the
> container and on the file system of the host at /var/lib/origin/openshift.
> local.config/master
>
>
> Just be aware that if using Docker for Mac or Docker for Windows, the file
> is on the file system of the VM host that Docker is run in, not the
> Mac/Windows file system.
>
> If you need to make a change to the master-config.yaml, start the cluster,
> bring it back down (with `oc cluster down`), make the change, and start the
> next time with the `--use-existing-config` flag so your changes get picked
> up and don't get overwritten.
>
> On Thu, Feb 8, 2018 at 9:36 AM, Luke Meyer <lme...@redhat.com> wrote:
>
>>
>>
>> On Thu, Feb 8, 2018 at 2:43 AM, Gaurav Ojha <gauravo...@gmail.com> wrote:
>>
>>> Thank you for your reply. Just a couple more questions:
>>>
>>>
>>>1. Is there any way to create this file when I launch by openshift
>>>start?
>>>
>>>
>> openshift start --write-config= ...
>> (see --help and also note --master-config and --node-config flags)
>>
>>
>>>1. Pardon me, but when you say "it should be inside the container",
>>>you mean the host on which I am running openshift on, or the openshift
>>>container which starts as a result of this?
>>>
>>>
>> Inside the container named "origin" that "oc cluster up" runs on docker.
>>
>>
>> ___
>> users mailing list
>> users@lists.openshift.redhat.com
>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>>
>>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Absence of master-config.yaml

2018-02-07 Thread Gaurav Ojha 
Thank you for your reply. Just a couple more questions:


   1. Is there any way to create this file when I launch by openshift start?
   2. Pardon me, but when you say "it should be inside the container", you
   mean the host on which I am running openshift on, or the openshift
   container which starts as a result of this?


Regards
Gaurav

On Thu, Feb 8, 2018 at 1:19 AM, Clayton Coleman <ccole...@redhat.com> wrote:

> When you run “openshift start” by itself that file won’t be created (we
> create one in memory).  If you launch with oc cluster up, it should be
> inside the container at
>
>  /var/lib/origin/openshift.local.config/master/master-config.yaml
>
>
>
>
> On Feb 7, 2018, at 8:54 PM, Gaurav Ojha <gauravo...@gmail.com> wrote:
>
> Hi,
>
> I have been following the OpenShift Origin documentation, and I have tried
> to run OpenShift through the following methods:
>
> 1) downloading the binary (unpacked it in /opt/) and started from there
> 2) ran as a container
> 3) ran a all-in-one cluster as mentioned on this link https://github.com/
> openshift/origin/blob/master/docs/cluster_up_down.md#macos-
> with-docker-for-mac
>
> It all runs well, and I can create sample projects and everything, but the
> entire documentation mentions to modify *master-config.yaml* for a number
> of things. And I cant find it anywhere.
>
> I tried to locate the file, looked inside 
> /opt/origin/openshift.local.config/master
> and inside /var/lib/openshift as well, but its just not there on my system.
>
> Is there a step I need to do to get this file? Because if I understand
> this correctly, in order to expose any service to the outside world, I need
> to modify the external CIDR in this file.
>
> Kindly help me in this regard.
>
> Regards
> Gaurav
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Absence of master-config.yaml

2018-02-07 Thread Gaurav Ojha 
Hi,

I have been following the OpenShift Origin documentation, and I have tried
to run OpenShift through the following methods:

1) downloading the binary (unpacked it in /opt/) and started from there
2) ran as a container
3) ran a all-in-one cluster as mentioned on this link
https://github.com/openshift/origin/blob/master/docs/cluster_up_down.md#macos-with-docker-for-mac

It all runs well, and I can create sample projects and everything, but the
entire documentation mentions to modify *master-config.yaml* for a number
of things. And I cant find it anywhere.

I tried to locate the file, looked inside
/opt/origin/openshift.local.config/master and inside /var/lib/openshift as
well, but its just not there on my system.

Is there a step I need to do to get this file? Because if I understand this
correctly, in order to expose any service to the outside world, I need to
modify the external CIDR in this file.

Kindly help me in this regard.

Regards
Gaurav
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users