<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Now with Fedora 26 I have etcd available but etcd fails.<br>
<br>
[root@swarm-u2rnie4d4ik6-master-0 ~]# /usr/bin/etcd
--name="${ETCD_NAME}" --data-dir="${ETCD_DATA_DIR}"
--listen-client-urls="${ETCD_LISTEN_CLIENT_URLS}" --debug<br>
2018-08-23 14:34:15.596516 E | etcdmain: error verifying flags,
--advertise-client-urls is required when --listen-client-urls is set
explicitly. See 'etcd --help'.<br>
2018-08-23 14:34:15.596611 E | etcdmain: When listening on specific
address(es), this etcd process must advertise accessible url(s) to
each connected client.<br>
<br>
There is a issue where the --advertise-client-urls and TLS
--cert-file and --key-file is not passed in the systemd file,
changing this to:<br>
/usr/bin/etcd --name="${ETCD_NAME}" --data-dir="${ETCD_DATA_DIR}"
--listen-client-urls="${ETCD_LISTEN_CLIENT_URLS}"
--advertise-client-urls="${ETCD_ADVERTISE_CLIENT_URLS}"
--cert-file="${ETCD_PEER_CERT_FILE}"
--key-file="${ETCD_PEER_KEY_FILE}"<br>
<br>
Makes it work, any thoughts?<br>
<br>
Best regards<br>
Tobias<br>
<br>
<div class="moz-cite-prefix">On 08/23/2018 03:54 PM, Tobias Urdin
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:7af84e20-2b32-e341-e584-dc2fd9ea0943@binero.se">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
Found the issue, I assume I have to use Fedora Atomic 26 until
Rocky where I can start using Fedora Atomic 27.<br>
Will Fedora Atomia 28 be supported for Rocky?<br>
<br>
<a class="moz-txt-link-freetext"
href="https://bugs.launchpad.net/magnum/+bug/1735381"
moz-do-not-send="true">https://bugs.launchpad.net/magnum/+bug/1735381</a>
(Run etcd and flanneld in system containers, In Fedora Atomic 27
etcd and flanneld are removed from the base image.)<br>
<a class="moz-txt-link-freetext"
href="https://review.openstack.org/#/c/524116/"
moz-do-not-send="true">https://review.openstack.org/#/c/524116/</a>
(Run etcd and flanneld in a system container)<br>
<br>
Still wondering about the "The Parameter (nodes_affinity_policy)
was not provided" when using Mesos + Ubuntu?<br>
<br>
Best regards<br>
Tobias<br>
<br>
<div class="moz-cite-prefix">On 08/23/2018 02:56 PM, Tobias Urdin
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:22ea4089-d830-ce0e-fd0a-502d16075bda@binero.se">
Thanks for all of your help everyone,<br>
<br>
I've been busy with other thing but was able to pick up where I
left regarding Magnum.<br>
After fixing some issues I have been able to provision a working
Kubernetes cluster.<br>
<br>
I'm still having issues with getting Docker Swarm working, I've
tried with both Docker and flannel as the networking layer but<br>
none of these works. After investigating the issue seems to be
that etcd.service is not installed (unit file doesn't exist) so
the master<br>
doesn't work, the minion swarm node is provisioned but cannot
join the cluster because there is no etcd.<br>
<br>
Anybody seen this issue before? I've been digging through all
cloud-init logs and cannot see anything that would cause this.<br>
<br>
I also have another separate issue, when provisioning using the
magnum-ui in Horizon and selecting ubuntu with Mesos I get the
error<br>
"The Parameter (nodes_affinity_policy) was not provided". The
nodes_affinity_policy do have a default value in magnum.conf so
I'm starting<br>
to think this might be an issue with the magnum-ui dashboard?<br>
<br>
Best regards<br>
Tobias<br>
<br>
<div class="moz-cite-prefix">On 08/04/2018 06:24 PM, Joe Topjian
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CA+y7hvjYi033=taYGVcAyQredAPiFQ=vbY=tvrpmpRWcnT__XQ@mail.gmail.com">
<div dir="ltr">
<div>We recently deployed Magnum and I've been making my way
through getting both Swarm and Kubernetes running. I also
ran into some initial issues. These notes may or may not
help, but thought I'd share them in case:</div>
<div><br>
</div>
<div>* We're using Barbican for SSL. I have not tried with
the internal x509keypair.
<br>
</div>
<div><br>
</div>
<div>* I was only able to get things running with Fedora
Atomic 27, specifically the version used in the Magnum
docs:
<a
href="https://docs.openstack.org/magnum/latest/install/launch-instance.html"
moz-do-not-send="true">
https://docs.openstack.org/magnum/latest/install/launch-instance.html</a></div>
<div><br>
</div>
<div>Anything beyond that wouldn't even boot in my cloud. I
haven't dug into this.</div>
<div><br>
</div>
<div>* Kubernetes requires a Cluster Template to have a
label of cert_manager_api=true set in order for the
cluster to fully come up (at least, it didn't work for me
until I set this).<br>
</div>
<div><br>
</div>
<div>As far as troubleshooting methods go, check the
cloud-init logs on the individual instances to see if any
of the "parts" have failed to run. Manually re-run the
parts on the command-line to get a better idea of why they
failed. Review the actual script, figure out the variable
interpolation and how it relates to the Cluster Template
being used.<br>
</div>
<div><br>
</div>
<div>Eventually I was able to get clusters running with the
stock driver/templates, but wanted to tune them in order
to better fit in our cloud, so I've "forked" them. This is
in no way a slight against the existing drivers/templates
nor do I recommend doing this until you reach a point
where the stock drivers won't meet your needs. But I
mention it because it's possible to do and it's not
terribly hard. This is still a work-in-progress and a bit
hacky:</div>
<div><br>
</div>
<div><a href="https://github.com/cybera/magnum-templates"
moz-do-not-send="true">https://github.com/cybera/magnum-templates</a></div>
<div><br>
</div>
<div>Hope that helps,</div>
<div>Joe<br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Fri, Aug 3, 2018 at 6:46 AM,
Tobias Urdin <span dir="ltr">
<<a href="mailto:tobias.urdin@binero.se"
target="_blank" moz-do-not-send="true">tobias.urdin@binero.se</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
Hello,<br>
<br>
I'm testing around with Magnum and have so far only had
issues.<br>
I've tried deploying Docker Swarm (on Fedora Atomic 27,
Fedora Atomic 28) and Kubernetes (on Fedora Atomic 27)
and haven't been able to get it working.<br>
<br>
Running Queens, is there any information about supported
images? Is Magnum maintained to support Fedora Atomic
still?<br>
What is in charge of population the certificates inside
the instances, because this seems to be the root of all
issues, I'm not using Barbican but the x509keypair
driver<br>
is that the reason?<br>
<br>
Perhaps I missed some documentation that x509keypair
does not support what I'm trying to do?<br>
<br>
I've seen the following issues:<br>
<br>
Docker:<br>
* Master does not start and listen on TCP because of
certificate issues<br>
dockerd-current[1909]: Could not load X509 key pair
(cert: "/etc/docker/server.crt", key:
"/etc/docker/server.key")<br>
<br>
* Node does not start with:<br>
Dependency failed for Docker Application Container
Engine.<br>
docker.service: Job docker.service/start failed with
result 'dependency'.<br>
<br>
Kubernetes:<br>
* Master etcd does not start because /run/etcd does not
exist<br>
** When that is created it fails to start because of
certificate<br>
2018-08-03 12:41:16.554257 C | etcdmain: open
/etc/etcd/certs/server.crt: no such file or directory<br>
<br>
* Master kube-apiserver does not start because of
certificate<br>
unable to load server certificate: open
/etc/kubernetes/certs/server.c<wbr>rt: no such file or
directory<br>
<br>
* Master heat script just sleeps forever waiting for
port 8080 to become available (kube-apiserver) so it can
never kubectl apply the final steps.<br>
<br>
* Node does not even start and times out when Heat
deploys it, probably because master never finishes<br>
<br>
Any help is appreciated perhaps I've missed something
crucial, I've not tested Kubernetes on CoreOS yet.<br>
<br>
Best regards<br>
Tobias<br>
<br>
______________________________<wbr>______________________________<wbr>______________<br>
OpenStack Development Mailing List (not for usage
questions)<br>
Unsubscribe: <a
href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe"
rel="noreferrer" target="_blank"
moz-do-not-send="true">
OpenStack-dev-request@lists.op<wbr>enstack.org?subject:unsubscrib<wbr>e</a><br>
<a
href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev"
rel="noreferrer" target="_blank"
moz-do-not-send="true">http://lists.openstack.org/cgi<wbr>-bin/mailman/listinfo/openstac<wbr>k-dev</a><br>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</blockquote>
<br>
</blockquote>
<br>
</body>
</html>