Re: Installing packages on OKD 4 nodes

arding NTP/PTP I'm afraid I didn't > find any. > > Best, > -- > Benjamin > ------ > *De: *"Joel Pearson" > *À: *"Benjamin Guillon" > *Cc: *"users" > *Envoyé: *Mercredi 28 Octobre 2020 13:56:05 > *Objet: *Re:

Re: Installing packages on OKD 4 nodes

I found this Fedora documentation earlier about PTP > https://docs.fedoraproject.org/en-US/fedora/rawhide/system-administrators-guide/servers/Configuring_PTP_Using_ptp4l/ > Where they mention this linuxptp package, hence my questions. > > If I can't manage this, I'll resort to using standard NTP instead of

Re: Installing packages on OKD 4 nodes

they mention is: $ cat << EOF | base64 -w0 refclock PHC /dev/ptp0 poll 3 dpoll -2 offset 0 driftfile /var/lib/chrony/drift makestep 1.0 3 rtcsync logdir /var/log/chrony EOF On Wed, 28 Oct 2020 at 22:32, Joel Pearson wrote: > Hi Benjamin, > > Have you checked if you actually need it? At l

Re: Installing packages on OKD 4 nodes

Hi Benjamin, Have you checked if you actually need it? At least enterprise openshift 4.x already had ptp support in the kernel (without a module), as I bumped into it earlier in the year for PTP Azure syncing, I opened a support ticket and it turned out I just needed this in chrony.conf refclock

Re: scaleTargetRef for autoscaling

Hi Marvin, I presume you are using a deployment config? If so, doesn't a deployment config create a new replication controller every time you do a deploy? Which means you'd lose your scaling every deploy, so I think if you are using deployment configs, then you'd want to reference those, rather

Re: okd web console custom SSL certificate

Hi, If you can I'd recommend OpenShift 4.x, however, if you want to stay on 3.11, then I'd recommend an ansible based install. It is much more configurable than oc cluster up. There is an "all-in-one" inventory where it's just a single node.

Re: ocp4 no way to configure ROUTER_USE_PROXY_PROTOCOL

It looks like the proxy protocol is only supported on AWS. Maybe you should create a Bugzilla ticket requesting support for the proxy protocol in a general way? I will most likely need this myself in the future too.

Re: configuring frontend 2 the openshift

Hi Kate, Regarding part of question 2, it looks like you added an extra slash before /console, ie your error message shows "//console". I tried it on my OpenShift 3.x cluster and having a double forward-slash at the front created the same problem. So try removed that extra slash before, so that

Re: How to debug the machine config operator in 4.2.10?

xtra trusted CAs that were configured during installation, so I'm wondering if the content mismatch in the MCO is related to merging the CA certs for images and the certs inside the "user-ca-bundle" configmap in the "openshift-config" namespace Any ideas? On Tue, 18 Feb 2020

How to debug the machine config operator in 4.2.10?

Hi, I've been having trouble to get openshift to reliably accept CA's for custom secure registries: We've been following this guide: https://docs.openshift.com/container-platform/4.2/builds/setting-up-trusted-ca.html And it has worked sometimes and not others. The most frustrating bit is not

Re: Can't use the privileged scc in OpenShift 4.2.16

prise for users in your cluster. > This is not a big deal, on a lab, if you're just testing something on your > own, ... though I would avoid this on real-life clusters, or warn other > admins at least, ideally make sure only your Jira SA may use that SCC. > > > Regards. > > >

Can't use the privileged scc in OpenShift 4.2.16

Hi, I have been trying to use the privileged scc in OpenShift 4.2.16 I follow the normal way adding an scc to a service account. oc create sa jira oc adm policy add-scc-to-user privileged -z jira But it always ends up using the restricted scc. However, anyuid gets applied successfully. I read

Re: OCP 4.2 setup -

On Fri, 10 Jan 2020 at 20:06, sofia qirjazi wrote: > Cool, thanks! > > Before deploying the OCP cluster that uses UPI, It is needed configuration > of DHCP , LB and DNS. > I am interested to know which is : > > a) Which is DNS best practice for offine installation? >For DNS server , it is

Re: OpenShift on Fedora – a Quick Installation

gt; users mailing list > users@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/users > -- Kind Regards, Joel Pearson Agile Digital | Senior Software Consultant Love Your Software™ | ABN 98 106 361 273 p: 1300 858 277 | m: 0405 417 843 <040541784

Fwd: ocp 4.3 nightly install on openstack queens

On Mon, 16 Dec 2019 at 14:41, Dale Bewley wrote: > > > On Sat, Dec 14, 2019 at 3:31 AM Joel Pearson < > japear...@agiledigital.com.au> wrote: > >> I think there is one last thing that is worth trying... >> >> On Sat, 14 Dec 2019 at 18:56, Dale Bewley

Re: ocp 4.3 nightly install on openstack queens

r says: > > DEBUG Still waiting for the cluster to initialize: Some cluster operators > are still updating: authentication, console, image-registry, ingress, > monitoring > > I guess I'll keep watching > https://bugzilla.redhat.com/show_bug.cgi?id=1769879 and > ht

Re: ocp 4.3 nightly install on openstack queens

On Wed, 4 Dec 2019 at 08:02, Dale Bewley wrote: > > On Tue, Nov 26, 2019 at 7:29 PM Joel Pearson < > japear...@agiledigital.com.au> wrote: > > Thanks for taking the time to reply, Joel. > > >> On Sat, 23 Nov 2019 at 13:21, Dale Bewley wrote: >> >&g

Re: where does CRC store its data?

Hi Marvin, Did you ever use minishift? It behaves in the same way, all the data is inside the CRC VM. If you manage to get into the CRC VM, and you get to /mnt/pv-data then you'd see lots of directories pv0001, pv0002 etc. If you create yourself a PVC then it will automatically attach to an

Re: ocp 4.3 nightly install on openstack queens

On Sat, 23 Nov 2019 at 13:21, Dale Bewley wrote: > Hello, > I'm testing OCP 4.3 2019-11-19 nightly on OSP 13. > > I added my CA cert [1] to install-config.yaml [3] and the installer now > progresses. I can even `oc get nodes` and see the masters. [2]. > > I still have the following errors and

Re: How to recover from failed update in OpenShift 4.2.x?

On Thu, 21 Nov 2019 at 10:58, Clayton Coleman wrote: > > > On Nov 17, 2019, at 9:34 PM, Joel Pearson > wrote: > > So, I'm running OpenShift 4.2 on Azure UPI following this blog article: > https://blog.openshift.com/openshift-4-1-upi-environment-deployment-on-

Re: Idle OpenShift 4.2 Image Registry running on Azure listing storage keys about 40 times per minute

API request every 10 minutes when the operator's relist > interval is hit. ~40 per minute suggests that we are reacting to a lot of > events that we probably shouldn't react to. > > On Mon, Nov 25, 2019 at 1:19 AM Joel Pearson < > japear...@agiledigital.com.au> wrote: >

Idle OpenShift 4.2 Image Registry running on Azure listing storage keys about 40 times per minute

Hi, I've noticed a strange thing with the Image Registry running on Azure in OpenShift 4.2.7 (possibly all other versions too). When the registry is idle, I'm seeing about 40 requests per minute for "List Storage Account Keys" per minute in Azure console, under the resource group "Activity log".

Re: Failure to detach Azure Disk in OpenShift 4.2.7 after 15 minutes

to say. If you can > recreate it and run must gather we might be able to find it. > > On Nov 24, 2019, at 10:25 PM, Joel Pearson > wrote: > > Hi, > > I updated some machine config to configure chrony for masters and workers, > and I found that one of my containers got st

Failure to detach Azure Disk in OpenShift 4.2.7 after 15 minutes

Hi, I updated some machine config to configure chrony for masters and workers, and I found that one of my containers got stuck after the masters had restarted. One of the containers still couldn't start for 15 minutes, as the disk was still attached to master-2 whereas the pod had been scheduled

Re: How to use extra trusted CA certs when pulling images for a builder

On Mon, 18 Nov 2019 at 13:05, Clayton Coleman wrote: > Raise a bug to the installler component, yes > Ok thanks, I raised a bug here: https://bugzilla.redhat.com/show_bug.cgi?id=1773419 > On Nov 17, 2019, at 6:03 PM, Joel Pearson > wrote: > > On Mon, 18 Nov 2019 at 12:37,

How to recover from failed update in OpenShift 4.2.x?

So, I'm running OpenShift 4.2 on Azure UPI following this blog article: https://blog.openshift.com/openshift-4-1-upi-environment-deployment-on-microsoft-azure-cloud/ with a few customisations on the terraform side. One of the main differences it seems, is how the router/ingress is handled. Normal

Re: How to use extra trusted CA certs when pulling images for a builder

On Mon, 18 Nov 2019 at 12:37, Ben Parees wrote: > > > On Sun, Nov 17, 2019 at 7:24 PM Joel Pearson < > japear...@agiledigital.com.au> wrote: > >> >> >> On Wed, 13 Nov 2019 at 02:43, Ben Parees wrote: >> >>> >>> >>> On Mo

Re: How to use extra trusted CA certs when pulling images for a builder

On Wed, 13 Nov 2019 at 01:34, Ben Parees wrote: > > > On Tue, Nov 12, 2019 at 3:45 AM Joel Pearson < > japear...@agiledigital.com.au> wrote: > >> >> >> On Tue, 12 Nov 2019 at 15:37, Ben Parees wrote: >> >>> >>>

Re: How to use extra trusted CA certs when pulling images for a builder

On Tue, 12 Nov 2019 at 15:37, Ben Parees wrote: > > > On Mon, Nov 11, 2019 at 11:26 PM Joel Pearson < > japear...@agiledigital.com.au> wrote: > >> I've now discovered that the cluster-samples-operator doesn't seem honour >> the proxy settings, and I see lots of

Re: How to use extra trusted CA certs when pulling images for a builder

etailed message Internal error occurred: Get https://registry.redhat.io/v2/: x509: certificate signed by unknown authority" Is there a way to get that operator to use the same user-ca-bundle? On Tue, 12 Nov 2019 at 14:46, Joel Pearson wrote: > > > On Tue, 12 Nov 201

Re: How to use extra trusted CA certs when pulling images for a builder

On Tue, 12 Nov 2019 at 06:56, Ben Parees wrote: > > >> >> Can I use the “trustedCA” part of the proxy configuration without >> actually specifying an explicit proxy? >> > > you should be able to. Daneyon can you confirm? (if you can't i'd > consider it a bug). > > It does work! Thanks for

Re: How to use extra trusted CA certs when pulling images for a builder

On Tue, 12 Nov 2019 at 12:26 am, Ben Parees wrote: > > > On Mon, Nov 11, 2019 at 1:17 AM Joel Pearson < > japear...@agiledigital.com.au> wrote: > >> Hi, >> >> I’m trying to build an image in Openshift 4.2 where my internet has an >> MITM proxy. >&

How to use extra trusted CA certs when pulling images for a builder

l:7.7" as "registry.redhat.io/ubi7-minimal:7.7": Error initializing source docker://registry.redhat.io/ubi7-minimal:7.7: pinging docker registry returned: Get https://registry.redhat.io/v2/: x509: certificate signed by unknown authority Thanks, Joel -- Kind Regards, Joel Pearson Agile Digit

Re: Failing to bootstrap disconnected 4.2 cluster on metal

> > Almost always means a node is broken / blocked / unable to schedule pods, > which prevents DNS from deploying. That's the weird thing though. DNS is deployed, and all the nodes are happy according to "oc get nodes". It seems that the operator is misreporting the error. In the console

Re: Failing to bootstrap disconnected 4.2 cluster on metal

e, 29 Oct 2019 at 05:24, W. Trevor King wrote: > On Mon, Oct 28, 2019 at 4:05 AM Joel Pearson wrote: > > Maybe must-gather could be included in the release manifest so that it's > available in disconnected environments by default? > > It is: > > $ oc adm release i

Re: Failing to bootstrap disconnected 4.2 cluster on metal

; > > >> On Sun, Oct 27, 2019 at 2:17 AM Joel Pearson wrote: > >> Ooh, does this mean 4.2.2 is out or the release is imminent? Should I > be trying to install 4.2.2 instead of 4.2.0? > > > > 4.2.2 exists and is in candidate-4.2. That means it's currently >

Re: Failing to bootstrap disconnected 4.2 cluster on metal

> > quay.io/openshift-release-dev/ocp-release:4.2.0$ oc adm release info > --pullspecs > quay.io/openshift-release-dev/ocp-release:4.2.2 | grep -A3 Images: Ooh, does this mean 4.2.2 is out or the release is imminent? Should I be trying to install 4.2.2 instead of 4.2.0? ... And it's not in

Failing to bootstrap disconnected 4.2 cluster on metal

Hi, I'm trying to bootstrap a disconnected (air-gapped) 4.2 cluster using the bare metal method . It is technically vmware, but I'm following the bare metal

Re: DNS resolution performance woeful while CRC is running in Windows

. > > > > Beste Grüße / Best regards > > > *Jens-Uwe Walther * > > > > M: +49 (160) 97250976 > > > > *Von:* users-boun...@lists.openshift.redhat.com < > users-boun...@lists.openshift.redhat.com> *Im Auftrag von *Joel Pearson > *Gesendet:* Montag

DNS resolution performance woeful while CRC is running in Windows

Hi, I'm wondering if someone can let me know how the crc.testing domain works in crc for windows? I can't see any entries in c:\windows\system32\drivers\etc\hosts, and my DNS entries appear to be the same, but a dig command doesn't find api.crc.testing, so it's doing something special to get

Re: [OKD/OCP v4]: deployment on a single node using CodeReady Container

re is no more all-in-one containerized support for OpenShift so >> more 'oc cluster up' for OpenShift 4.x. >> >> []s, Fernando Lozano >> >> >> On Wed, Sep 18, 2019 at 9:44 AM Joel Pearson < >> japear...@agiledigital.com.au> wrote: >> >&g

Re: [OKD/OCP v4]: deployment on a single node using CodeReady Container

With CodeReady Container, it's not possible to use it without virtualisation right? Because it needs CoreOS, and can't startup on an existing docker installation like you can with "oc cluster up"? I'm only asking because I almost got OKD 3.11 running on Windows 10 WSL (windows subsystem for

Re: [ssl] oc cluster up

Why not use an ansible installation for a single node instead? Then you can let ansible configure everything properly for you. Sent from my iPhone > On 28 Feb 2019, at 9:02 am, Pavel Maslov wrote: > > With my original question, I meant how can I secure the Web Console (I was > able to

Re: RPMs for 3.11 still missing from the official OpenShift Origin CentOS repo

:13 PM, Joel Pearson < > japear...@agiledigital.com.au> wrote: > > It looks like the RPMs will eventually get the security fix according to > the other reply from Daniel Comnea. But with containers you could have a > fix within a day as opposed to waiting for new tag which still has

Re: RPMs for 3.11 still missing from the official OpenShift Origin CentOS repo

On Mon, 7 Jan 2019 at 8:01 am, mabi wrote: > ‐‐‐ Original Message ‐‐‐ > On Sunday, January 6, 2019 12:28 PM, Joel Pearson < > japear...@agiledigital.com.au> wrote: > > I think it's worth mentioning here that the RPMs at > http://mirror.centos.org/centos/7/paas/x8

Re: RPMs for 3.11 still missing from the official OpenShift Origin CentOS repo

I think it's worth mentioning here that the RPMs at http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin311/ have a critical security vulnerability, I think it's unsafe to use the RPMs if you're planning on having your cluster available on the internet.

Re: How do edit Grafana dashboards in OpenShift 3.11

Oh, it looks like it's read-only in 3.11: https://bugzilla.redhat.com/show_bug.cgi?id=1652536 On Thu, 3 Jan 2019 at 22:49, Joel Pearson wrote: > Hi, > > I found the grafana instance in OpenShift 3.11 in the openshift-monitoring > project. > > I'm wondering how do I mod

How do edit Grafana dashboards in OpenShift 3.11

Hi, I found the grafana instance in OpenShift 3.11 in the openshift-monitoring project. I'm wondering how do I modify the dashboards? It seems to be in read-only mode. I'm a cluster-admin so I thought that it would give me write access. I'm guessing there is another role that gives that

Re: OpenShift Origin on AWS

ent but > was too focused on searching for a CloudFormation template. I'll go back to > the reference architecture which I'm sure will answer at least some of my > questions. > > On Sun, Oct 7, 2018 at 4:24 PM Joel Pearson > wrote: > >> Have you seen the AWS re

Re: OC client slowness Windows

My guess is that you’ve probably got some antivirus software interfering. I’d recommend disabling all antivirus software and seeing if the performance improves. It’s very slow for me at one of my client sites, but I’ve discovered so is Cygwin in general, so I think it’s related to the Symantec

Re: https route stopped working

and why this fix became necessary. > > On 07/10/18 21:14, Joel Pearson wrote: > > Have you tried looking at the generated haproxy file inside the router? It > might give some hints as to what went wrong. I presume you’ve already tried > recreating the route? > On Wed, 3 Oct 2018 a

Re: OpenShift Origin on AWS

Have you seen the AWS reference architecture? https://access.redhat.com/documentation/en-us/reference_architectures/2018/html/deploying_and_managing_openshift_3.9_on_amazon_web_services/index# On Tue, 2 Oct 2018 at 3:11 am, Peter Heitman wrote: > I've created a CloudFormation Stack for simple

Re: https route stopped working

Have you tried looking at the generated haproxy file inside the router? It might give some hints as to what went wrong. I presume you’ve already tried recreating the route? On Wed, 3 Oct 2018 at 2:30 am, Tim Dudgeon wrote: > We've hit a problem with a HTTPS route that used to work fine has now >

Re: Atomic Host support on OpenShift 3.11 and up

Clayton, does this mean that in OpenShift 4.0 you'd be able to take a vanilla kubernetes installation and then install a bunch of OpenShift operators and basically have an OpenShift cluster? Or is that not really the goal of migration to operators? Is it just to make future OpenShift releases

Re: IPv6

It looks like not, I found some references saying that Kubernetes has alpha support in 1.9 and some improvements in 1.10 https://github.com/kubernetes/kubernetes/issues/1443 https://github.com/kubernetes/kubernetes/issues/62822 I did find this article suggesting that you might be able to use

Re: How to make 172.30.0.1 (kubernetes service) health checked?

- if you still see > the master IP in that list after 15s then something else is wrong. > > On Wed, Jun 27, 2018 at 9:33 AM, Joel Pearson < > japear...@agiledigital.com.au> wrote: > >> Hi, >> >> I'm running OpenShift 3.9 on AWS with masters in HA mode usin

What is the most current OpenShift on OpenStack playbooks?

Hi, I just wanted to find out if https://github.com/openshift/openshift-ansible-contrib/tree/master/playbooks/provisioning/openstack is still the most current for deploying OpenShift on OpenStack? I had a read of

Re: scheduler policy to spread pods

Here’s an OpenShift reference for the same thing. https://docs.openshift.com/container-platform/3.6/admin_guide/scheduling/pod_affinity.html On Wed, 4 Jul 2018 at 9:14 pm, Joel Pearson wrote: > You’re probably after pod anti-affinity? > https://kubernetes.io/docs/concepts/configuration/

Re: scheduler policy to spread pods

You’re probably after pod anti-affinity? https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity That lets you tell the scheduler that the pods aren’t allowed to be on the same node for example. On Wed, 4 Jul 2018 at 8:51 pm, Tim Dudgeon wrote: > I've got a

How to make 172.30.0.1 (kubernetes service) health checked?

Hi, I'm running OpenShift 3.9 on AWS with masters in HA mode using Classic ELB's doing TCP load balancing. If I restart masters, from outside the cluster the ELB does the right thing and takes a master out of service. However, if something tries to talk to the kubernetes API inside the cluster,

Re: What is the most reliable deployment method for 3.9 origin

egardless > > > > > On Jun 13, 2018, at 23:26, Joel Pearson > wrote: > > > > Hi, > > > > I’m wondering what the most reliable method for installing Origin on > Centos 7 is? > > > > * RPMs > > * Containerized > > * System containers &

What is the most reliable deployment method for 3.9 origin

Hi, I’m wondering what the most reliable method for installing Origin on Centos 7 is? * RPMs * Containerized * System containers Just recently we discovered that upgrading from 3.6 to 3.7 doesn’t seem to be tested using the containerized method, as the etcd upgrade fails as it tries to find

Re: load balancing for infra node in HA setup

Tim > > [1] https://docs.openshift.org/latest/install_config/install/adv > anced_install.html#multiple-masters > > ___ > users mailing list > users@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/users >

Re: OC debug command does not show command prompt

What operating system is your local machine? Ok windows I’ve noticed the oc binary doesn’t doesn’t do terminal emulation properly. So it looks like it’s hanging but it’s actually working. Try typing “ls” and see if the command has actually worked, but you’re just not setting the command prompt. On

Re: errors accessing egressnetworkpolicies.network.openshift.io when attempting to export project

I guess that means your admin user doesn’t have the cluster-admin role On Sat, 2 Jun 2018 at 4:02 am, Brian Keyes wrote: > I am attempting to follow these instructions > > > https://docs.openshift.com/container-platform/3.7/day_two_guide/project_level_tasks.html > > I want to backup THE sample

Re: RPMs for 3.9 on Centos

_enable_origin_repo=true > openshift_repos_enable_testing=true > > On 21/05/18 11:32, Joel Pearson wrote: > > They’re in the paas repo. You don’t have that repo installed for some > reason. > > Ansible is supposed to lay that down > > http://mirror.centos.org/centos

Re: RPMs for 3.9 on Centos

They’re in the paas repo. You don’t have that repo installed for some reason. Ansible is supposed to lay that down http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin/ Why don’t you use the system container version instead? Or you prefer rpms? On Mon, 21 May 2018 at 8:30 pm, Tim

Re: question about external load balancer

OpenShift already has some support for F5 load balancer’s as a router. So maybe given the choice between F5 or netscalers, then F5’s might make sense. But either will work fine, it’s probably more a question of which device you have more skills in. On Wed, 16 May 2018 at 3:17 am, Yu Wei

Re: Using RMI Protocol to connect to OpenShift from external application

order to make it work with OpenShift, now? > > 2018-05-02 16:34 GMT+02:00 Joel Pearson <japear...@agiledigital.com.au>: > >> Selectors refer to labels, so it’d be >> deploymentconfig.metadata.labels.name >> >> SSL/TLS means the client has to support it too. So if t

Re: Prometheus node exporter on v3.7

Upgrade your cluster to 3.9 just to be safe? You know you want too ... ;) On Fri, 4 May 2018 at 6:00 am, Tim Dudgeon wrote: > Any Prometheus experts out there that can comment on this? > > > On 30/04/18 15:19, Tim Dudgeon wrote: > > I'm running Prometheus an Origin cluster

Re: Using RMI Protocol to connect to OpenShift from external application

> ports: > - port: 3036 > nodePort: 30036 > name: http > selector: > name: mysql > > > > > > 2018-05-02 15:53 GMT+02:00 Joel Pearson <japear...@agiledigital.com.au>: > >> If you're using SSL/TLS you could traverse the Ro

Re: Using RMI Protocol to connect to OpenShift from external application

If you're using SSL/TLS you could traverse the Router by use Passthrough. Otherwise, you have to use NodePorts on a Service or something like that. The Router is generally only really for HTTP, but with passthrough SSL/TLS just about anything could be running in the pod. On Wed, May 2, 2018 at

Re: FW: installing newest OCP 3.9 on RHEL 7.4 failed (MODULE ERROR)

Do you have a Redhat subscription? If not, you shouldn’t be trying to install OCP but rather Origin. If you don’t have a subscription configured then that’d probably explain why it can’t find the rpms. On Mon, 2 Apr 2018 at 8:35 pm, Lukas Budiman wrote: > I am really

Re: Accessing Remote Files via SSHFS

A quick google found this: https://karlstoney.com/2017/03/01/fuse-mount-in-kubernetes/ It looks like the approach would work for you too. But it’s worth mentioning that he’s doing the mount from within the container, so he needs the pod to start as a privileged pod. You can do that in open shift

Re: glusterfs setup

You’d have to run your Gluster cluster separate from OpenShift if you want a different volume type I’m guessing. On Thu, 29 Mar 2018 at 12:15 am, Tim Dudgeon <tdudgeon...@gmail.com> wrote: > Ah!, that's a shame. > > Tim > > On 28/03/18 14:11, Joel Pearson wrote: >

Re: glusterfs setup

“Distributed-Three-way replication is the only supported volume type.” https://access.redhat.com/documentation/en-us/red_hat_gluster_storage/3.2/html/container-native_storage_for_openshift_container_platform/ch03s02 On Thu, 29 Mar 2018 at 12:00 am, Tim Dudgeon wrote: >

Re: Reverse Proxy using Nginx

sing it. > > On Tue, Mar 20, 2018, 9:43 AM Joel Pearson <japear...@agiledigital.com.au> > wrote: > >> What do you want Nginx for? OpenShift has a component called the Router >> which routes traffic. It is based on Haproxy. You could run an nginx >> container tha

Re: Pods stuck on Terminating status

I had this at one point, but it was before I cared about the data in that cluster so I just rebuilt it, so you could just rebuild your cluster ;) But in all seriousness sounds like you need to do some etcd surgery, but I have no idea how that works. On Tue, 20 Mar 2018 at 4:00 am, bahhooo

Re: route resolution happens intermittently

Sounds like your DNS configuration is a bit weird. Do you control the DNS server where you put that myapps domain? How did you figure the nodes to use DNS? On Fri, 16 Mar 2018 at 3:47 pm, abdul nizam wrote: > Hi All, > > I have 2 nodes and one master. > I have installed OSE

Re: Reverse Proxy using Nginx

What do you want Nginx for? OpenShift has a component called the Router which routes traffic. It is based on Haproxy. You could run an nginx container that the router will send traffic to, but if you’re just trying to expose other apps. Then just use the built in Router. Unless you’re talking

Re: TSB fails to start

Are you using calico or something like that? If so why not consider a regular overlay network just to get it working? On Thu, 15 Mar 2018 at 5:26 am, Tim Dudgeon wrote: > A little more on this. > One the nodes that are not working the file >

OpenShift Origin 3.9.0 release imminent?

Is the OpenShift Origin 3.9.0 release imminent? I noticed the tag appeared 4 days ago, but without any detail yet: https://github.com/openshift/origin/releases ___ users mailing list users@lists.openshift.redhat.com

Re: Can the Origin Ansible Playbook stop on "Restart node" **fatal** errors?

You could edit the openshift-ansible\playbooks\common\openshift-node\restart.yml and add: max_fail_percentage: 0 under serial: "{{ openshift_restart_nodes_serial | default(1) }}" That, in theory, should make it fail straight away. On Wed, Mar 14, 2018 at 9:46 PM Alan Christie <

Re: How to use DNS hostname of OpenShift on AWS

anced_install.html > that shows how to define the master/etcd/nodes, and those names should be > used as the hostnames in the cluster. > > > > *From:* users-boun...@lists.openshift.redhat.com [mailto: > users-boun...@lists.openshift.redhat.com] *On Behalf Of *Joel Pearson > *S

How to use DNS hostname of OpenShift on AWS

Hi, I'm trying to figure out how to use the DNS hostname when deploying OpenShift on AWS using https://github.com/openshift/openshift-ansible-contrib/tree/master/reference-architecture/aws-ansible Currently it uses private dns name, eg, ip-10-2-7-121.ap-southeast-2.compute.internal but that isn't

Re: Deployment getting deleted when running configure.yml again

The information about where the bug is fixed is: https://lists.openshift.redhat.com/openshift-archives/users/2018-January/msg00042.html On Mon, 5 Feb 2018 at 8:19 pm, Alon Zusman wrote: > Yes I do. This fix worked for few times but then it started to make the > router and

Re: Deployment getting deleted when running configure.yml again

I presume you’re running OpenShift 3.7? If you’re running the new template broker (openshift-ansible installs it) it has a nasty bug that does what you describe. But you can work around it by removing an owner reference see:

Re: Passthrough TLS route not working

20, 2018 at 8:55 AM Joel Pearson <japear...@agiledigital.com.au> wrote: > What mode are you running the AWS load balancers in? You probably want to > run them as TCP load balancers and not HTTP. That way as you say the SNI > will not get messed with. > On Sat, 20 Jan 201

Re: Passthrough TLS route not working

What mode are you running the AWS load balancers in? You probably want to run them as TCP load balancers and not HTTP. That way as you say the SNI will not get messed with. On Sat, 20 Jan 2018 at 4:45 am, Marc Boorshtein wrote: > So if I bypass the AWS load balancer,

Re: OpenStack cloud provider problems

trying to do something in OpenStack > but this is failing. > > But what is it trying to do? > > On 17/01/18 10:49, Joel Pearson wrote: > > Complete stab in the dark, but maybe your OpenStack account doesn’t have > enough privileges to be able to complete an install? > On W

Re: OpenStack cloud provider problems

Complete stab in the dark, but maybe your OpenStack account doesn’t have enough privileges to be able to complete an install? On Wed, 17 Jan 2018 at 9:46 pm, Tim Dudgeon wrote: > I'm still having problems getting the OpenStack cloud provider running. > > I have a minimal

Re: Pod persistence without replication controller

You could use a StatefulSet if you want a consistent hostname, it would also ensure that there is a always one running. On Wed, 10 Jan 2018 at 3:49 am, Feld, Michael (IMS) wrote: > Does anyone know why a standalone pod (without a replication controller) > sometimes persists

Re: OpenShift Origin 3.7 Template Broker seems super flaky

ce? On 8 January 2018 at 15:29, Ben Parees <bpar...@redhat.com> wrote: > > > On Sun, Jan 7, 2018 at 9:35 PM, Joel Pearson < > japear...@agiledigital.com.au> wrote: > >> Ahh, I looked into all the obje

Re: OpenShift Origin 3.7 Template Broker seems super flaky

lated resources to json, strip out ownerReferences, and create all the resources again. On Mon, Jan 8, 2018 at 12:30 PM Joel Pearson <japear...@agiledigital.com.au> wrote: > Hmm, in my case I don't need to need to restart to cause the problem to > happen. Is there some way to run nigh

OpenShift Origin 3.7 Template Broker seems super flaky

Hi, Has anyone else noticed that the new OpenShift Origin 3.7 Template Broker seems super flaky? For example, if I deploy a Jenkins (Persistent or Ephemeral), and then I modify the route, by adding an annotation for example: kubernetes.io/tls-acme: 'true' I have

Re: Deployment to OpenStack

cs for this a bit baffling. Is there anyone on this list who > was involved with creating this who can help get this straight? > On 04/01/18 23:13, Joel Pearson wrote: > > Hi Tim, > > Yes, I only discovered what the basion setting did by looking at the heat > template, as I

Re: ansible service catalog continuous failures OpenShift 3.7.0

On Thu, Jan 4, 2018 at 9:31 PM Joel Pearson <japear...@agiledigital.com.au> wrote: > Hi, > > I've installed OpenShift 3.7.0 containerized on OpenStack, and I'm getting > some issues with the service catalog. It's spewing heaps of errors into > the journal. Lots of very large e

Re: Deployment to OpenStack

; So if anyone can shed any light on this then please do so! > > Could you explain more about 'an alternative is to create a floating ip > range that uses private non-routable ip addressees'? > > > On 04/01/18 20:17, Joel Pearson wrote: > > I had exactly the same concern and I discovere

Re: Limiting which LDAP users can login

emberOf=cn=staff,ou=groups,dc=company,dc=com,dc=au) And that worked like a charm. As manually provisioning users sounds like way too much effort. On Fri, Jan 5, 2018 at 1:50 AM Jordan Liggitt <jligg...@redhat.com> wrote: > On Thu, Jan 4, 2018 at 5:35 AM, Joel Pearson < > japear...@a

Re: Deployment to OpenStack

I had exactly the same concern and I discovered that inside the heat template there is a bastion mode, which once enabled it doesn’t use floating ip’s any more. Have a look at

  1   2   >