Re: Node AutoScaling

the cluster. Currently, > openshift-ansible has a playbook for joining nodes to an existing cluster > but that pattern doesn't work really well for node autoscaling. > > We are looking at ways to do this, but there is no work done as of yet. > > On Mon, Jan 30, 2017 at 7:23 AM, David C

Fwd: Node AutoScaling

, Subhendu Ghosh <sghosh...@gmail.com> wrote: > Hi David > > Are you looking to scale a single cluster from on-prem to AWS? One set of > masters? > > Subhendu > > On Jan 30, 2017 15:41, "David Conde" <da...@donedeal.ie> wrote: > >> Hi Se

Re: Docker Thin Pool Space

Ah thats handy to know thanks, On that note, I'm trying to upgrade a 3.4 cluster to 3.5 using ansible but I get the following error "Available origin-docker-excluder version 3.6.0 is higher than the upgrade target version" Has anyone seen this before? On Tue, Aug 15, 2017 at 2:31 PM, Scott

Docker Thin Pool Space

I keep getting the below error on my app nodes. Running Origin v1.4.1 on AWS installed using the reference architecture. Am I missing something which should be cleaning up? Error syncing pod, skipping: failed to "StartContainer" for "jnlp" with ErrImagePull: "failed to register layer: devmapper:

Re: Docker Thin Pool Space

Thanks Aleksandar, Do you just have that cron'd on each node? On Mon, Aug 14, 2017 at 1:24 PM, Aleksandar Lazic wrote: > Hi David. > > on Montag, 14. August 2017 at 13:46 was written: > > > I keep getting the below error on my app nodes. Running Origin v1.4.1 > > on AWS

Re: Docker Thin Pool Space

Thanks On Mon, Aug 14, 2017 at 2:20 PM, Aleksandar Lazic wrote: > Hi David. > > Yes. > > on Montag, 14. August 2017 at 15:05 was written: > > > Thanks Aleksandar, > > Do you just have that cron'd on each node? > > On Mon, Aug 14, 2017 at 1:24 PM, Aleksandar Lazic

Routing & External Service

on adding a configmap to all the haproxy config in the router config just to add the few extra headers for a single route. What would be the recommended way to achieve the above? Thanks, *David Conde* ___ users mailing list users

LoadBalancer & Security Groups

any ideas on how best to proceed? *David Conde* ___ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users

DBus Error

I am trying to add a node to Origin 3.6, I'm using the add-node.py script from openshift ansible aws contrib but I am seeing the following exception: *'This module requires dbus python bindings' * Has anything changed around dbus requirements? Thanks, Dave

Re: Routing & External Service

Thanks Aleksandar, I'll give that a try. David Conde On 2 May 2017 at 22:36, Aleksandar Lazic <al...@me2digital.eu> wrote: > Hi David. > > Am Wed, 26 Apr 2017 16:09:03 +0100 > schrieb David Conde <da...@donedeal.ie>: > > > I am looking for a bit of advice

Re: Kubelet & Cadvisor

wrote: > > On May 17, 2017, at 7:37 AM, David Conde <da...@donedeal.ie> wrote: > > Hi, > > I am trying to get the DataDog agent working with k8s integration. I'm > hitting an issue around cadvisor not being available. I have read that > cadvisor is available via kubelet

Kubelet & Cadvisor

Hi, I am trying to get the DataDog agent working with k8s integration. I'm hitting an issue around cadvisor not being available. I have read that cadvisor is available via kubelet as long as I'm using certs to access it. Does anyone know what the equivalent of the 2 URLs below are when trying to

Re: Kubelet & Cadvisor

ode for kube and see if > there’s any low hanging fruit that can be knocked out to get it talking to > openshift/heapster. They have a couple repos on github > https://github.com/DataDog/integrations-core/blob/master/ > kubernetes/check.py > > > > > > Alex > > > &g

Securing Masters

What is the recommendation around securing access to the masters? The AWS reference architecture currently has the master ELB fully public on the admin port. Is it recommended to lock down access to the masters to specific IPs? ___ users mailing list

Re: DBus Error

For completeness, this was solved here: https://github.com/openshift/openshift-ansible-contrib/issues/660 On Thu, Aug 17, 2017 at 4:11 PM, David Conde <da...@donedeal.ie> wrote: > I am trying to add a node to Origin 3.6, I'm using the add-node.py script > from openshift ansible aws c

Cluster AutoScaler

Are there any plans to include this in OpenShift? https://github.com/kubernetes/autoscaler/blob/master/cluster-autoscaler/cloudprovider/aws/README.md ___ users mailing list users@lists.openshift.redhat.com

Fwd: Securing Masters

Just bumping this one, any recommendations on below? What is the recommendation around securing access to the masters? The AWS reference architecture currently has the master ELB fully public on the admin port. Is it recommended to lock down access to the masters to specific IPs?

Re: Autoscaling groups

So Ansible is the best you'll get for now. > > On Tue, Jul 24, 2018 at 10:04 AM David Conde wrote: > >> Thanks, >> >> Is it possible to also do that with masters post upgrade? Do you have any >> info you could point me at to create the new node groups post upgrade

Re: How to avoid upgrading to 3.10?

This caught me out yesterday also, a fix is on the 3.9 branch now so updating from there should help. If using AWS you will have to rebuild your AMI also as far as I know so that the new yum repo files are picked up. On Tue, Aug 14, 2018 at 9:12 PM Peter Heitman wrote: > I use ansible to deploy

Re: Registry Permissions

Wed, Aug 22, 2018 at 9:39 AM Ben Parees wrote: > >> >> >> On Wed, Aug 22, 2018 at 6:51 AM, David Conde wrote: >> >>> Is it possible to add global pull permissions to a project in the >>> registry? I'm looking to have a single place for pushing images to

Registry Permissions

Is it possible to add global pull permissions to a project in the registry? I'm looking to have a single place for pushing images to that all projects can access, similar to how the Openshift project works for image and template access. Thanks, Dave ___

Re: Registry Permissions

My mistake. We only bind the openshift namespace to system:authenticated > > On Wed, Aug 22, 2018 at 9:49 AM David Conde wrote: > >> Thanks, will system:unauthenticated not open up the registry to people >> who are not authenticated at all? Also where do these permissions need

Re: Registry Permissions

Perfect thanks I'll give that a go :) On Wed, Aug 22, 2018 at 2:59 PM Ben Parees wrote: > > > On Wed, Aug 22, 2018 at 9:58 AM, Ben Parees wrote: > >> >> >> On Wed, Aug 22, 2018 at 9:49 AM, David Conde wrote: >> >>> Thanks, will system:unauthenticat

Re: Autoscaling groups

You’d have to add new node groups post upgrade and manage it that way. > > > On Jul 24, 2018, at 7:22 AM, David Conde wrote: > > > > I'm in the process of upgrading an origin cluster running on AWS from > 3.7 to 3.9 using openshift ansible. I'd like the new instances to be >

Re: OKD v3.11.0 has been tagged and pushed to GitHub

On the 4.0 changes, is the plan to provide the ability to upgrade from 3.11 to 4.0 or would a totally fresh install be required? On Thu, Oct 11, 2018 at 4:55 PM Clayton Coleman wrote: > https://github.com/openshift/origin/releases/tag/v3.11.0 contains the > release notes and latest binaries. >

Re: OpenShift Origin on AWS

We have upgraded from the 3.6 reference architecture to the 3.9 aws playbooks in openshift-ansible. There was quite a bit of work in getting nodes ported into the scaling groups. We have upgraded our masters to 3.9 with the BYO playbooks but have not ported them to use scaling groups yet. We'll

Re: Restricting access to some Routes

Hi Peter, Hopefully https://docs.openshift.com/container-platform/3.9/architecture/networking/routes.html#whitelist will sort you out. Dave On Thu, Aug 30, 2018 at 1:54 PM Peter Heitman wrote: > In my deployment there are 5 routes - two of them are from OpenShift > (docker-registry and

Certificate Updates

We currently have a 3.9 cluster running on AWS, we ran the certificate update ansible playbook but it failed due to not updating the nodes in autoscale groups. Can anyone point me at what is required to handle the above? Thanks, Dave ___ users mailing