Re: binary tar.gz format

the scripts are in /usr/local/s2i inside the image, so: docker run registry.access.redhat.com/jboss-eap-6/eap64-openshift ls /usr/local/s2i docker run registry.access.redhat.com/jboss-eap-6/eap64-openshift cat /usr/local/s2i/assemble etc On Wed, Mar 16, 2016 at 3:49 PM, Srinivas Naga Kotaru (s

Re: Simple yum update to version 1.4 and docker 1.9 destroyed system

I've removed docker images from my machines and restarted openshift-master and node processes On master (which is also node) where is HA-Proxy located I still got: openshift/origin-haproxy-router:v1.1.3 after docker cleanup openshift/origin-docker-registry:v1.1.3 after docker cleanup I suppose I

Re: DockerBuild Vs STI

Srinivas, I’d like to throw another option your way. Eclipse —> Git —> Jenkins to build and create artifacts —> Jenkins Docker Plug-in to create image -> push image to the built-in openshift docker registry Something you’ll need before the above pipeline, is a configuration already in place on

Re: how to bind a persistent volume claim to a specific persistent volume

Pre binding is something an admin can do as well, I assume? That's our short term story for "here's how I preallocate a claim"? On Mar 17, 2016, at 2:55 PM, Mark Turansky wrote: And to be specific, when the PV is provisioned *for that claim*, it will be pre-bound to that claim and only that cla

Re: DockerBuild Vs STI

On Fri, Mar 18, 2016 at 2:55 AM, Srinivas Naga Kotaru (skotaru) < skot...@cisco.com> wrote: > We’re thinking what is the best approach for our code deployment and > promotion. > > This is our proposed flow for each approach > > Docker build: ( Outside of Openshift) > ==

Insecure webconsole Origin 1.1: connection is unsafe

We have 2 OpenShift platforms. One for DEV and one for TESTS. The test platform is fine and I can see the green lock in my firefox. We have to accept a certificate if we want to connect to the webconsole (https). But now I see this is different for DEV. It's showing the following and you don't h

Re: policy for openshift user who can only push to openshift registry.

I would love to know a good answer to this as well. Currently we create a service account called application_robot, similar to their documentation, this robot is dedicated to the appropriate namespace and is applied via the example: system:service account:default:application_robot. Our automati

Re: can't push to internal registry

We're starting to have this kind of issues lately too (500, 503, etc.). Only solution is to delete the registry pod and sometimes even the router + ipfailover. ​Especially when pods start failing to be deployed, with events: Container image " 172.30.68.98:5000/myproject/myimage@sha256:033b2937b3bf

Re: Need to kill pod

I think I fixed it. It was a failing newrelic-agent DaemonSet. Check https://github.com/openshift/origin-metrics/issues/89 for details. ​ ___ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Simple yum update to version 1.4 and docker 1.9 destroyed system

I've updated my testing system just with yum update (I don't know if this is recommended approach - this is what I am asking) and after restarting of origin-nodes and master and also restarting docker master web UI and kubernetes seemed to work but old docker images won't start and also image push

DockerBuild Vs STI

We’re thinking what is the best approach for our code deployment and promotion. This is our proposed flow for each approach Docker build: ( Outside of Openshift) == Eclipse —> Git —> Jenkins to build and create artifacts —> Jenkins Docker Plug-in to create image and

Re: Simple yum update to version 1.4 and docker 1.9 destroyed system

Image which won't start was my simplest Nginx from this repo: https://github.com/david-strejc/nginx/blob/master/Dockerfile Just openshift/centos7 with nginx and telnet and one html page. But I suppose this was because of docker upgrade. When I've rebuilded image Open Shift said that it cannot pu

Re: Simple yum update to version 1.4 and docker 1.9 destroyed system

Quote: Unless noted otherwise, node and masters within a major version are forward and backward compatible, so upgrading your cluster should go smoothly. However, you should not run mismatched versions longer than necessary to upgrade the entire cluster. I've just upgraded from 1.1.3 to 1.1.4 Bu

Re: policy for openshift user who can only push to openshift registry.

We created `system:image-pusher` back in 1.1.1 with https://github.com/openshift/origin/pull/5962. Check to make sure that your policy is up to date: `oadm policy reconcile-cluster-roles`. By default that makes no changes. If you approve

Re: how to bind a persistent volume claim to a specific persistent volume

I thought the PV "I want this claim" annotation was in 3.2 for dynamic provisioning? On Mar 17, 2016, at 2:49 PM, Mark Turansky wrote: On Thu, Mar 17, 2016 at 2:44 PM, Clayton Coleman wrote: > Do we have doc on how an admin can target a PV to a given PVC? > Not yet, but Volumes documentati

Re: Insecure webconsole Origin 1.1: connection is unsafe

I'd suggest using a tool like curl to try to understand what's happening with certificates. SSL problems are notoriously difficult to diagnose and debug, unfortunately - and this applies to any SSL-using software, not just OpenShift. I personally find "openssl s_client -connect host:443" to be han

policy for openshift user who can only push to openshift registry.

Hi, We have an origin 1.1.3 environment which is running a Jenkins CI-server. In a Jenkins job we're performing the following: - authenticate in OpenShift env to get token - login into openshift docker registry - push image into registry We don't really like the part we need to authenticate in o

Re: how to bind a persistent volume claim to a specific persistent volume

Hi Marc, We're currently developing the ability to label PVs and add a selector to a claim. This will help a claim target a specific PV. That is slated for our 3.3 release. Until then, there's no way to deterministically bind a pvc to a pv. Thanks, Mark On Thu, Mar 17, 2016 at 12:18 PM, Mar

Re: Simple yum update to version 1.4 and docker 1.9 destroyed system

And ​make sure Swap is still disabled after reboot. We learned, the hard way, that it wasn't persistent (due to a bad fstab config) over reboot. With swap enabled, the performance of some services was very bad (2500ms response time vs less than 200ms in normal conditions). _

[Openshift latest] openshift-ansible on aws fails

Hi Openshift team, I am trying to deploy a minimal (1 master, 1 infra, 2 node) openshift on aws. I am having trouble bringing up the cluster in the first place. TASK: [openshift_facts ] ** fatal: [try2-node-compute-e47eb] => One or more undefined

Openshift Routing Haproxy Logging

Good Morning, Anyone have any advice of plucking the access logs out of the haproxy router? I’m pushing a TLS feature and while I love the fact that I get a 502 responses, at this moment, I have zero method to debug this. My guess is that I need to create a custom haproxy image to add some abil

Re: can't push to internal registry

How did you create the registry? Do you have a set of ENV vars defined on the registry deployment config? On Wed, Mar 16, 2016 at 2:44 PM, Robert Wehner wrote: > It looks like it is "oadm v1.1.2-1-gbe558b1". > > > -- > Robert Wehner > Return Path > > On Wed, Mar 16, 2016 at 12:43 PM, Clayton Col

RE: policy for openshift user who can only push to openshift registry.

Thanks, we have the policy. We were searching in the documentation for it because the layout of the ' oc describe clusterPolicy default' command isn't that clear. The documentation isn't up to date about it but it's in our OpenShift: https://docs.openshift.org/latest/admin_guide/manage_authoriza

Re: Simple yum update to version 1.4 and docker 1.9 destroyed system

On Mar 18, 2016 9:29 AM, "David Strejc" wrote: > > I've removed docker images from my machines and restarted openshift-master and node processes > > On master (which is also node) where is HA-Proxy located I still got: > > openshift/origin-haproxy-router:v1.1.3 after docker cleanup > openshift/ori

how to bind a persistent volume claim to a specific persistent volume

I think I'm missing something. My container requires several persistent volumes for configuration data. Right now the only way I can guarantee that the PVC maps to the PV I want is to do them in order (create PV1, create PVC1, create PV2, create PVC2, etc). This works fine, but I'd like to creat

Re: binary tar.gz format

On Wed, Mar 16, 2016 at 3:28 PM, Srinivas Naga Kotaru (skotaru) < skot...@cisco.com> wrote: > Ben > > Did binary deploy using —from-dir support .sti/bin/run script? > ​it really has nothing to do with the run script. the contents supplied via --from-dir end up being made available to the assembl

OpenShift installation on Amazon

Hi, I saw the OpenShift installer of the community: https://github.com/openshift/openshift-ansible/tree/master/playbooks/aws/openshift-cluster I've 2 questions about it: - I've a (maybe stupid) question about the OpenShift installation on AWS. It's working fine now but do I have to assign an elas

Re: how to bind a persistent volume claim to a specific persistent volume

In general, we should doc it, and have QE test it. We should probably have an admin command that does this, because it comes up often enough. oc create persistentvolume X ... --claim-ref=... On Thu, Mar 17, 2016 at 3:18 PM, Mark Turansky wrote: > > > On Thu, Mar 17, 2016 at 3:15 PM, Clayton Col

Re: Use --insecure-registry tag on Secure OpenShift registry?

Looping the list back into the conversation From: Lorenz Vanthillo mailto:lorenz.vanthi...@outlook.com>> Date: Wednesday, 16 March 2016 at 10:18 PM To: Tim Moor mailto:tim.m...@spring.co.nz>> Subject: RE: Use --insecure-registry tag on Secure OpenShift registry? Oc login Docker login on registry

Re: how to bind a persistent volume claim to a specific persistent volume

Thanks Mark. For now I'll build that into my deployment instructions. Thanks On Thu, Mar 17, 2016 at 1:46 PM, Mark Turansky wrote: > Hi Marc, > > We're currently developing the ability to label PVs and add a selector to > a claim. This will help a claim target a specific PV. That is slated f

Re: Simple yum update to version 1.4 and docker 1.9 destroyed system

You'll definitely need to follow the upgrade documentation, in particular upgrading those two components are here but you should give the whole doc a read through. https://docs.openshift.org/latest/install_config/upgrading/manual_upgrades.html#upgrading-the-router https://docs.openshift.org/latest/

Re: how to bind a persistent volume claim to a specific persistent volume

Do we have doc on how an admin can target a PV to a given PVC? On Mar 17, 2016, at 1:48 PM, Mark Turansky wrote: Hi Marc, We're currently developing the ability to label PVs and add a selector to a claim. This will help a claim target a specific PV. That is slated for our 3.3 release. Until

can't push to internal registry

I'm having trouble getting my builds to push to an internal registry. I'm running Origin v1.1.2. When I run through the nodejs example ( https://docs.openshift.org/latest/getting_started/developers/developers_console.html), the build always fails pushing to the internal registry with this error: I

Re: binary tar.gz format

Got it . Thanks Where I can find default assemble and run scripts for JBOSS EAP? I want to add few extra export arguments to run script to be affective at build time. Is it possible to run both my run script along with default build time run script? -- Srinivas Kotaru From: Ben Parees mailto:b

Re: Simple yum update to version 1.4 and docker 1.9 destroyed system

On Mar 18, 2016 8:40 AM, "David Strejc" wrote: > > I've updated my testing system just with yum update (I don't know if this is recommended approach - this is what I am asking) and after restarting of origin-nodes and master and also restarting docker master web UI and kubernetes seemed to work bu

Re: DockerBuild Vs STI

Sent from my iPhone On Mar 18, 2016, at 7:08 AM, Ben Parees mailto:bpar...@redhat.com>> wrote: On Fri, Mar 18, 2016 at 2:55 AM, Srinivas Naga Kotaru (skotaru) mailto:skot...@cisco.com>> wrote: We're thinking what is the best approach for our code deployment and promotion. This is our propo

Re: how to bind a persistent volume claim to a specific persistent volume

On Thu, Mar 17, 2016 at 3:15 PM, Clayton Coleman wrote: > Pre binding is something an admin can do as well, I assume? That's our > short term story for "here's how I preallocate a claim"? > Yes, if the admin knows how to make a ClaimRef for pv.Spec.ClaimRef. As a feature, this is currently un