On Thu, Dec 15, 2016 at 2:25 AM, Pri <priyanka4opensh...@gmail.com> wrote:
> Thanks Igor and Akram, I was able to configure with TCP on ELB. For HA
> what if a region has only two availability zones? can we configure 2
> masters in one and 1 master in other AZ.
>
> I am not running etcd externally as of now, its embedded in master hosts
> itself. Is this the right architecture?
>
How do you have your Ansible inventory configured? What's your Ansible
hosts file look like?
> Also I have one more query, how to restart master if I make any change in
> master-config.yaml. "systemctl restart atomic-openshift-master" doesn't
> seem to work.
>
If you have multiple masters you need to:
* change it on all masters
* restart atomic-openshift-master-controllers and -api -- the -master
service doesn't run/do anything in an HA/multi-master cluster.
>
> Thanks,
> Priya
>
>
> On Thu, Dec 15, 2016 at 3:13 AM, Akram Ben Aissi <akram.benai...@gmail.com
> > wrote:
>
>> on more point: You need 3 masters for HA, unless you are running etcd
>> externally.
>>
>>
>> On 14 December 2016 at 18:25, Igor Katson <igor.kat...@gmail.com> wrote:
>>
>>> Hi, Pri, here's how the setup works for us in prod:
>>>
>>>
>>> - the master ELB MUST be configured to do TCP balancing on port 443.
>>> Not HTTPS. You need to do TCP, because the masters do TLS termination and
>>> SNI by themselves.
>>> - the "openshift_master_cluster_hostname" variable is set to the
>>> name of the ELB. Actually, in our setup it is an extra DNS record which
>>> is
>>> a CNAME to the ELB, so that we can change the ELB if needed. E.g.
>>> "internal.openshift.youdomain" that is a CNAME to the ELB.
>>> - the "openshift_master_cluster_public_hostname" is set to the
>>> publicly-visible DNS name, that also points to this ELB. E.g.
>>> "openshift.yourdomain", where you can get valid SSL certs issued.
>>>
>>> In case you have a public SSL cert, you may put smth like this into
>>> inventory (make sure it's a valid json string):
>>> "openshift_master_named_certificates": [
>>> {
>>> "certfile": "your-cert-file-on-ansible-machine", // this may
>>> include intermediate certs bundled
>>> "keyfile": "your-key-file-on-ansible-machine"
>>> }
>>> ],
>>>
>>> On Wed, Dec 14, 2016 at 7:07 AM, Pri <priyanka4opensh...@gmail.com>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> I am setting openshift HA cluster with 2 masters and 2 nodes on AWS. I
>>>> want my masters to be backed by Elastic load balancer. But it doesnt work
>>>> when I give "openshift_master_cluster_hostname=<myELB>" as ELB
>>>> hostname in ansible. So I tried giving one of the masters hostnames here
>>>> which worked fine. After that I configured ELB on AWS and added 2 master
>>>> instances. Now the problem is whenever I access openshift console using ELB
>>>> hostname it just redirects me to master IP address which is not what we
>>>> want, hostname on browser should always be consistent.
>>>>
>>>> Also I am not very sure which SSL certificate to configure on ELB when
>>>> it listens of HTTPS port 443 for console access.
>>>>
>>>>
>>>> Could you please help me with this?
>>>>
>>>> Thanks a lot for help
>>>>
>>>> Thanks,
>>>> Priya
>>>>
>>>> _______________________________________________
>>>> dev mailing list
>>>> dev@lists.openshift.redhat.com
>>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
>>>>
>>>>
>>>
>>> _______________________________________________
>>> dev mailing list
>>> dev@lists.openshift.redhat.com
>>> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
>>>
>>>
>>
>
> _______________________________________________
> dev mailing list
> dev@lists.openshift.redhat.com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
>
>
_______________________________________________
dev mailing list
dev@lists.openshift.redhat.com
http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
