Re: RWO mounted on multiple hosts

I'm not so sure now​, I've seen that behaviour on 3 different projets now. Sounds like a huge coincidence for a race condition :( ___ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users

RWO mounted on multiple hosts

Hi, We discovered a weird thing on a project in our cluster: 2 tomcat pods sharing the same PVC, bound to a RWO volume. https://gist.github.com/gravis/2bd9c95c0bdc7c7ad1b175f1b7e91cca Do you know how could this happen? We're using openshift 1.1.3 (yes, we're late). Thanks, Philippe

Re: Ceph volume recycling

Thanks! Will take a look ​ ___ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Ceph volume recycling

Hi, Could someone enlighten me about the status of Ceph volume recycling? It seems to be still only for NFS, and I can't find info on that. Thanks, Philippe ___ users mailing list users@lists.openshift.redhat.com

Re: Need to kill pod

And now I have issues with the persistent volume (again). It seems that using glusterfs volume doesn't work with openshift-metrics (2 clusters on 3 have this issue). Cassandra is failing under load, with corrupted data. We have removed the persistance, and now the metrics are fine, no more restart

Re: can't push to internal registry

We're starting to have this kind of issues lately too (500, 503, etc.). Only solution is to delete the registry pod and sometimes even the router + ipfailover. ​Especially when pods start failing to be deployed, with events: Container image "

Re: Simple yum update to version 1.4 and docker 1.9 destroyed system

And ​make sure Swap is still disabled after reboot. We learned, the hard way, that it wasn't persistent (due to a bad fstab config) over reboot. With swap enabled, the performance of some services was very bad (2500ms response time vs less than 200ms in normal conditions).

Re: Can't deploy with new images

Found it, it should be: triggers: - imageChangeParams: * automatic: true* containerNames: - resque from: kind: ImageStreamTag name: myis:my-test-tag type: ImageChange - type: ConfigChange ​ I wonder why a trigger wouldn't automatic by default now

Can't deploy with new images

Hi, I have a weird behaviour I can't explain (os 1.1.3). We're pushing layers directly to OS registry, and it generally deploys new versions as they arrive on the registry. We sometimes want to test different versions, and therefore edit the dc to use a specific tag: triggers: -

Re: Need to kill pod

So apparently, it's related to a node in our cluster. I can see these errors in journalctl: Mar 09 17:22:42 node-2 audit[4703]: avc: denied { write } for pid=4703 comm="java" name="data" dev="fuse" ino=9843468220720736682 scontext=system_u:system_r:svirt_lxc_net_t:s0:c0,c5

Re: Persistent Volume usage

Mohamed, I'm curious of your results with glusterfs, we experienced some issues (especially with MySQL) on these volumes. We added "option mandatory-locks on" on the volume, and no crash since. It would be nice if you could share some feedback. Thanks, Philippe ​

Re: Persistent Volume usage

On Wed, Mar 2, 2016 at 10:53 PM, Mohamed Lrhazi < mohamed.lrh...@georgetown.edu> wrote: > He reads my other emails to this list :) We're not hundreds to post here :) ___ users mailing list users@lists.openshift.redhat.com

Re: Persistent Volume usage

There's no "right" way. Your PV is marked as "failed" because PV reclaim is not supported for glusterfs volumes :( The only way is to do that by hand. ​ ___ users mailing list users@lists.openshift.redhat.com

Re: Registery pod fails to start: unsupported volume type

ok, did you create the glusterfs endpoint in the corresponding project (yes, you have to do that for all projects using glusterfs...)​. Last but not least, remember to add a glusterfs service to ensure your endpoints are not deleted: apiVersion: v1 kind: Endpoints metadata: name:

Re: Need to kill pod

I only see the "http: response.WriteHeader on hijacked connection" logs and origin-node restart on this node. The others look fine. ​ ___ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: Need to kill pod

Note that I don't have any error in the logs, just: Feb 29 17:17:52 node-2 docker[1081]: 2016/02/29 17:17:52 http: response.WriteHeader on hijacked connection (several times, ~ 1 every 2-5s) Then, suddently: Feb 29 17:17:52 node-2 kernel: XFS (dm-14): Unmounting Filesystem Feb 29 17:17:52

Re: Need to kill pod

On Mon, Feb 29, 2016 at 11:06 AM, Derek Carr wrote: > When you see this happen, did the openshift-node restart, and then try to > kill the pod? > Just checked the logs, and it seems it's exactly the case... openshift-node restarts and then the pod is killed. Does it sound

Re: glusterfs: calims remain in pending state

Hi Mohamed, your accessModes don't match. You're asking for spec: accessModes: - "ReadWriteOnce" while your pv is accepting "RWX" ("ReadWriteMany"). You can edit your pv to add "ReadWriteMany" in the access modes, and it will bind it right away.

Re: Need to kill pod

I can see this in the node's logs: Feb 27 22:49:39 node-2 docker[1081]: 2016/02/27 22:49:39 http: response.WriteHeader on hijacked connection Feb 27 22:49:49 node-2 docker[1081]: 2016/02/27 22:49:49 http: response.WriteHeader on hijacked connection ​

io.openshift.non-scalable

Hi, I just discovered this docker image label: io.openshift.non-scalable in https://access.redhat.com/documentation/en/openshift-enterprise/version-3.0/openshift-enterprise-30-creating-images/ Is there a label to add to a DC to have the same behaviour? (instead of building a new image) Thanks

Re: CMD with env vars

And the winner is: spec: containers: - command: - /bin/sh - -c - /nsqd --broadcast-address=$$(hostname -i) --lookupd-tcp-address=$(NSLOOKUPD_SERVICE_HOST):$(NSLOOKUPD_PORT_4160_TCP_PORT) --worker-id=$(WORKER_ID) --data-path=/data Thanks everyone

Re: CMD with env vars

with double quotes (just in case): PID USER TIME COMMAND 1 root 0:00 /bin/sh -c /nsqd --broadcast-address="$(hostname -i)" --lookupd-tcp-address=172.30.82.189:4160 --worker-id=1 --data-path=/data ​ ___ users mailing list

Re: CMD with env vars

On Thu, Feb 25, 2016 at 2:24 PM, Clayton Coleman wrote: > You have to double escape shell inclusions - "$$(hostname -i)" Also tried that, but still not expending: PID USER TIME COMMAND 1 root 0:00 /nsqd --broadcast-address=$(hostname -i)

Re: CMD with env vars

On Thu, Feb 25, 2016 at 2:07 PM, Clayton Coleman wrote: > Isn't your env var WORKER_ID? You only need the shell if you're > trying to use curly braces. The parenthesis syntax is supported by > kube. > Sorry, typo, it's definitely WORKER_ID (but not working better). Ok, I

Re: CMD with env vars

On Thu, Feb 25, 2016 at 2:01 PM, Clayton Coleman wrote: > Defaults are not supported in the kube syntax. If you want to do > shell expansion, your command has to be `["/bin/sh", "-c", > "--worker-id=${WORKER_ID:-0}"]` > Ok, that probably why, thanks Clayton. Anyway, I

Re: unsupported volume type after update to 1.1.3

> > For now, yes. We're looking at ways to make dynamic provisioning more > widely available, even outside of a cloud environment. We'd prefer to not > implement more recyclers and instead make more provisioners. > Ok thanks, the PV is Bound again: status: accessModes: - ReadWriteOnce -

Re: unsupported volume type after update to 1.1.3

On Tue, Feb 23, 2016 at 9:00 AM, Mark Turansky wrote: > There is no recycler for glusterfs, so "no volume plugin matched" would > occur when the volume is being reclaimed by the cluster after its release > from a claim. > yes, the pvc was probably remove when the

unsupported volume type after update to 1.1.3

Hi, We have a volume with status = "Failed" after upgrading to 1.1.3. All our volumes are mounted through glusterfs, and all the others are fine, the issue is just with one of them: Name: pv-storage-1 Labels: Status: Failed Claim:

Re: Issues with devicemapper - advice for the others

In fact, I realized the problem is probably more on the glusterfs side, since the data issues are inside the mounted volume. It should have nothing to do with the storage driver. Anyone had issues with docker + glusterfs so far? ​ ___ users mailing list

Re: Issues with devicemapper - advice for the others

On Wed, Feb 10, 2016 at 11:47 AM, Scott Dodson wrote: > If you're not using centos/rhel packages give this a try, I've not > followed this myself but it looks sane > >

Re: Issues with devicemapper - advice for the others

Hi Jeremy, Thanks, will take a look. The guy who put that in place is off today, I will have the info tomorrow. Yet, it seems we have this setup in place. If you want to test, here's our template: https://gist.github.com/gravis/97747657561b230abc6c Note that we're using glusterfs volumes, and

Router to external service

Hi, I'm trying to setup a route to a service pointing to external endpoints. The idea is to put a setup in place, pointing to an existing server, and remove the external endpoints to use a local pod once everything is ready on the openshift cluster. ie: route ==[to service]==> myservice

Re: Router to external service

Forget that, it was a typo in the endpoint name... Anyway, good to know, it's working! ​So, yes, we can route to external services :) ___ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users

Re: resourcequotas

Thanks!​ So If I have 2 quotas, 1 with "cpu: 0.1", and the second with "cpu: 0.2", "cpu: 0.1" will be applied, no matter the order they were created, right? ___ users mailing list users@lists.openshift.redhat.com

DeployConfig and Jobs

Hi, I'm wondering if deploying a Job with a DC is something planned in the future? We have some one-shot tasks (db migrations, cache flush, etc.) to execute based on ImageChange trigger, and apparently, there's no way to achieve that. Creating a job is basically creating a new resource, so the

Re: token/session lifetime

On Thu, Jan 21, 2016 at 8:46 AM, David Eads wrote: > For cases where you want a long lived token, we recommend that you create > a service account, grant that SA the rights you need, grab the SA's token > and use it. That gives you a long-lived, revocable token to avoid >

Warning "attempting to mount a secret disallowed by sa/default"

Hi, I have updated my oc exec to 1.1.1, and wanted to test the new warnings in "oc status". I have a lot of lines like: [pod] is attempting to mount a secret [the secret mount] disallowed by sa/default Our pods are correctly mounting secrets, so I'm a bit lost with this message. Can someone

Re: Private Docker registry on OpenShift Origin 1.1

On Thu, Jan 14, 2016 at 2:54 PM, Clayton Coleman wrote: > The name of the openshift registry? Just set the field to a > placeholder in the deployment config. > Sorry Clayton, I'm not sure to follow you :( Do you have an example I can checkout somewhere? Thanks Philippe

Re: Private Docker registry on OpenShift Origin 1.1

Also, I'm a little lost with containers specifications. What's the value of DeploymentConfig.spec.Containers[0].spec.image field? I don't know the name of the registry when creating the templates. Thanks ___ users mailing list

Re: Job frozen

> > I'll have a look at status update, maybe we have a bug there. > Anyway thanks pointing us to that! I saw the PR, good catch :) Btw, we have an explanation for the pod restart rate: A selector in the job was empty, and openshift probably restart ALL the pods on job failure... That's a huge

<    1   2