DNS issue install OpenShift on OpenStack

2017-10-09 Thread Joel Pearson
using the dns server it installed, and hence internal DNS doesn't resolve. Is there a way to get the openstack-ansible playbooks to use the internal dns (which was created by “ansible-playbook openshift-ansible-contrib/playbooks/provisioning/openstack/provision.yaml”), which in my case is “10.2.100.5”?

Unable to dynamically provision cinder volumes

2017-10-13 Thread Joel Pearson
sType in the storage class but it hasn't helped. My /etc/origin/cloudprovider/openstack.conf looks correct, but I cannot figure out what is going on. There is nothing useful in journalctl -xe on the master How else can I diagnose? Thanks, Joel -- Kind Regards, Joel Pearson Agile Digital | Senior

Re: Unable to dynamically provision cinder volumes

2017-10-16 Thread Joel Pearson
nshift 3.6 on OpenStack without that setting. Thanks, Joel On Sat, Oct 14, 2017 at 1:49 PM Joel Pearson <japear...@agiledigital.com.au> wrote: > Hi, > > I'm having no luck getting dynamic provisioning of cinder volumes working. > > I followed > https://docs.o

Re: DNS issue install OpenShift on OpenStack

2017-10-09 Thread Joel Pearson
; > Good luck ☺ > > > > *De : *<users-boun...@lists.openshift.redhat.com> au nom de Joel Pearson < > japear...@agiledigital.com.au> > *Date : *lundi 9 octobre 2017 à 14:54 > *À : *"users@lists.openshift.redhat.com" <users@lists.openshift.redhat.com > > > *O

Re: DNS issue install OpenShift on OpenStack

2017-10-09 Thread Joel Pearson
Ok, my bad it looks like the https://github.com/openshift/openshift-ansible-contrib/blob/master/playbooks/provisioning/openstack/post-provision-openstack.yml playbook does what I’m after. I’ll run that and see what happens On Tue, 10 Oct 2017 at 6:58 am, Joel Pearson <japear...@agiledigital.com

Re: DNS issue install OpenShift on OpenStack

2017-10-09 Thread Joel Pearson
Looks like the post-provision-openstack.yml did run by itself, but I needed to restart all the nodes to pick up the new DNS entries via DHCP. Maybe I should submit a PR to include that tip, unless of course, a restart wasn't supposed to be necessary. On Tue, Oct 10, 2017 at 7:15 AM Joel Pearson

Re: Origin router and X-Forwarded-For

2017-10-11 Thread Joel Pearson
> users@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/users > -- Kind Regards, Joel Pearson Agile Digital | Senior Software Consultant Love Your Software™ | ABN 98 106 361 273 p: 1300 858 277 | m: 0405 417 843 <0405417843> | w: agiledigital.com.au ___

Re: Origin router and X-Forwarded-For

2017-10-11 Thread Joel Pearson
Sorry I meant it say, it *cannot modify the http request in any way. On Thu, 12 Oct 2017 at 12:51 am, Joel Pearson <japear...@agiledigital.com.au> wrote: > Hi Marcelo, > > If you use Passthrough termination then that means that OpenShift cannot > add the X-Forwarded-F

Re: authentication required even for pulling images from private registry

2017-10-18 Thread Joel Pearson
; Jared, (韦煜) > Software developer > Interested in open source software, big data, Linux > ___ > users mailing list > users@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/users > -- Kind Regards, Joel Pea

Re: LDAP bindPassword in Ansible inventory

2017-10-24 Thread Joel Pearson
> openshift_master_identity_providers=[{'name': 'my_ldap_provider', ..., >>> 'kind': 'LDAPPasswordIdentityProvider', ..., *'bindPassword': { 'file': >>> 'bindPassword.encrypted'* >>> *'keyFile': 'bindPassword.key'}*, ...}] >>> >>> Thanks >>> >> >

Re: ansible with openstack cloud provider

2017-11-24 Thread Joel Pearson
ct. > > The value of password is the API password and works with the python > openstack client. > > Can anyone spot what is wrong? > What is Openshift tying to do when it tries to init the cloud provider and > fails? > > > > > On 04/11/2017 11:51, Joel Pearson

Re: Permissions problem mounting file from ConfigMap

2017-12-13 Thread Joel Pearson
Oh, I didn't realise configmaps got updated without a Pod restart. How long does it take to update? I see in ( https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#mounted-configmaps-are-updated-automatically) it says the kubelet sync period + ttl. What are the

Old JBoss AS 7.1.1 Java 7 container hangs

2017-11-16 Thread Joel Pearson
Hi, I’m trying to get an existing docker container that has Oracle Java 7 and JBoss AS 7.1.1 running in OpenShift 3.6. However when JBoss tries to start the jvm it hangs with no output, in a terminal we’ve tried running the same Java command that standalone.sh runs and it hangs the same way.

Re: How to pull images from a remote registry with the actual layers instead of just metadata?

2017-11-17 Thread Joel Pearson
d by the istag import > policy: > > importPolicy: insecure: true > > I have not been able to get it to work with insecure: false. I can't find > the right place to put the remote's ca for the registry to use it. But it > all works well when insecure is true. > > > C

Re: How to pull images from a remote registry with the actual layers instead of just metadata?

2017-11-17 Thread Joel Pearson
, but the pull should > be faster once the blobs have been cached in the local registry. (assuming > mirroring pullthrough is turned on, which by default i believe it is). > > > > >> >> On 18 November 2017 at 16:53, Joel Pearson <japear...@agiledigital.co

Re: How to pull images from a remote registry with the actual layers instead of just metadata?

2017-11-17 Thread Joel Pearson
Ahh ok. Is there some way to abuse build config‘s to push existing images to remote OpenShift registries? On Sat, 18 Nov 2017 at 6:15 pm, Ben Parees <bpar...@redhat.com> wrote: > On Sat, Nov 18, 2017 at 2:12 AM, Joel Pearson < > japear...@agiledigital.com.au> wrote: >

Re: SSO with OAUTH/OIDC between OpenShift and Jenkins not working

2017-11-17 Thread Joel Pearson
I’ve had this problem too. You need to use the original route name (you can change the host name) as the Jenkins service account refers to the route name for oauth purposes. On Sat, 18 Nov 2017 at 4:13 pm, Marc Boorshtein wrote: > I have a fresh install of Origin 3.6.1 on

Re: How to pull images from a remote registry with the actual layers instead of just metadata?

2017-11-18 Thread Joel Pearson
oud.kubernetes.secrets.paths=/tmp/applicationproperties' > -Dmaven.test.skip=true -Djava.net.preferIPv4Stack=true > -Dfabric8.mode=openshift -Dfabric8.skipResourceValidation=true > -Dopenshiftnamespace=${destNamespace} -Dreplicas=${replicaCount} clean > fabric8:resource-apply -s devops/maven/

OpenShift registry behind registry auth issues

2017-11-20 Thread Joel Pearson
Hi, I spend most of the day debugging why my OpenShift registry wasn’t working because the cluster lives behind a http proxy. I can see OpenShift ansible configured the registry with proxy settings including no_proxy, but in the error logs I could see during authentication it was trying to talk

Re: How to pull images from a remote registry with the actual layers instead of just metadata?

2017-11-18 Thread Joel Pearson
It would introduce a new final layer right? Because after every build, OpenShift automatically adds a bunch of labels? On Sun, 19 Nov 2017 at 7:13 am, Ben Parees <bpar...@redhat.com> wrote: > On Sat, Nov 18, 2017 at 2:54 AM, Joel Pearson < > japear...@agiledigital.com.au>

Re: Re-configure openshift cluster using ansible

2017-11-21 Thread Joel Pearson
For reference what you're after is: openshift_disable_check=disk_availability On Wed, Nov 22, 2017 at 5:05 AM Scott Dodson wrote: > It really depends on the configuration changes you want to make whether or > not you can simply re-run config.yml and get what you're looking

How to pull images from a remote registry with the actual layers instead of just metadata?

2017-11-17 Thread Joel Pearson
Hi, I'm using OpenShift 3.6.1 in AWS and I tried using "oc import-image" to pull an image from one openshift cluster to another. I setup the docker secrets, and it appeared to be working as there was a bunch of metadata visible in the image stream. However, when actually started a pod, it

Re: ansible with openstack cloud provider

2017-11-04 Thread Joel Pearson
. If you have issues with cinder, you might need to try my pull request too. https://github.com/openshift/openshift-ansible/pull/5776 On Sat, Nov 4, 2017 at 9:21 PM Joel Pearson <japear...@agiledigital.com.au> wrote: > Yes mine too, but if you want it to work you need to add it back. I

Failing to install containerized version of origin

2017-11-06 Thread Joel Pearson
ger stable. But I want the containerized version now, so that I can get 3.6.1, as it looks like there are no rpms for 3.6.1 yet. Thanks, -Joel -- Kind Regards, Joel Pearson Agile Digital | Senior Software Consultant Love Your Software™ | ABN 98 106 361 273 p: 1300 858 277 | m: 0405 417

Re: Failing to install containerized version of origin

2017-11-06 Thread Joel Pearson
.centos.x86_64 On Tue, Nov 7, 2017 at 11:01 AM Joel Pearson <japear...@agiledigital.com.au> wrote: > Hi, > > I'm trying to install Origin 3.6.1 in AWS, and the containerized version > isn't working because the redhat registry isn't setup correctly via the > ansible scripts. > >

Re: Failing to install containerized version of origin

2017-11-06 Thread Joel Pearson
We're going to work on making > that the default for origin installs. > > Also, the origin 3.6.1 RPMs were tagged into the release repos today so > those should soon be available if you prefer RPM based installs. > > > On Mon, Nov 6, 2017 at 7:14 PM, Joel Pearson < >

Re: ansible with openstack cloud provider

2017-11-03 Thread Joel Pearson
th:"/etc/origin/cloudprovider/openstack.conf", Err:0x2} > > And indeed the /etc/origin/cloudprovider/ dir is empty. > > So am I missing something important here? > > ___ > users mailing list > users@lists.openshift.redhat.c

Re: ansible with openstack cloud provider

2017-11-04 Thread Joel Pearson
I added this to mine: openshift_cloudprovider_openstack_tenant_name: "{{ lookup('env','OS_TENANT_NAME') }}" On Sat, Nov 4, 2017 at 8:50 PM Joel Pearson <japear...@agiledigital.com.au> wrote: > You're missing "(openshift_cloudprov

Re: ansible with openstack cloud provider

2017-11-04 Thread Joel Pearson
/openshift-ansible/blob/81cf5123366814d098b7ca169a6e4deb2759507d/roles/openshift_cloud_provider/tasks/openstack.yml#L10 On Sat, Nov 4, 2017 at 8:41 PM Tim Dudgeon <tdudgeon...@gmail.com> wrote: > On 03/11/2017 22:24, Joel Pearson wrote: > > Are you actually filling in those values wi

Re: ansible with openstack cloud provider

2017-11-04 Thread Joel Pearson
ems in case set > unset OS_TENANT_ID > unset OS_TENANT_NAME > > Is openshift expecting an earlier release? > > On 04/11/2017 09:51, Joel Pearson wrote: > > I added this to mine: > > openshift_cloudprovider_openstack_tenant_name: "{{ > lookup('env','OS_TENANT_NAME'

Re: OpenShift master keeps consuming lots and memory and swapping

2017-10-20 Thread Joel Pearson
an be caused by not running prune or having an > automated process that creates lots of an object. Excessive CPU use can be > caused by an errant client or component stuck in a hot loop repeatedly > taking the same action. > > > > On Oct 21, 2017, at 1:55 AM, Joel Pearson <ja

Re: Using RMI Protocol to connect to OpenShift from external application

2018-05-04 Thread Joel Pearson
order to make it work with OpenShift, now? > > 2018-05-02 16:34 GMT+02:00 Joel Pearson <japear...@agiledigital.com.au>: > >> Selectors refer to labels, so it’d be >> deploymentconfig.metadata.labels.name >> >> SSL/TLS means the client has to support it too. So if t

Re: RPMs for 3.9 on Centos

2018-05-21 Thread Joel Pearson
_enable_origin_repo=true > openshift_repos_enable_testing=true > > On 21/05/18 11:32, Joel Pearson wrote: > > They’re in the paas repo. You don’t have that repo installed for some > reason. > > Ansible is supposed to lay that down > > http://mirror.centos.org/centos

Re: RPMs for 3.9 on Centos

2018-05-21 Thread Joel Pearson
They’re in the paas repo. You don’t have that repo installed for some reason. Ansible is supposed to lay that down http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin/ Why don’t you use the system container version instead? Or you prefer rpms? On Mon, 21 May 2018 at 8:30 pm, Tim

Re: question about external load balancer

2018-05-18 Thread Joel Pearson
OpenShift already has some support for F5 load balancer’s as a router. So maybe given the choice between F5 or netscalers, then F5’s might make sense. But either will work fine, it’s probably more a question of which device you have more skills in. On Wed, 16 May 2018 at 3:17 am, Yu Wei

Re: load balancing for infra node in HA setup

2018-06-08 Thread Joel Pearson
Tim > > [1] https://docs.openshift.org/latest/install_config/install/adv > anced_install.html#multiple-masters > > ___ > users mailing list > users@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/users >

What is the most reliable deployment method for 3.9 origin

2018-06-13 Thread Joel Pearson
Hi, I’m wondering what the most reliable method for installing Origin on Centos 7 is? * RPMs * Containerized * System containers Just recently we discovered that upgrading from 3.6 to 3.7 doesn’t seem to be tested using the containerized method, as the etcd upgrade fails as it tries to find

Re: What is the most reliable deployment method for 3.9 origin

2018-06-15 Thread Joel Pearson
egardless > > > > > On Jun 13, 2018, at 23:26, Joel Pearson > wrote: > > > > Hi, > > > > I’m wondering what the most reliable method for installing Origin on > Centos 7 is? > > > > * RPMs > > * Containerized > > * System containers &

Re: errors accessing egressnetworkpolicies.network.openshift.io when attempting to export project

2018-06-01 Thread Joel Pearson
I guess that means your admin user doesn’t have the cluster-admin role On Sat, 2 Jun 2018 at 4:02 am, Brian Keyes wrote: > I am attempting to follow these instructions > > > https://docs.openshift.com/container-platform/3.7/day_two_guide/project_level_tasks.html > > I want to backup THE sample

Re: OC debug command does not show command prompt

2018-06-06 Thread Joel Pearson
What operating system is your local machine? Ok windows I’ve noticed the oc binary doesn’t doesn’t do terminal emulation properly. So it looks like it’s hanging but it’s actually working. Try typing “ls” and see if the command has actually worked, but you’re just not setting the command prompt. On

How to make 172.30.0.1 (kubernetes service) health checked?

2018-06-27 Thread Joel Pearson
Hi, I'm running OpenShift 3.9 on AWS with masters in HA mode using Classic ELB's doing TCP load balancing. If I restart masters, from outside the cluster the ELB does the right thing and takes a master out of service. However, if something tries to talk to the kubernetes API inside the cluster,

Re: Using RMI Protocol to connect to OpenShift from external application

2018-05-02 Thread Joel Pearson
If you're using SSL/TLS you could traverse the Router by use Passthrough. Otherwise, you have to use NodePorts on a Service or something like that. The Router is generally only really for HTTP, but with passthrough SSL/TLS just about anything could be running in the pod. On Wed, May 2, 2018 at

Re: Using RMI Protocol to connect to OpenShift from external application

2018-05-02 Thread Joel Pearson
> ports: > - port: 3036 > nodePort: 30036 > name: http > selector: > name: mysql > > > > > > 2018-05-02 15:53 GMT+02:00 Joel Pearson <japear...@agiledigital.com.au>: > >> If you're using SSL/TLS you could traverse the Ro

Re: Prometheus node exporter on v3.7

2018-05-03 Thread Joel Pearson
Upgrade your cluster to 3.9 just to be safe? You know you want too ... ;) On Fri, 4 May 2018 at 6:00 am, Tim Dudgeon wrote: > Any Prometheus experts out there that can comment on this? > > > On 30/04/18 15:19, Tim Dudgeon wrote: > > I'm running Prometheus an Origin cluster

Re: OpenShift on AWS using Terraform

2017-12-30 Thread Joel Pearson
If you’re ok with CloudFormation then these ansible scripts can do that https://github.com/openshift/openshift-ansible-contrib/tree/master/reference-architecture/aws-ansible On Sun, 31 Dec 2017 at 4:46 am, Krzysztof Sobkowiak < krzys.sobkow...@gmail.com> wrote: > Hi > > I'd like to provision an

Re: Limiting which LDAP users can login

2018-01-04 Thread Joel Pearson
emberOf=cn=staff,ou=groups,dc=company,dc=com,dc=au) And that worked like a charm. As manually provisioning users sounds like way too much effort. On Fri, Jan 5, 2018 at 1:50 AM Jordan Liggitt <jligg...@redhat.com> wrote: > On Thu, Jan 4, 2018 at 5:35 AM, Joel Pearson < > japear...@a

Re: Deployment to OpenStack

2018-01-04 Thread Joel Pearson
; So if anyone can shed any light on this then please do so! > > Could you explain more about 'an alternative is to create a floating ip > range that uses private non-routable ip addressees'? > > > On 04/01/18 20:17, Joel Pearson wrote: > > I had exactly the same concern and I discovere

Re: ansible service catalog continuous failures OpenShift 3.7.0

2018-01-04 Thread Joel Pearson
On Thu, Jan 4, 2018 at 9:31 PM Joel Pearson <japear...@agiledigital.com.au> wrote: > Hi, > > I've installed OpenShift 3.7.0 containerized on OpenStack, and I'm getting > some issues with the service catalog. It's spewing heaps of errors into > the journal. Lots of very large e

Re: Deployment to OpenStack

2018-01-04 Thread Joel Pearson
I had exactly the same concern and I discovered that inside the heat template there is a bastion mode, which once enabled it doesn’t use floating ip’s any more. Have a look at

Re: Deployment to OpenStack

2018-01-05 Thread Joel Pearson
cs for this a bit baffling. Is there anyone on this list who > was involved with creating this who can help get this straight? > On 04/01/18 23:13, Joel Pearson wrote: > > Hi Tim, > > Yes, I only discovered what the basion setting did by looking at the heat > template, as I

Re: Pod persistence without replication controller

2018-01-09 Thread Joel Pearson
You could use a StatefulSet if you want a consistent hostname, it would also ensure that there is a always one running. On Wed, 10 Jan 2018 at 3:49 am, Feld, Michael (IMS) wrote: > Does anyone know why a standalone pod (without a replication controller) > sometimes persists

Re: OpenShift Origin 3.7 Template Broker seems super flaky

2018-01-07 Thread Joel Pearson
lated resources to json, strip out ownerReferences, and create all the resources again. On Mon, Jan 8, 2018 at 12:30 PM Joel Pearson <japear...@agiledigital.com.au> wrote: > Hmm, in my case I don't need to need to restart to cause the problem to > happen. Is there some way to run nigh

OpenShift Origin 3.7 Template Broker seems super flaky

2018-01-07 Thread Joel Pearson
Hi, Has anyone else noticed that the new OpenShift Origin 3.7 Template Broker seems super flaky? For example, if I deploy a Jenkins (Persistent or Ephemeral), and then I modify the route, by adding an annotation for example: kubernetes.io/tls-acme: 'true' I have

Re: OpenShift Origin 3.7 Template Broker seems super flaky

2018-01-07 Thread Joel Pearson
ce? On 8 January 2018 at 15:29, Ben Parees <bpar...@redhat.com> wrote: > > > On Sun, Jan 7, 2018 at 9:35 PM, Joel Pearson < > japear...@agiledigital.com.au> wrote: > >> Ahh, I looked into all the obje

Limiting which LDAP users can login

2018-01-04 Thread Joel Pearson
Hi, I just wanted to check what the proper way is to limit which users are allowed to login to OpenShift via an LDAP group. There doesn't seem to be a way during authentication, but on the authorisation side of things I found that if I removed "system:authenticated" from the basic-user cluster

ansible service catalog continuous failures OpenShift 3.7.0

2018-01-04 Thread Joel Pearson
Hi, I've installed OpenShift 3.7.0 containerized on OpenStack, and I'm getting some issues with the service catalog. It's spewing heaps of errors into the journal. Lots of very large errors. In the end it looks like it isn't deploying properly because it can't find the tag it is after, as I

Re: Passthrough TLS route not working

2018-01-19 Thread Joel Pearson
What mode are you running the AWS load balancers in? You probably want to run them as TCP load balancers and not HTTP. That way as you say the SNI will not get messed with. On Sat, 20 Jan 2018 at 4:45 am, Marc Boorshtein wrote: > So if I bypass the AWS load balancer,

Re: Passthrough TLS route not working

2018-01-19 Thread Joel Pearson
20, 2018 at 8:55 AM Joel Pearson <japear...@agiledigital.com.au> wrote: > What mode are you running the AWS load balancers in? You probably want to > run them as TCP load balancers and not HTTP. That way as you say the SNI > will not get messed with. > On Sat, 20 Jan 201

Re: Deployment getting deleted when running configure.yml again

2018-01-30 Thread Joel Pearson
I presume you’re running OpenShift 3.7? If you’re running the new template broker (openshift-ansible installs it) it has a nasty bug that does what you describe. But you can work around it by removing an owner reference see:

Re: Deployment getting deleted when running configure.yml again

2018-02-13 Thread Joel Pearson
The information about where the bug is fixed is: https://lists.openshift.redhat.com/openshift-archives/users/2018-January/msg00042.html On Mon, 5 Feb 2018 at 8:19 pm, Alon Zusman wrote: > Yes I do. This fix worked for few times but then it started to make the > router and

How to use DNS hostname of OpenShift on AWS

2018-02-21 Thread Joel Pearson
Hi, I'm trying to figure out how to use the DNS hostname when deploying OpenShift on AWS using https://github.com/openshift/openshift-ansible-contrib/tree/master/reference-architecture/aws-ansible Currently it uses private dns name, eg, ip-10-2-7-121.ap-southeast-2.compute.internal but that isn't

Re: How to use DNS hostname of OpenShift on AWS

2018-02-21 Thread Joel Pearson
anced_install.html > that shows how to define the master/etcd/nodes, and those names should be > used as the hostnames in the cluster. > > > > *From:* users-boun...@lists.openshift.redhat.com [mailto: > users-boun...@lists.openshift.redhat.com] *On Behalf Of *Joel Pearson > *S

Re: openvswitch?

2017-12-20 Thread Joel Pearson
It’s in the paas repo http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin/ On Thu, 21 Dec 2017 at 1:09 am, Tim Dudgeon wrote: > I just starting hitting this error when using the ansible installer > (installing v3.70 from openshift-ansible on branch release-3.7).

Re: nginx in front of haproxy ?

2018-01-03 Thread Joel Pearson
It’s also worth mentioning that the console is not haproxy. That is the router, which run on the infrastructure nodes. The console/api server runs something else. On Wed, 3 Jan 2018 at 1:46 am, Fabio Martinelli < fabio.martinelli.1...@gmail.com> wrote: > It was actually needed to rewrite the

What is the most current OpenShift on OpenStack playbooks?

2018-08-29 Thread Joel Pearson
Hi, I just wanted to find out if https://github.com/openshift/openshift-ansible-contrib/tree/master/playbooks/provisioning/openstack is still the most current for deploying OpenShift on OpenStack? I had a read of

Re: How to make 172.30.0.1 (kubernetes service) health checked?

2018-09-10 Thread Joel Pearson
- if you still see > the master IP in that list after 15s then something else is wrong. > > On Wed, Jun 27, 2018 at 9:33 AM, Joel Pearson < > japear...@agiledigital.com.au> wrote: > >> Hi, >> >> I'm running OpenShift 3.9 on AWS with masters in HA mode usin

Re: scheduler policy to spread pods

2018-07-04 Thread Joel Pearson
You’re probably after pod anti-affinity? https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity That lets you tell the scheduler that the pods aren’t allowed to be on the same node for example. On Wed, 4 Jul 2018 at 8:51 pm, Tim Dudgeon wrote: > I've got a

Re: scheduler policy to spread pods

2018-07-04 Thread Joel Pearson
Here’s an OpenShift reference for the same thing. https://docs.openshift.com/container-platform/3.6/admin_guide/scheduling/pod_affinity.html On Wed, 4 Jul 2018 at 9:14 pm, Joel Pearson wrote: > You’re probably after pod anti-affinity? > https://kubernetes.io/docs/concepts/configuration/

Re: OpenStack cloud provider problems

2018-01-17 Thread Joel Pearson
Complete stab in the dark, but maybe your OpenStack account doesn’t have enough privileges to be able to complete an install? On Wed, 17 Jan 2018 at 9:46 pm, Tim Dudgeon wrote: > I'm still having problems getting the OpenStack cloud provider running. > > I have a minimal

Re: OpenStack cloud provider problems

2018-01-17 Thread Joel Pearson
trying to do something in OpenStack > but this is failing. > > But what is it trying to do? > > On 17/01/18 10:49, Joel Pearson wrote: > > Complete stab in the dark, but maybe your OpenStack account doesn’t have > enough privileges to be able to complete an install? > On W

Re: Can the Origin Ansible Playbook stop on "Restart node" **fatal** errors?

2018-03-14 Thread Joel Pearson
You could edit the openshift-ansible\playbooks\common\openshift-node\restart.yml and add: max_fail_percentage: 0 under serial: "{{ openshift_restart_nodes_serial | default(1) }}" That, in theory, should make it fail straight away. On Wed, Mar 14, 2018 at 9:46 PM Alan Christie <

Re: glusterfs setup

2018-03-28 Thread Joel Pearson
“Distributed-Three-way replication is the only supported volume type.” https://access.redhat.com/documentation/en-us/red_hat_gluster_storage/3.2/html/container-native_storage_for_openshift_container_platform/ch03s02 On Thu, 29 Mar 2018 at 12:00 am, Tim Dudgeon wrote: >

Re: glusterfs setup

2018-03-28 Thread Joel Pearson
You’d have to run your Gluster cluster separate from OpenShift if you want a different volume type I’m guessing. On Thu, 29 Mar 2018 at 12:15 am, Tim Dudgeon <tdudgeon...@gmail.com> wrote: > Ah!, that's a shame. > > Tim > > On 28/03/18 14:11, Joel Pearson wrote: >

Re: Accessing Remote Files via SSHFS

2018-03-28 Thread Joel Pearson
A quick google found this: https://karlstoney.com/2017/03/01/fuse-mount-in-kubernetes/ It looks like the approach would work for you too. But it’s worth mentioning that he’s doing the mount from within the container, so he needs the pod to start as a privileged pod. You can do that in open shift

Re: FW: installing newest OCP 3.9 on RHEL 7.4 failed (MODULE ERROR)

2018-04-02 Thread Joel Pearson
Do you have a Redhat subscription? If not, you shouldn’t be trying to install OCP but rather Origin. If you don’t have a subscription configured then that’d probably explain why it can’t find the rpms. On Mon, 2 Apr 2018 at 8:35 pm, Lukas Budiman wrote: > I am really

Re: TSB fails to start

2018-03-20 Thread Joel Pearson
Are you using calico or something like that? If so why not consider a regular overlay network just to get it working? On Thu, 15 Mar 2018 at 5:26 am, Tim Dudgeon wrote: > A little more on this. > One the nodes that are not working the file >

OpenShift Origin 3.9.0 release imminent?

2018-03-20 Thread Joel Pearson
Is the OpenShift Origin 3.9.0 release imminent? I noticed the tag appeared 4 days ago, but without any detail yet: https://github.com/openshift/origin/releases ___ users mailing list users@lists.openshift.redhat.com

Re: Reverse Proxy using Nginx

2018-03-20 Thread Joel Pearson
What do you want Nginx for? OpenShift has a component called the Router which routes traffic. It is based on Haproxy. You could run an nginx container that the router will send traffic to, but if you’re just trying to expose other apps. Then just use the built in Router. Unless you’re talking

Re: route resolution happens intermittently

2018-03-20 Thread Joel Pearson
Sounds like your DNS configuration is a bit weird. Do you control the DNS server where you put that myapps domain? How did you figure the nodes to use DNS? On Fri, 16 Mar 2018 at 3:47 pm, abdul nizam wrote: > Hi All, > > I have 2 nodes and one master. > I have installed OSE

Re: Pods stuck on Terminating status

2018-03-20 Thread Joel Pearson
I had this at one point, but it was before I cared about the data in that cluster so I just rebuilt it, so you could just rebuild your cluster ;) But in all seriousness sounds like you need to do some etcd surgery, but I have no idea how that works. On Tue, 20 Mar 2018 at 4:00 am, bahhooo

Re: Reverse Proxy using Nginx

2018-03-20 Thread Joel Pearson
sing it. > > On Tue, Mar 20, 2018, 9:43 AM Joel Pearson <japear...@agiledigital.com.au> > wrote: > >> What do you want Nginx for? OpenShift has a component called the Router >> which routes traffic. It is based on Haproxy. You could run an nginx >> container tha

Re: OC client slowness Windows

2018-10-08 Thread Joel Pearson
My guess is that you’ve probably got some antivirus software interfering. I’d recommend disabling all antivirus software and seeing if the performance improves. It’s very slow for me at one of my client sites, but I’ve discovered so is Cygwin in general, so I think it’s related to the Symantec

Re: https route stopped working

2018-10-08 Thread Joel Pearson
and why this fix became necessary. > > On 07/10/18 21:14, Joel Pearson wrote: > > Have you tried looking at the generated haproxy file inside the router? It > might give some hints as to what went wrong. I presume you’ve already tried > recreating the route? > On Wed, 3 Oct 2018 a

Re: OpenShift Origin on AWS

2018-10-09 Thread Joel Pearson
ent but > was too focused on searching for a CloudFormation template. I'll go back to > the reference architecture which I'm sure will answer at least some of my > questions. > > On Sun, Oct 7, 2018 at 4:24 PM Joel Pearson > wrote: > >> Have you seen the AWS re

Re: https route stopped working

2018-10-07 Thread Joel Pearson
Have you tried looking at the generated haproxy file inside the router? It might give some hints as to what went wrong. I presume you’ve already tried recreating the route? On Wed, 3 Oct 2018 at 2:30 am, Tim Dudgeon wrote: > We've hit a problem with a HTTPS route that used to work fine has now >

Re: OpenShift Origin on AWS

2018-10-07 Thread Joel Pearson
Have you seen the AWS reference architecture? https://access.redhat.com/documentation/en-us/reference_architectures/2018/html/deploying_and_managing_openshift_3.9_on_amazon_web_services/index# On Tue, 2 Oct 2018 at 3:11 am, Peter Heitman wrote: > I've created a CloudFormation Stack for simple

Re: IPv6

2018-09-25 Thread Joel Pearson
It looks like not, I found some references saying that Kubernetes has alpha support in 1.9 and some improvements in 1.10 https://github.com/kubernetes/kubernetes/issues/1443 https://github.com/kubernetes/kubernetes/issues/62822 I did find this article suggesting that you might be able to use

Re: Atomic Host support on OpenShift 3.11 and up

2018-09-25 Thread Joel Pearson
Clayton, does this mean that in OpenShift 4.0 you'd be able to take a vanilla kubernetes installation and then install a bunch of OpenShift operators and basically have an OpenShift cluster? Or is that not really the goal of migration to operators? Is it just to make future OpenShift releases

Re: How do edit Grafana dashboards in OpenShift 3.11

2019-01-03 Thread Joel Pearson
Oh, it looks like it's read-only in 3.11: https://bugzilla.redhat.com/show_bug.cgi?id=1652536 On Thu, 3 Jan 2019 at 22:49, Joel Pearson wrote: > Hi, > > I found the grafana instance in OpenShift 3.11 in the openshift-monitoring > project. > > I'm wondering how do I mod

How do edit Grafana dashboards in OpenShift 3.11

2019-01-03 Thread Joel Pearson
Hi, I found the grafana instance in OpenShift 3.11 in the openshift-monitoring project. I'm wondering how do I modify the dashboards? It seems to be in read-only mode. I'm a cluster-admin so I thought that it would give me write access. I'm guessing there is another role that gives that

Re: RPMs for 3.11 still missing from the official OpenShift Origin CentOS repo

2019-01-06 Thread Joel Pearson
I think it's worth mentioning here that the RPMs at http://mirror.centos.org/centos/7/paas/x86_64/openshift-origin311/ have a critical security vulnerability, I think it's unsafe to use the RPMs if you're planning on having your cluster available on the internet.

Re: RPMs for 3.11 still missing from the official OpenShift Origin CentOS repo

2019-01-06 Thread Joel Pearson
On Mon, 7 Jan 2019 at 8:01 am, mabi wrote: > ‐‐‐ Original Message ‐‐‐ > On Sunday, January 6, 2019 12:28 PM, Joel Pearson < > japear...@agiledigital.com.au> wrote: > > I think it's worth mentioning here that the RPMs at > http://mirror.centos.org/centos/7/paas/x8

Re: RPMs for 3.11 still missing from the official OpenShift Origin CentOS repo

2019-01-07 Thread Joel Pearson
:13 PM, Joel Pearson < > japear...@agiledigital.com.au> wrote: > > It looks like the RPMs will eventually get the security fix according to > the other reply from Daniel Comnea. But with containers you could have a > fix within a day as opposed to waiting for new tag which still has

Re: [ssl] oc cluster up

2019-02-27 Thread Joel Pearson
Why not use an ansible installation for a single node instead? Then you can let ansible configure everything properly for you. Sent from my iPhone > On 28 Feb 2019, at 9:02 am, Pavel Maslov wrote: > > With my original question, I meant how can I secure the Web Console (I was > able to

Re: [OKD/OCP v4]: deployment on a single node using CodeReady Container

2019-09-18 Thread Joel Pearson
With CodeReady Container, it's not possible to use it without virtualisation right? Because it needs CoreOS, and can't startup on an existing docker installation like you can with "oc cluster up"? I'm only asking because I almost got OKD 3.11 running on Windows 10 WSL (windows subsystem for

Re: [OKD/OCP v4]: deployment on a single node using CodeReady Container

2019-09-19 Thread Joel Pearson
re is no more all-in-one containerized support for OpenShift so >> more 'oc cluster up' for OpenShift 4.x. >> >> []s, Fernando Lozano >> >> >> On Wed, Sep 18, 2019 at 9:44 AM Joel Pearson < >> japear...@agiledigital.com.au> wrote: >> >&g

How to use extra trusted CA certs when pulling images for a builder

2019-11-10 Thread Joel Pearson
l:7.7" as "registry.redhat.io/ubi7-minimal:7.7": Error initializing source docker://registry.redhat.io/ubi7-minimal:7.7: pinging docker registry returned: Get https://registry.redhat.io/v2/: x509: certificate signed by unknown authority Thanks, Joel -- Kind Regards, Joel Pearson Agile Digit

Re: How to use extra trusted CA certs when pulling images for a builder

2019-11-11 Thread Joel Pearson
On Tue, 12 Nov 2019 at 12:26 am, Ben Parees wrote: > > > On Mon, Nov 11, 2019 at 1:17 AM Joel Pearson < > japear...@agiledigital.com.au> wrote: > >> Hi, >> >> I’m trying to build an image in Openshift 4.2 where my internet has an >> MITM proxy. >&

Re: How to use extra trusted CA certs when pulling images for a builder

2019-11-17 Thread Joel Pearson
On Mon, 18 Nov 2019 at 13:05, Clayton Coleman wrote: > Raise a bug to the installler component, yes > Ok thanks, I raised a bug here: https://bugzilla.redhat.com/show_bug.cgi?id=1773419 > On Nov 17, 2019, at 6:03 PM, Joel Pearson > wrote: > > On Mon, 18 Nov 2019 at 12:37,

How to recover from failed update in OpenShift 4.2.x?

2019-11-17 Thread Joel Pearson
So, I'm running OpenShift 4.2 on Azure UPI following this blog article: https://blog.openshift.com/openshift-4-1-upi-environment-deployment-on-microsoft-azure-cloud/ with a few customisations on the terraform side. One of the main differences it seems, is how the router/ingress is handled. Normal

  1   2   >