Jamie Duncan (17) [Avatar] Offline
#1
Hi, everyone.

Appendix A, where we walk through installing OpenShift Origin on top of CentOS, was based on OpenShift Origin version 3.5.

The installer for version 3.6 has some pretty big changes, and it won't work as the appendix is currently written. We're working now on updating this to work for 3.6 and will update it here as soon as we can verify we have it bullet-proof.

Thanks,

Jamie & John
436511 (4) [Avatar] Offline
#2
Could you specify in which way the installation process changed on Openshift Origin 3.6? I'm planning to install Openshift Origin 3.6 and I'd like to know how to face that goal. Thanks
Jamie Duncan (17) [Avatar] Offline
#3
Sure!

The primary change is that the interactive installer doesn't have an 'Origin' installation option. The interactive installer will be phased out, eventually, I'm told. That means you have to go with an advanced install (https://docs.openshift.org/latest/install_config/install/advanced_install.html#configuring-ansible).

Going through those docs, I came across an issue with how to specify an Origin install and filed a bug, https://bugzilla.redhat.com/show_bug.cgi?id=1486981. The bug references the mailing list thread with all of the details.

Let us know if you run into any issues, and we'll help as best we can!

-OiA
477385 (1) [Avatar] Offline
#4
Hello,

I'm curious if this is going to be updated soon by chance? I'd like to run through the installation in the recommended manner in order to start tackling the current chapters.

Not knowing specifically what you're looking for in the Ansible configuration leaves much to the imagination smilie.

Thanks,
-Dan S
Jamie Duncan (17) [Avatar] Offline
#5
Yes!

The updated installation appendix should be in the next MEAP update, which we submitted early last week. It will also include chapter 4, and several additional updates as we've continued to work on the content.

-jamie
48881 (3) [Avatar] Offline
#6
Hi,

Installation won't work with 0.0.0.0 as a DNS server (figure A.7)
In my installation (vmware), I used a personalized NAT network so the DNS IP is the same as the Gateway IP (192.168.122.2).

Regards
48881 (3) [Avatar] Offline
#7
48881 wrote:
Installation won't work with 0.0.0.0 as a DNS server (figure A.7)


Oups. I didn't see the Note in A.1 section about 8.8.8.8 (and not 0.0.0.0). Sorry.
Jamie Duncan (17) [Avatar] Offline
#8
no worries!

DNS is consistently a huge challenge for any container platform. OpenShift actually runs dnsmasquerade on each node, and the configuration is set when you deploy your cluster. There are advanced configurations to handle HTTPS proxies, and a lot of other conditions.

-jamie
48881 (3) [Avatar] Offline
#9
Hello,

Right now I'm blocked it the atomic-openshift-installer. In play 17/34 (see below)
Maybe a DNS issue because I see this line in journalctl -xe :
Oct 08 16:59:04 ocp-1.192.168.122.100.nip.io openshift[55081]: grpc: addrConn.resetTransport failed to create client transport: connection error: desc = "transport: dial tcp: lookup ocp-1.192.168.122.100.nip.io on 192.168.122.2:53:....

I will investigate...

By the way the options "-u -c ..." have to be first so the command ligne should be :
atomic-openshift-installer -u -c /root/installer.cfg.yml install --force

Regards,
Come.

NB : the error I got
Play 17/34 (Configure masters)
...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................fatal: [192.168.122.100]: FAILED! => {"attempts": 1, "changed": false, "failed": true, "msg": "Unable to start service origin-master: Job for origin-master.service failed because the control process exited with error code. See \"systemctl status origin-master.service\" and \"journalctl -xe\" for details.\n"}

192.168.122.100 : ok=359 changed=23 unreachable=0 failed=1
192.168.122.101 : ok=112 changed=7 unreachable=0 failed=0
localhost : ok=12 changed=0 unreachable=0 failed=0


Installation Complete: Note: Play count is only an estimate, some plays may have been skipped or dynamically added


Failure summary:

1. Host: 192.168.122.100
Play: Configure masters
Task: openshift_master : Start and enable master
Message: Unable to start service origin-master: Job for origin-master.service failed because the control process exited with error code. See "systemctl status origin-master.service" and "journalctl -xe" for details.


An error was detected. After resolving the problem please relaunch the
installation process.
Jamie Duncan (17) [Avatar] Offline
#10
"transport: dial tcp: lookup ocp-1.192.168.122.100.nip.io on 192.168.122.2:53:.."

It looks like you need to set an upstream DNS server for your host's dnsmasquerade. Right now 192.168.122.2 isn't able to resolve the nip.io domain, which requires a public DNS server to function.

Assuming you have internet connectivity, I think I know what's going on.

One of the things we're working on for OpenShift in Action is an ansible playbook that helps to automate the installation and tasks for each chapter.

It's still _VERY_ early in its development, but I ran into something similar using the CentOS cloud image, but not with the full ISO install. The actual code is at https://github.com/OpenShiftInAction/autoinstaller/blob/master/openshift-common/tasks/CentOS.yaml . If you're not familiar with Ansible, let me know and I can translate. smilie

-jamie
436511 (4) [Avatar] Offline
#11
Hi. I know that maybe this question is not related to the topic but I'd really like to know the answer of this question:

Currently I have an Openshift Origin server installed on my own infrastructure. The configured domain of Openshift Origin is something like https://mydomain.com:8443, and I really need to change the domain of the server and all applications to something like https://myotherdomain.com:8443.

What steps should I do to change the domain of the entire Openshift Origin?. Please help me.
Jamie Duncan (17) [Avatar] Offline
#12
Certificate rotation / re-issue has been around since version 3.3 or so. It's documented at https://docs.openshift.com/container-platform/3.6/install_config/redeploying_certificates.html .

*** NOTE ***

Backup everything before you do this. It should be pretty straight-forward, but this is part of the mainline codepath, so better safe than sorry.

Is that what you're looking for?

-Jamie
436511 (4) [Avatar] Offline
#13
Thanks for your answer.

What I meant is that when I installed Openshift Origin I used the advanced mode with a file configuration like this:

[OSEv3:vars]
openshift_public_hostname=console.mydomain.com
openshift_master_default_subdomain=apps.console.mydomain.com

I used to access to my Openshift Cluster using this command:

oc login https://console.mydomain.com:8443

-------------------------------------------------------------------------------

But because I'm not longer the owner of the domain mydomain.com, I need to change the way I access to the cluster. I'd like to change the dns domain of the entire cluster to something like this:

[OSEv3:vars]
openshift_public_hostname=console.otherdomain.com
openshift_master_default_subdomain=apps.console.otherdomain.com

As a result I will access to my Openshift origin using:

oc login https://console.otherdomain.com:8443

Finally, I'd like to change the dns domain of all routes that currently exists on my applications in order to use the new dns domain.

Jamie Duncan (17) [Avatar] Offline
#14
All of the configurations are going to live in `/etc/origin/[master|node]` on your cluster.

Looking at a 3 node cluster, I get ~35 references to the domain I used (filtering out a few false positives).

[root@ocp1 ~]# grep -RH 'nip.io' /etc/origin | grep -v generated | grep -v 18887 | wc -l
35


The master node's config is at `/etc/origin/master/master-config.yaml`, the nodes are in `node-config.yaml` in the same directory.

In addition to having to change these configurations, you need to regenerate the SSL certificates that the nodes use for communication. That's what the link I posted yesterday talks about.

The Red Hat supported way to handle that is to add a new node with your new hostnames and then remove the old ones. Essentially a rolling upgrade. Doing it 'by hand' is experimental.

Does that help at all?

-jduncan
436511 (4) [Avatar] Offline
#15
Thank you very much. I'll try do follow your instructions, it is what I was looking for!. You helped me a lot!!!!
531644 (1) [Avatar] Offline
#16
HI
I follow the instructions of Appendix A and get this error:

[root@ocp-1 ~]# atomic-openshift-installer -u -c /root/installer.cfg.yml install --force
origin 3.6 is not an installable variant.

I use vagrant and Centos 7.
Any idead ?