Re: timeout expired waiting for volumes to attach/mount for pod

Do you have access to logs of atomic-openshift-node process where secrets are failing to mount? If yes, can you post them a in Bug or something[1] We may have clues in that. Is the API request that is fetching secret is taking time to respond or something else is amiss. Also, api-server metrics

Re: timeout expired waiting for volumes to attach/mount for pod

Could it be related to this? https://github.com/openshift/origin/issues/11016 ​ Sounds definitely like our issue, I just don't understand why would we hit this suddenly. ___ users mailing list users@lists.openshift.redhat.com

RE: OpenShift Origin Active Directory Authentication

Hi, I have just gotten past the issue with the master not starting or restarting. It starts now. But I am trying to login with an AD account and receive Authentication Error Occurred. Not sure what the syntax should be. I try domain\username and username@domain.local

Re: OpenShift Origin Active Directory Authentication

Hi Mark, I believe maybe the syntax is not right.. Could you try this? oauthConfig: assetPublicURL: https://master.domain.local:8443/console/ grantConfig: method: auto identityProviders: - challenge: true login: true mappingMethod: claim name: Active_Directory

RE: OpenShift Origin Active Directory Authentication

> I did try sAMAccountName at first and was getting the same results. Then I > had read that variable was for older Windows machines so I tried uid as that > was the other example I saw. The relevant part of my master-config.yaml is below, and appart from using ldaps, I don't see any other

RE: OpenShift Origin Active Directory Authentication

I did try sAMAccountName at first and was getting the same results. Then I had read that variable was for older Windows machines so I tried uid as that was the other example I saw. One thing I didn't change was: preferredUsername: - uid Would I have to change this to:

Re: timeout expired waiting for volumes to attach/mount for pod

On the master, we're seeing this on a regular basis: https://gist.github.com/gravis/cae52e763cd5cdac19a8456f9208aa34 I don't know if it can be related ___ users mailing list users@lists.openshift.redhat.com

RE: OpenShift Origin Active Directory Authentication

I cannot tell for the oauthConfig, but for the identity provider you have > preferredUsername: > - uid and I'm not sure that attribute exist. It doesn't in the mine at least, and I'm using sAMAccountName, which is on the default AD schema. Although I don't see how that could

RE: OpenShift Origin Active Directory Authentication

Tried again. Made changes from cn=users to ou=users oauthConfig: assetPublicURL: https://master.domain.local:8443/console/ grantConfig: method: auto identityProviders: - name: Active_Directory challenge: true login: true mappingMethod: claim provider:

Re: The easiest way to start Docker Registry in Origin

The route itself seems to be OK, apparently it is just not linked to the service... $ oc get route NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD docker-registry 192.168.1.21 docker-registry 5000-tcp None Any ideas why could

Re: The easiest way to start Docker Registry in Origin

BTW If I would like to expose my registry to the outside world, would executing the following command just do the job? I'm trying to expose the registry via... oc expose svc/docker-registry --hostname=192.168.1.21 ...but connecting to http://192.168.1.21:5000 gives me Connection Refused. I

RE: OpenShift Origin Active Directory Authentication

I do believe in one attempt I did change the cn=users to ou=users and had the same issue. But I can give a try just to make certain. Thanks, Mark Werner | Senior Systems Engineer | Cloud & Infrastructure Services Unisys | Mobile Phone 586.214.9017 |

Re: OpenShift Origin Active Directory Authentication

> > > bindDN: "cn=openshift,cn=users,dc=domain,dc=local" > > bindPassword: "password" > > insecure: true > > url: ldap://dc.domain.local:389/cn=users,dc=domain,dc=local?uid > > > > In addition to Clayton's question of the exact messages, this configuration looks bad - I'm

Re: [Logging] searchguard configuration issue? ["warning", "elasticsearch"], "pid":1, "message":"Unable to revive connection: https://logging-es:9200/"}

2017-07-12 15:41 GMT+02:00 Peter Portante : > > > On Wed, Jul 12, 2017 at 9:28 AM, Stéphane Klein < > cont...@stephane-klein.info> wrote: > >> >> 2017-07-12 15:20 GMT+02:00 Peter Portante : >> >>> This looks a lot like this BZ: https://bugzilla.redhat.co

Re: The easiest way to start Docker Registry in Origin

Many thanks. Integrated registry is exactly what I need and works like a charm :) . czw., 29 cze 2017 o 11:59 użytkownik Maciej Szulik napisał: > On Wed, Jun 28, 2017 at 11:53 AM, Frederic Giloux > wrote: > >> Hi Henryk >> >> If I correctly understand

Re: OpenShift Origin Active Directory Authentication

When you restart, what log messages are printed in origin-master? On Jul 11, 2017, at 10:19 PM, Werner, Mark wrote: I am really struggling to get Active Directory authentication to work. The oauthConfig section of the master-config.yaml file starts out like this and all

Re: [Logging] searchguard configuration issue? ["warning", "elasticsearch"], "pid":1, "message":"Unable to revive connection: https://logging-es:9200/"}

On Wed, Jul 12, 2017 at 9:28 AM, Stéphane Klein wrote: > > 2017-07-12 15:20 GMT+02:00 Peter Portante : > >> This looks a lot like this BZ: https://bugzilla.redhat.co >> m/show_bug.cgi?id=1449378, "Timeout after 30SECONDS while retrieving >>

Re: [Logging] searchguard configuration issue? ["warning", "elasticsearch"], "pid":1, "message":"Unable to revive connection: https://logging-es:9200/"}

2017-07-12 15:20 GMT+02:00 Peter Portante : > This looks a lot like this BZ: https://bugzilla.redhat. > com/show_bug.cgi?id=1449378, "Timeout after 30SECONDS while retrieving > configuration" > > What version of Origin are you using? > > Logging image :

Re: [Logging] searchguard configuration issue? ["warning", "elasticsearch"], "pid":1, "message":"Unable to revive connection: https://logging-es:9200/"}

This looks a lot like this BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1449378, "Timeout after 30SECONDS while retrieving configuration" What version of Origin are you using? I found that I had to run the sgadmin script in each ES pod at the same time, and when one succeeds and one fails,

[Logging] searchguard configuration issue? ["warning", "elasticsearch"], "pid":1, "message":"Unable to revive connection: https://logging-es:9200/"}

Hi, Since one day, after ES cluster pods restart, I have this error message when I launch logging-es: $ oc logs -f logging-es-ne81bsny-5-jdcdk Comparing the specificed RAM to the maximum recommended for ElasticSearch... Inspecting the maximum RAM available... ES_JAVA_OPTS:

Re: timeout expired waiting for volumes to attach/mount for pod

Our nodes are up-to-date already, but we're not using docker-latest (1.13). I don't think that's an issue, since everything was fine with 1.12 last week. ​ The only thing having changed lately are PVs, we are migrating some datastores. I wonder if one of them could be an issue, and openshift is

Re: timeout expired waiting for volumes to attach/mount for pod

Hi, We have this issue on Openshift 1.5 (with 1.4 nodes because of this crazy bug https://github.com/openshift/origin/issues/14092). It started a few days ago, and nothing really changed in our cluster. We just added a bunch of secrets, and noticed longer and longer deploys. We have nothing

Re: Method to move a single or multiple pods to a different node?

On 12 July 2017 at 00:50, G. Jones wrote: > That’s just it, the masters were unschedulable. During the outage wer > restarted the masters and nodes but the nodes wouldn’t come online. While > we were working on getting the nodes up the pods had been restarted on the >