PERFECT! Thanks. added it at the end: docker run -d --name "origin" --privileged --pid=host --net=bridge -p 8443:8443 -v /:/rootfs:ro -v /var/run:/var/run:rw -v /sys:/sys -v /v/lib/docker:/var/lib/docker:rw -v /var/lib/origin/openshift.local.volumes:/var/lib/origin/openshift.local.volumes -h openshift.tremolo.lan openshift/origin start --public-master openshift.tremolo.lan
and now i can get to the console no problem! On Tue, Feb 16, 2016 at 10:42 AM, Clayton Coleman <[email protected]> wrote: > It's an origin flag - add it at the end. > > On Tue, Feb 16, 2016 at 10:41 AM, Marc Boorshtein <[email protected]> > wrote: > > Thanks Clayton. Is "--public-master" a docker flag? When I try it I > get: > > > > [root@openshift ~]# docker run -d --name "origin" --privileged > > --pid=host --net=bridge -p 8443:8443 -v /:/rootfs:ro -v > > /var/run:/var/run:rw -v /sys:/sys -v /var/lib/docker:/var/lib/docker:rw > > -v > > > /var/lib/origin/openshift.local.volumes:/var/lib/origin/openshift.local.volumes > > --public-master openshift.tremolo.lan -h openshift.tremolo.lan > > openshift/origin start > > > > flag provided but not defined: --public-master > > > > It looks like its passed to the openshift command, not docker? > > > > Thanks > > > > > > On Tue, Feb 16, 2016 at 10:21 AM, Clayton Coleman <[email protected]> > > wrote: > >> > >> The console is served on whatever you provide as "--public-master" to > >> the docker run command. > >> > >> I don't think we've seen this particular one yet - we definitely > >> tightened our accepted ciphers list to pull the insecure ones out, but > >> please open an issue and we'll track it down. > >> > >> On Tue, Feb 16, 2016 at 9:18 AM, Marc Boorshtein <[email protected] > > > >> wrote: > >> > All, > >> > > >> > I tried downloading and setting up openshift on docker > >> > docker-engine-1.10.1-1 on centos7. I used the following command to > get > >> > up > >> > and running: > >> > > >> > docker run -d --name "origin" --privileged --pid=host > >> > --net=bridge > >> > -p 8443:8443 -v /:/rootfs:ro -v /var/run:/var/run:rw -v > >> > /sys:/sys -v > >> > /var/lib/docker:/var/lib/docker:rw -v > >> > > >> > > /var/lib/origin/openshift.local.volumes:/var/lib/origin/openshift.local.volumes > >> > -h openshift.xxx.lan openshift/origin start > >> > > >> > When I try to go to the console on 8443 I get redirected to a 172 > >> > address > >> > and firefox complains that the SSL connection is broken: > >> > > >> > Secure Connection Failed > >> > > >> > An error occurred during a connection to openshift.xxxx.lan:8443. > >> > security > >> > library: improperly formatted DER-encoded message. (Error code: > >> > sec_error_bad_der) > >> > > >> > The page you are trying to view cannot be shown because the > >> > authenticity > >> > of the received data could not be verified. > >> > Please contact the website owners to inform them of this problem. > >> > > >> > but when I check the connection I get the following: > >> > [root@openshift ~]# openssl s_client -connect > >> > 'openshift.tremolo.lan:8443' > >> > CONNECTED(00000003) > >> > depth=1 CN = openshift-signer@1455630818 > >> > verify error:num=19:self signed certificate in certificate chain > >> > verify return:0 > >> > --- > >> > Certificate chain > >> > 0 s:/CN=127.0.0.1 > >> > i:/CN=openshift-signer@1455630818 > >> > 1 s:/CN=openshift-signer@1455630818 > >> > i:/CN=openshift-signer@1455630818 > >> > --- > >> > Server certificate > >> > -----BEGIN CERTIFICATE----- > >> > MIID8TCCAtugAwIBAgIBBjALBgkqhkiG9w0BAQswJjEkMCIGA1UEAwwbb3BlbnNo > >> > aWZ0LXNpZ25lckAxNDU1NjMwODE4MB4XDTE2MDIxNjEzNTM0MloXDTE4MDIxNTEz > >> > NTM0M1owFDESMBAGA1UEAxMJMTI3LjAuMC4xMIIBIjANBgkqhkiG9w0BAQEFAAOC > >> > AQ8AMIIBCgKCAQEA8NVlc/xYxrdo6ucYHoCtKvAjTxyCfdsAPGBm/VHbFQ+qLEIn > >> > 6zk9eIKQ8kIHbm7xYFLFsvgBcmZwg6vf3NJoovaQREGqUo43Kuv2yk1NBVK5t3c9 > >> > bA4fmNJFCjy31JsoSyYm/ndsVatF0y5K8YlFzgyFyMoOuWGuMTiAZAKqHW307/QM > >> > IHkmMBt6++tO04F2f9T2Z9h/V677iJ9QC7YiGF+KL9hM7F4S/dwQWiwPso4gMaQF > >> > QdvXv9OZoRQ6/0YY/UnLJFoF/hfLt4oODu0GSMK9BAuS/67aJilexcSDXXGeSuIh > >> > OgN79UAW70bbd+OR8AqxU3EjiE8P9LMb87EpwwIDAQABo4IBPjCCATowDgYDVR0P > >> > AQH/BAQDAgCgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwggED > >> > BgNVHREEgfswgfiCCmt1YmVybmV0ZXOCEmt1YmVybmV0ZXMuZGVmYXVsdIIWa3Vi > >> > ZXJuZXRlcy5kZWZhdWx0LnN2Y4Ika3ViZXJuZXRlcy5kZWZhdWx0LnN2Yy5jbHVz > >> > dGVyLmxvY2Fsgglsb2NhbGhvc3SCCW9wZW5zaGlmdIIRb3BlbnNoaWZ0LmRlZmF1 > >> > bHSCFW9wZW5zaGlmdC5kZWZhdWx0LnN2Y4Ijb3BlbnNoaWZ0LmRlZmF1bHQuc3Zj > >> > LmNsdXN0ZXIubG9jYWyCCTEyNy4wLjAuMYIKMTcyLjE3LjAuMoIKMTcyLjMwLjAu > >> > MYcEfwAAAYcErBEAAocErB4AATALBgkqhkiG9w0BAQsDggEBAAgxc6TRaCcT5jBP > >> > Mj6K3CUkhN8S/3Us0gHIQ0ZYIvpzfi+HH9vUggS44E3I9OI2TN5pTZ0vDSbLMEva > >> > VfvlZHsi4qlA/72rP50Gw+GMooofc8FHo08AXM2Lf/jE8/w88F4kXLZqVvnsQ/N4 > >> > bxSDg+0tydEAVoBopcvIyUj7QGFT7MT7icHe2ql6vnoXwZzeTLEKoNSk/NXlbLs8 > >> > IDW9bAa941SBYoVwyXsL5e4y7xqI4fKMX/gbF2FjAIwxa9PfeZKZ4bFNKY0b4LAr > >> > Jl3NXbpbzmYlGqJwCBjY5JdOmXpjvkUv7ynYuV/ov65zz9RCfDp4CYDiZG80cgdj > >> > Z1EmREE= > >> > -----END CERTIFICATE----- > >> > subject=/CN=127.0.0.1 > >> > issuer=/CN=openshift-signer@1455630818 > >> > --- > >> > Acceptable client certificate CA names > >> > /CN=openshift-signer@1455630818 > >> > Server Temp Key: ECDH, prime256v1, 256 bits > >> > --- > >> > SSL handshake has read 2414 bytes and written 385 bytes > >> > --- > >> > New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256 > >> > Server public key is 2048 bit > >> > Secure Renegotiation IS supported > >> > Compression: NONE > >> > Expansion: NONE > >> > SSL-Session: > >> > Protocol : TLSv1.2 > >> > Cipher : ECDHE-RSA-AES128-GCM-SHA256 > >> > Session-ID: > >> > 0F1D94EB43646490A6FAFE006BEC3149C48B8A11ACA71CD7B04FD6FA9EAFA0CC > >> > Session-ID-ctx: > >> > Master-Key: > >> > > >> > > 3885305A1D2D8CCFB59A8C535ED0FD23388E774B6262EEF848A5E6B916C2471D1171A87A07AAF7D981916E2F57DDB8A1 > >> > Key-Arg : None > >> > Krb5 Principal: None > >> > PSK identity: None > >> > PSK identity hint: None > >> > TLS session ticket: > >> > 0000 - f9 2d fc 2d 20 77 06 2a-eb 9d 85 e1 ea 9f 3a 82 .-.- > >> > w.*......:. > >> > 0010 - a1 c4 b2 10 89 ee 94 33-31 62 fe f4 44 3f e1 16 > >> > .......31b..D?.. > >> > 0020 - 4d af 2a 01 b6 f6 d2 62-b7 c2 a6 6c 75 d1 c3 a2 > >> > M.*....b...lu... > >> > 0030 - 90 89 2f 22 eb 02 71 08-38 3b aa 7e ee 0f 39 ee > >> > ../"..q.8;.~..9. > >> > 0040 - 52 2e f2 1f 47 63 56 a8-65 79 01 7a ab 0d f7 de > >> > R...GcV.ey.z.... > >> > 0050 - 13 b0 6c 49 58 23 46 dc-ec 00 9a 3c 95 3d 87 6c > >> > ..lIX#F....<.=.l > >> > 0060 - b2 da de d4 25 e6 94 87- ....%... > >> > > >> > Start Time: 1455632113 > >> > Timeout : 300 (sec) > >> > Verify return code: 19 (self signed certificate in certificate > >> > chain) > >> > --- > >> > > >> > A couple of questions: > >> > 1. Is there an environment variable I can set that lets me set the > host > >> > name openshift console redirects to? (so i don't get redirected to an > >> > IP) > >> > 2. Has anyone run into this issue with firefox? Google seems to > think > >> > its > >> > because firefox doesn't support the cipher. > >> > > >> > Any help would be greatly appreciated. > >> > > >> > Thanks > >> > Marc > >> > > >> > _______________________________________________ > >> > users mailing list > >> > [email protected] > >> > http://lists.openshift.redhat.com/openshiftmm/listinfo/users > >> > > > > > >
_______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
