Re: Secrets not available anymore with 1.3.0
Any news on this? This is really a blocking issue to upgrade to 1.3.0 for us. Thanks Philippe ___ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users
Re: Secrets not available anymore with 1.3.0
It's definitely an issue related to 1.3.0. I have downgraded the cluster to 1.2.1, and it works again :( ___ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users
Re: Secrets not available anymore with 1.3.0
Is this what you're looking for? secret.go:152] Setting up volume airbrake-secrets for pod 41cdd02f-84ea-11e6-be87-005056b17dcc at /var/lib/origin/openshift.local.volumes/pods/41cdd02f-84ea-11e6-be87-005056b17dcc/volumes/ kubernetes.io~secret/airbrake-secrets nsenter_mount.go:183] findmnt command: nsenter [--mount=/rootfs/proc/1/ns/mnt -- /bin/findmnt -o target,fstype --noheadings --first-only --target /var/lib/origin/openshift.local.volumes/pods/41cdd02f-84ea-11e6-be87-005056b17dcc/volumes/ kubernetes.io~secret/airbrake-secrets] secret.go:179] Received secret gemnasium-staging/airbrake containing (2) pieces of data, 40 total bytes atomic_writer.go:316] /var/lib/origin/openshift.local.volumes/pods/41cdd02f-84ea-11e6-be87-005056b17dcc/volumes/ kubernetes.io~secret/airbrake-secrets: current paths: [airbrake-key airbrake-project-id] atomic_writer.go:328] /var/lib/origin/openshift.local.volumes/pods/41cdd02f-84ea-11e6-be87-005056b17dcc/volumes/ kubernetes.io~secret/airbrake-secrets: new paths: [airbrake-key airbrake-project-id] atomic_writer.go:331] /var/lib/origin/openshift.local.volumes/pods/41cdd02f-84ea-11e6-be87-005056b17dcc/volumes/ kubernetes.io~secret/airbrake-secrets: paths to remove: map[] atomic_writer.go:136] pod gemnasium-staging/gemnasium-api-v1-3-xxi0j volume airbrake-secrets: no update required for target directory /var/lib/origin/openshift.local.volumes/pods/41cdd02f-84ea-11e6-be87-005056b17dcc/volumes/ kubernetes.io~secret/airbrake-secrets I can't find any error related to that :( ___ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users
Re: Secrets not available anymore with 1.3.0
Which version of Docker are you running? Paul, do those propagation settings look correct? On Tue, Sep 27, 2016 at 3:40 PM, Philippe Lafoucrière < philippe.lafoucri...@tech-angels.com> wrote: > Hi, > > We're testing OS 1.3.0 on our test cluster, and have something weird > happening. > The secrets are mounted, but apparently not readable anymore in _some_ > pods: > > This is on openshift 1.2.1: > > { > "Source": "/var/lib/origin/openshift.local.volumes/pods/3f7a5adc- > 84b1-11e6-8101-005056b12d45/volumes/kubernetes.io~secret/ > airbrake-secrets", > "Destination": "/etc/secrets/airbrake", > "Mode": "ro,Z", > "RW": false > } > > and on openshift 1.3.0: > > { > "Source": "/var/lib/origin/openshift.local.volumes/pods/19df38db- > 84e9-11e6-be87-005056b17dcc/volumes/kubernetes.io~secret/ > airbrake-secrets", > "Destination": "/etc/secrets/airbrake", > "Mode": "ro,Z", > "RW": false, > "Propagation": "rslave" > }, > > Only the propagation is different, but it should not be an issue. > I can't get a shell inside the container, because it's just an executable > wrapped inside a "scratch" docker image. > > The pods with a shell don't seem to this problem, and I can see the > secrets mounted and used as usual. > > Any hints? > > Thanks, > Philippe > > > ___ > users mailing list > users@lists.openshift.redhat.com > http://lists.openshift.redhat.com/openshiftmm/listinfo/users > > ___ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users
Secrets not available anymore with 1.3.0
Hi, We're testing OS 1.3.0 on our test cluster, and have something weird happening. The secrets are mounted, but apparently not readable anymore in _some_ pods: This is on openshift 1.2.1: { "Source": "/var/lib/origin/openshift.local.volumes/pods/3f7a5adc-84b1-11e6-8101-005056b12d45/volumes/ kubernetes.io~secret/airbrake-secrets", "Destination": "/etc/secrets/airbrake", "Mode": "ro,Z", "RW": false } and on openshift 1.3.0: { "Source": "/var/lib/origin/openshift.local.volumes/pods/19df38db-84e9-11e6-be87-005056b17dcc/volumes/ kubernetes.io~secret/airbrake-secrets", "Destination": "/etc/secrets/airbrake", "Mode": "ro,Z", "RW": false, "Propagation": "rslave" }, Only the propagation is different, but it should not be an issue. I can't get a shell inside the container, because it's just an executable wrapped inside a "scratch" docker image. The pods with a shell don't seem to this problem, and I can see the secrets mounted and used as usual. Any hints? Thanks, Philippe ___ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users