Re: how to query openshift api-version ?

2018-08-01 Thread Nakayama Kenjiro 
"oc api-versions" is available on the latest binary. (For example, I tested
with v3.11.0-alpha.0+bb11f51-481 as below).
Having said that, both kubectl and oc api-versions should get same result,
as both hit to https:///apis.

  $ _output/local/bin/linux/amd64/oc api-versions
  admissionregistration.k8s.io/v1beta1
  apiextensions.k8s.io/v1beta1
  apiregistration.k8s.io/v1
  apiregistration.k8s.io/v1beta1
  apps.openshift.io/v1
  apps/v1
  apps/v1beta1
  apps/v1beta2
  authentication.k8s.io/v1
  authentication.k8s.io/v1beta1
  authorization.k8s.io/v1
  authorization.k8s.io/v1beta1
  authorization.openshift.io/v1
  autoscaling/v1
  autoscaling/v2beta1
  batch/v1
  batch/v1beta1
  build.openshift.io/v1
  certificates.k8s.io/v1beta1
  events.k8s.io/v1beta1
  extensions/v1beta1
  image.openshift.io/v1
  monitoring.coreos.com/v1
  network.openshift.io/v1
  networking.k8s.io/v1
  oauth.openshift.io/v1
  policy/v1beta1
  project.openshift.io/v1
  quota.openshift.io/v1
  rbac.authorization.k8s.io/v1
  rbac.authorization.k8s.io/v1beta1
  route.openshift.io/v1
  security.openshift.io/v1
  settings.k8s.io/v1alpha1
  storage.k8s.io/v1
  storage.k8s.io/v1beta1
  template.openshift.io/v1
  user.openshift.io/v1
  v1

  $ _output/local/bin/linux/amd64/oc version
  oc v3.11.0-alpha.0+bb11f51-481
  kubernetes v1.11.0+d4cacc0
  features: Basic-Auth GSSAPI Kerberos SPNEGO


On Thu, Aug 2, 2018 at 10:39 AM, Jack Hu  wrote:

> Hi ,
>
> I know k8s has "kubectl api-versions " , but oc no such command , now
> how to query openshift api-version ?
>
>
>
>
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>



-- 
Kenjiro NAKAYAMA 
GPG Key fingerprint = ED8F 049D E67A 727D 9A44  8E25 F44B E208 C946 5EB9
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Question about Azure blob support on OCP 3.5

2017-08-10 Thread Nakayama Kenjiro 
Hi,

> I have a customer asking question about OCP 3.5 support using Azure Blob
for their persistent storage requirements so that they can use it for
logging/metrics.

OpenShift 3.5 does NOT support Azure Blob for the persistent storage.
Please refer to the supported volume plug-ins list here:


https://docs.openshift.com/container-platform/3.5/install_config/persistent_storage/index.html#install-config-persistent-storage-index

> They tried to follow the advice base on below:
>
>
https://github.com/openshift/openshift-ansible/blob/release-1.5/roles/openshift_hosted/templates/registry_config.j2#L25-L30

Having said that, you are referring to the option of Azure Blob for
*Registry*, so you might want to configure Azure blob for registry.
In that case, you can refer to this knowledge article:

  How to configure Azure Blob Storage for OpenShift internal docker registry
  https://access.redhat.com/solutions/3097851

In terms of Ansible options, you can check all options which are supported
via openshift-ansible-docs rpm like below:

  (e.g) openshift-ansible-docs-3.5.78-1.git.0.f7be576.el7.noarch

/usr/share/doc/openshift-ansible-docs-3.5.78/docs/example-inventories/hosts.ose.example

but unfortunately it looks like
openshift_hosted_registry_storage_azure_blob_* are not officially supported
yet.

Anyway, the query is about OCP, so I think that we should discuss this on
RH internal ML.

Regards,
Kenjiro

On Fri, Aug 11, 2017 at 8:37 AM, Michael Calizo  wrote:

> Hi All,
>
> I have a customer asking question about OCP 3.5 support using Azure Blob
> for their persistent storage requirements so that they can use it for
> logging/metrics.
>
> They tried to follow the advice base on below:
>
> https://github.com/openshift/openshift-ansible/blob/release-1.5/roles/openshift_hosted/templates/registry_config.j2#L25-L30
>
> But this didn't help them.
>
> I would like to know if we have any reference customer that have
> successfully used azure blob as their persistent storage solution?
>
> Regards,
>
>
> *Michael Calizo*
> *Senior Technical Account Manager*
>
> Red Hat   Level 6, 1 Willis Street, Wellington
> mcal...@redhat.com  M: +64 274974450 <+64%20274%20974%20450>
>
>
>
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>


-- 
Kenjiro NAKAYAMA 
GPG Key fingerprint = ED8F 049D E67A 727D 9A44  8E25 F44B E208 C946 5EB9
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Getting alerts when Asynchronous Errata Updates are released

2017-04-21 Thread Nakayama Kenjiro 
Hi,

If you have Red Hat's OpenShift Container Platform subscription and are
using the product, it is possible. Please refer to
https://access.redhat.com/solutions/135503 (or please open support ticket.)

Regards,
Kenjiro

On Fri, Apr 21, 2017 at 10:35 PM, Gary Franczyk 
wrote:

> Is there a way to get email alerts when Asynchronous Errata updates are
> released?
>
>
>
> Thanks!
>
>
>
>
>
> *Gary Franczyk*
>
> Senior Unix Administrator, Infrastructure
>
>
>
> Availity | 10752 Deerwood Park Blvd S. Ste 110, Jacksonville FL 32256
> W 904.470.4953 <(904)%20470-4953> | M 561.313.2866 <(561)%20313-2866>
>
> *gary.franc...@availity.com *
>
>
> --
> The information contained in this e-mail may be privileged and
> confidential under applicable law. It is intended solely for the use of the
> person or firm named above. If the reader of this e-mail is not the
> intended recipient, please notify us immediately by returning the e-mail to
> the originating e-mail address. Availity, LLC is not responsible for errors
> or omissions in this e-mail message. Any personal comments made in this
> e-mail do not reflect the views of Availity, LLC.
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>


-- 
Kenjiro NAKAYAMA 
GPG Key fingerprint = ED8F 049D E67A 727D 9A44  8E25 F44B E208 C946 5EB9
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Application url not getting hosted on web browser

2016-03-28 Thread Nakayama Kenjiro 
Hi,

Your 'rpm -qf' says that 01_openshift_origin_node_servername.conf is
not owend by any packages.
The file should be owend by "rubygem-openshift-origin-frontend-apachedb"
package. (Please see below.)


https://github.com/openshift/origin-server/blob/84d6c56080fb4cecb7e7010be23ec07aafe8244b/plugins/frontend/apachedb/rubygem-openshift-origin-frontend-apachedb.spec#L92

I guess you installed openshift-origin by your "own method" and copied
01_openshift_origin_node_servername.conf from somewhere. (My guessing
is correct?)

If so, it will take a lot of effort to debug remotely
I'm sorry but I hope someone else assists you.

Regards,
Kenjiro


On Mon, Mar 28, 2016 at 6:35 PM, Rumeha rizwan <rumehariz...@gmail.com>
wrote:

> Hi
>
> I started the httpd service & it is running. But, when i try to host the
> application url on the web browser I'm getting apache web page on the
> browser instead of the default web page that is shown in the document. I'm
> enclosing screenshot of the page that I'm getting when i try to host the
> application url
>
> Regards
> Rumeha
>
> On Mon, Mar 28, 2016 at 12:55 PM, Rumeha rizwan <rumehariz...@gmail.com>
> wrote:
>
>> Hi
>>
>> I'm enclosing the screenshot of the ouput. I have the file, but the
>> second command when i run it shows command not found
>>
>> Regards
>> Rumeha
>>
>> On Mon, Mar 28, 2016 at 12:26 PM, Nakayama Kenjiro <
>> nakayamakenj...@gmail.com> wrote:
>>
>>> Hi,
>>>
>>> Before httpd failed to start, I can see that you installed httpd
>>> manually.
>>> httpd package should have been installed during your installation.
>>>
>>> I am wondering if your installation (Node) failed... Could you please
>>> check if you have this file or not?
>>>
>>>   # rpm -qf
>>> /etc/httpd/conf.d/01_openshift_origin_node_servername.conf
>>>   rubygem-openshift-origin-frontend-apachedb-0.6.1.0-1.el6op.noarch
>>>
>>> NOTE: My environ is OSE v2, but I guess you also should have same or
>>> similar file.
>>>
>>> Regards,
>>> Kenjiro
>>>
>>>
>>> On Mon, Mar 28, 2016 at 3:47 PM, Rumeha rizwan <rumehariz...@gmail.com>
>>> wrote:
>>>
>>>> Hi
>>>>
>>>> I tried to start httpd service. I'm enclosing the screenshot of what
>>>> output i got.
>>>>
>>>> Regards
>>>> Rumeha
>>>>
>>>> On Mon, Mar 28, 2016 at 11:59 AM, Nakayama Kenjiro <
>>>> nakayamakenj...@gmail.com> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> It says your host(192.168.3.27)'s 80 port rejects the request.
>>>>>
>>>>> Please check your iptables and httpd process as below.
>>>>>
>>>>> 1. iptables
>>>>>
>>>>>   # iptables -L -n |grep 80
>>>>>   ACCEPT tcp  --  0.0.0.0/00.0.0.0/0   state
>>>>> NEW tcp dpt:80
>>>>>
>>>>>
>>>>> 2. httpd process
>>>>>
>>>>>   # netstat -anp |grep ::80
>>>>>   tcp0  0 :::80
>>>>> :::*LISTEN  2021/httpd
>>>>>
>>>>> If httpd process is not running, please try to restart httpd on
>>>>> 192.168.3.27
>>>>>
>>>>>   # service httpd start
>>>>>
>>>>> Regards,
>>>>> Kenjiro
>>>>>
>>>>>
>>>>> On Mon, Mar 28, 2016 at 3:00 PM, Rumeha rizwan <rumehariz...@gmail.com
>>>>> > wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> Currently i have application abc running so i'm using the url of
>>>>>> application abc which is in domain localhost. I'm enclosing the 
>>>>>> screenshot
>>>>>> of what i got when i ran the url with curl command.
>>>>>>
>>>>>> Regards
>>>>>> Rumeha
>>>>>>
>>>>>> On Mon, Mar 28, 2016 at 11:16 AM, Nakayama Kenjiro <
>>>>>> nakayamakenj...@gmail.com> wrote:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> Could you please tell us what message you get by "curl -vvv
>>>>>>> http://firstphp2-broker.example.com;?
>>>>>>>
>>>>>>> Regards,
>>

Re: Application url not getting hosted on web browser

2016-03-28 Thread Nakayama Kenjiro 
Hi,

Before httpd failed to start, I can see that you installed httpd manually.
httpd package should have been installed during your installation.

I am wondering if your installation (Node) failed... Could you please check
if you have this file or not?

  # rpm -qf /etc/httpd/conf.d/01_openshift_origin_node_servername.conf
  rubygem-openshift-origin-frontend-apachedb-0.6.1.0-1.el6op.noarch

NOTE: My environ is OSE v2, but I guess you also should have same or
similar file.

Regards,
Kenjiro


On Mon, Mar 28, 2016 at 3:47 PM, Rumeha rizwan <rumehariz...@gmail.com>
wrote:

> Hi
>
> I tried to start httpd service. I'm enclosing the screenshot of what
> output i got.
>
> Regards
> Rumeha
>
> On Mon, Mar 28, 2016 at 11:59 AM, Nakayama Kenjiro <
> nakayamakenj...@gmail.com> wrote:
>
>> Hi,
>>
>> It says your host(192.168.3.27)'s 80 port rejects the request.
>>
>> Please check your iptables and httpd process as below.
>>
>> 1. iptables
>>
>>   # iptables -L -n |grep 80
>>   ACCEPT tcp  --  0.0.0.0/00.0.0.0/0   state NEW
>> tcp dpt:80
>>
>>
>> 2. httpd process
>>
>>   # netstat -anp |grep ::80
>>   tcp0  0 :::80
>> :::*LISTEN  2021/httpd
>>
>> If httpd process is not running, please try to restart httpd on
>> 192.168.3.27
>>
>>   # service httpd start
>>
>> Regards,
>> Kenjiro
>>
>>
>> On Mon, Mar 28, 2016 at 3:00 PM, Rumeha rizwan <rumehariz...@gmail.com>
>> wrote:
>>
>>> Hi,
>>>
>>> Currently i have application abc running so i'm using the url of
>>> application abc which is in domain localhost. I'm enclosing the screenshot
>>> of what i got when i ran the url with curl command.
>>>
>>> Regards
>>> Rumeha
>>>
>>> On Mon, Mar 28, 2016 at 11:16 AM, Nakayama Kenjiro <
>>> nakayamakenj...@gmail.com> wrote:
>>>
>>>> Hi,
>>>>
>>>> Could you please tell us what message you get by "curl -vvv
>>>> http://firstphp2-broker.example.com;?
>>>>
>>>> Regards,
>>>> Kenjiro
>>>>
>>>> On Mon, Mar 28, 2016 at 2:28 PM, Rumeha rizwan <rumehariz...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hi
>>>>>
>>>>> I have installed openshift on centos 6.7. I have used two separate
>>>>> systems for broker & node. Openshift is working fine & it is also getting
>>>>> hosted on browser without any problem.
>>>>>
>>>>> I tried creating a simple application by following the steps to create
>>>>> an application provided by redhat. The application is getting created but
>>>>> I'm not able to host the application on web browser using the url that is
>>>>> provided after the application is created. I'm enclosing the screenshots.
>>>>> Can someone please give me a solution for this.
>>>>>
>>>>> Regards
>>>>> Rumeha
>>>>>
>>>>> ___
>>>>> users mailing list
>>>>> users@lists.openshift.redhat.com
>>>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Kenjiro NAKAYAMA <nakayamakenj...@gmail.com>
>>>> GPG Key fingerprint = ED8F 049D E67A 727D 9A44  8E25 F44B E208 C946 5EB9
>>>>
>>>
>>>
>>
>>
>> --
>> Kenjiro NAKAYAMA <nakayamakenj...@gmail.com>
>> GPG Key fingerprint = ED8F 049D E67A 727D 9A44  8E25 F44B E208 C946 5EB9
>>
>
>


-- 
Kenjiro NAKAYAMA <nakayamakenj...@gmail.com>
GPG Key fingerprint = ED8F 049D E67A 727D 9A44  8E25 F44B E208 C946 5EB9
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Still having trouble with 1.1.1

2016-02-06 Thread Nakayama Kenjiro 
Hi,

Could you please isolate your problem with following tests? I would like
you to check if they could reproduce your issue or not.

test#1. Build and Deploy from internal registry (with openshift project's
php test image).

  $ oc new-app https://github.com/openshift/sti-php.git
--context-dir=5.5/test/test-app --strategy=source

test#2. Deploy from docker hub w/o build

  $ oc new-app openshift/hello-openshift

test#3. Deploy from docker hub w/o build,deploymentConfig

 NOTE: Please delete previous app by "oc delete all -l
app=hello-openshift", before running test#3.
 $ oc create -f
https://raw.githubusercontent.com/openshift/origin/master/examples/hello-openshift/hello-pod.json

If test#1 succeeded, your image has some issue. (it also might be
privilege.)
If test#1 failed but test#2 succeeded, the deployment from your internal
registry has some issue.
If test#1,#2 failed but test#3 succeeded, your deploymentConfig has some
issue.
If test#1,#2,#3 failed, most probably your docker infrastructure has some
issue.

Thanks,
Kenjiro

On Sun, Feb 7, 2016 at 1:52 PM, Dean Peterson 
wrote:

> Actually, I meant I changed runAsUser to runAsAny in scc restricted.
>
> On Sat, Feb 6, 2016 at 10:48 PM, Dean Peterson 
> wrote:
>
>> The last time I had containers starting and the logs were blank I needed
>> to set the runAsUser to runAsAny because I use root inside my docker
>> files.  I checked that setting and the scc privileged file is set to
>> runAsAny.
>>
>> On Sat, Feb 6, 2016 at 10:36 PM, Dean Peterson 
>> wrote:
>>
>>> The container log is empty.
>>> docker logs  just moves to the next line.
>>>
>>> On Fri, Feb 5, 2016 at 2:06 PM, Clayton Coleman 
>>> wrote:
>>>
 The deployment logs seems to be indicating that your first container
 did not start cleanly in 120s.  What do the logs of that container (via
 docker or via oc logs) show?

 On Feb 5, 2016, at 10:16 AM, Dean Peterson 
 wrote:

 I am still evaluating Openshift for use with the State of MN.  I am
 testing it on a separate project of mine.  I was fairly impressed with
 Openshift until I started having significant problems with no indication
 what is wrong.

 On every new build (for every service), the subsequent deployment of
 the associated service fails.  The pods remain in pending state and
 ultimately the deployment indicates failure.  I have to manually delete the
 deployment config, then delete the service and delete the pods.  Then I add
 the service back using the same template I used to create it in the first
 place.  I have to do that about 4 times before the pods successfully
 deploy.  I did open a ticket as requested about a week ago;
 https://bugzilla.redhat.com/show_bug.cgi?id=1303273

 The latest deployment failure is again showing no indication what is
 causing the problem:

 Deployment Logs
 https://gist.github.com/deanpeterson/27db87427a15a5c7421c

 Openshift console on startup
 https://gist.github.com/anonymous/0973fa19361337891110

 Event Log Image:
 

 ___
 users mailing list
 users@lists.openshift.redhat.com
 http://lists.openshift.redhat.com/openshiftmm/listinfo/users


>>>
>>
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>


-- 
Kenjiro NAKAYAMA 
GPG Key fingerprint = ED8F 049D E67A 727D 9A44  8E25 F44B E208 C946 5EB9
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: swagger UI

2016-02-02 Thread Nakayama Kenjiro 
I could reproduce your error with "-I" option on my end.

  curl -Ik https://localhost:8443/swaggerapi/oapi/v1
  HTTP/1.1 405 Method Not Allowed
  Date: Fri, 08 Jan 2016 11:48:17 GMT
  Content-Length: 23
  Content-Type: text/plain; charset=utf-8

However, your browser should have worked, and so, my guessing is conflict
with your previous comment below.

> Am getting method not allowed. Tried CLI and browser. Browser simply
throwing a blank download page

Didn't you add "https://; to your browser URL?

Anyway, I hope that you provide the result of curl without "-I" option.

Thanks,
Kenjiro


On Wed, Feb 3, 2016 at 2:37 PM, Nakayama Kenjiro <nakayamakenj...@gmail.com>
wrote:

> Hi,
>
> Please don't use "-I" option for the curl. "-I" option is sending
> different request.
>
> Your command:
>   # curl -vvv -Ik https://:8443/swaggerapi/oapi/v1
>
> TOBE:
>   # curl -vvv -k https://:8443/swaggerapi/oapi/v1
>
> Best,
> Kenjiro
>
> On Wed, Feb 3, 2016 at 2:24 PM, Srinivas Naga Kotaru (skotaru) <
> skot...@cisco.com> wrote:
>
>> Tried all options. Below is output. Can you explain what proxy is doing
>> and how to check/configure and fix? Installation was default using ansible.
>> Since this is test setup, we didn’t optimized or tuned anything
>>
>> Sample API is working fine.
>>
>> # oc whoami -t
>>
>> #TOKEN=
>>
>>
>> #curl -k https://mad-osshift-vip01.cisco.com:8443/api/v1 -H
>> "Authorization: Bearer $TOKEN
>>
>>
>> From laptop:
>> ===
>>
>> # curl -vvv -Ik https://:8443/swaggerapi/oapi/v1
>> * About to connect() to mad-osshift-master01.cisco.com port 8443 (#0)
>> *   Trying 10.42.137.150...
>> * Connected to mad-osshift-master01.cisco.com (10.42.137.150) port 8443
>> (#0)
>> * Initializing NSS with certpath: sql:/etc/pki/nssdb
>> * skipping SSL peer certificate verification
>> * NSS: client certificate not found (nickname not specified)
>> * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
>> * Server certificate:
>> * subject: CN=10.42.137.150
>> * start date: Dec 02 18:27:54 2015 GMT
>> * expire date: Dec 01 18:27:55 2017 GMT
>> * common name: 10.42.137.150
>> * issuer: CN=openshift-signer@1449080872
>> > HEAD /swaggerapi/oapi/v1 HTTP/1.1
>> > User-Agent: curl/7.29.0
>> > Host: mad-osshift-master01.cisco.com:8443
>> > Accept: */*
>> >
>> < HTTP/1.1 405 Method Not Allowed
>> HTTP/1.1 405 Method Not Allowed
>> < Date: Wed, 03 Feb 2016 05:17:25 GMT
>> Date: Wed, 03 Feb 2016 05:17:25 GMT
>> < Content-Length: 23
>> Content-Length: 23
>> < Content-Type: text/plain; charset=utf-8
>> Content-Type: text/plain; charset=utf-8
>>
>> <
>> * Connection #0 to host mad-osshift-master01.cisco.com left intact
>>
>>
>> From master host
>> ==:
>>
>> # curl -vvv -Ik https://localhost:8443/swaggerapi/oapi/v1
>> * About to connect() to localhost port 8443 (#0)
>> *   Trying ::1...
>> * Connection refused
>> *   Trying 127.0.0.1...
>> * Connected to localhost (127.0.0.1) port 8443 (#0)
>> * Initializing NSS with certpath: sql:/etc/pki/nssdb
>> * skipping SSL peer certificate verification
>> * NSS: client certificate not found (nickname not specified)
>> * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
>> * Server certificate:
>> * subject: CN=10.42.137.150
>> * start date: Dec 02 18:27:54 2015 GMT
>> * expire date: Dec 01 18:27:55 2017 GMT
>> * common name: 10.42.137.150
>> * issuer: CN=openshift-signer@1449080872
>> > HEAD /swaggerapi/oapi/v1 HTTP/1.1
>> > User-Agent: curl/7.29.0
>> > Host: localhost:8443
>> > Accept: */*
>> >
>> < HTTP/1.1 405 Method Not Allowed
>> HTTP/1.1 405 Method Not Allowed
>> < Date: Wed, 03 Feb 2016 05:19:01 GMT
>> Date: Wed, 03 Feb 2016 05:19:01 GMT
>> < Content-Length: 23
>> Content-Length: 23
>> < Content-Type: text/plain; charset=utf-8
>> Content-Type: text/plain; charset=utf-8
>>
>> <
>> * Connection #0 to host localhost left intact
>>
>>
>> # curl -Ik https://< <https://%3CHOST>MASTER HOST
>> IP>:8443/swaggerapi/oapi/v1 –vvv
>>
>> * About to connect() to 10.42.137.150 port 8443 (#0)
>> *   Trying 10.42.137.150...
>> * Connected to 10.42.137.150 (10.42.137.150) port 8443 (#0)
>> * Initializing NSS with certpath: sql:/etc/pki/nssdb
>> * skipping SSL peer certificate verification
>> * NSS: clien

Re: Share ssh-key with other nodes during installation

2016-01-26 Thread Nakayama Kenjiro 
If you will install openshift with ansible-playbook(advanced-installation),
I think you can avoid the issue by ansible's function.

Here is the steps:

1. Set ansible_ssh_user in /etc/ansible/hosts

  [OSEv3:vars]
  ansible_ssh_user=root
  ...

2. Run ansible-playbook with -k option

  $ ansible-playbook
/usr/share/ansible/openshift-ansible/playbooks/byo/config.yml -vvv -k | tee
~/ansible_install.log

3. After that you can input SSH password. (So, you don't need to exchange
the ssh key beforehand.)

  SSH password:

Best,
Kenjiro



On Tue, Jan 26, 2016 at 8:18 PM, Lorenz Vanthillo <
lorenz.vanthi...@outlook.com> wrote:

> Hi Fran,
>
> I'm not sure how to interpret your answer.
> First of all I can give this information:
>
> I ssh from my PC to my instances with ssh centos@ec2.. (without .pem).
> (To all my instances)
> On my master I perform: ssh-keygen and press enter. (I tried this as root
> and as centos-user).
>
> After that I perform the loop. and the permission is denied. I ran the
> loop as root (and also once as centos-user).
>
>
> --
> Date: Tue, 26 Jan 2016 12:13:38 +0100
> Subject: Re: Share ssh-key with other nodes during installation
> From: franbarre...@gmail.com
> To: lorenz.vanthi...@outlook.com
> CC: users@lists.openshift.redhat.com
>
>
> Hi Lorenz,
>
> Is the user you are trying to copy the ssh keys capable to connect with
> these machines via ssh? It seems like these machines only allow connection
> via ssh key.
>
> Regards.
>
> 2016-01-26 11:31 GMT+01:00 Lorenz Vanthillo 
> :
>
> I do not use a .pem-key to ssh to my instances. I'm performing this on a
> centos-instance of amazon ec2.
>
> --
> From: lorenz.vanthi...@outlook.com
> To: users@lists.openshift.redhat.com
> Subject: Share ssh-key with other nodes during installation
> Date: Tue, 26 Jan 2016 11:04:05 +0100
>
>
> I've installed OpenShift origin 1.1 a few times. But I always have to copy
> the key manually from the master to it nodes.
> But when I have to create a cluster with many nodes I want to automate
> this.
> I saw:
>
> # for host in master.example.com \
> node1.example.com \
> node2.example.com; \
> do ssh-copy-id -i ~/.ssh/id_rsa.pub $host; \
> done
>
> Which looked very promissing but I always got:
> /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter 
> out any that are already installed
> /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are 
> prompted now it is to install the new keys
> Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
> /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter 
> out any that are already installed
> /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are 
> prompted now it is to install the new keys
> Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
> /bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter 
> out any that are already installed
> /bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are 
> prompted now it is to install the new keys
> Permission denied (publickey,gssapi-keyex,gssapi-with-mic).
>
> What's wrong with the permissions?
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>
>
> ___
> users mailing list
> users@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>
>


-- 
Kenjiro NAKAYAMA 
GPG Key fingerprint = ED8F 049D E67A 727D 9A44  8E25 F44B E208 C946 5EB9
___
users mailing list
users@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users