Friday, April 27, 2018

openshift login issues



I was not able to login to openshift using webconsole/ cli.


Come across this link:

https://docs.openshift.com/container-platform/3.9/install_config/configuring_authentication.html#DenyAllPasswordIdentityProvider

https://docs.openshift.com/container-platform/3.9/install_config/configuring_authentication.html#AllowAllPasswordIdentityProvider


So, from DenyAll change it to AllowAll as mentioned in the above configuration.


(first take backup of master configuration file mentioned there).

Restart all the master services.

Voila - Now you should be able to login :)


Wednesday, April 11, 2018

To add/delete a NAT rule

==========================

# To add a rule

// you are listening on a server @127.0.0.1 and want to expose to ouside.
// you can add a rule as below.
// now anyone accessing YOUR_NODE_IP_ADDRESS:8443 will be redirected to 127.0.0.1:8443
iptables -t nat -A PREROUTING -p tcp --dport 8443 -j DNAT --to-destination 127.0.0.1:8443

==========================
# To delete a RULE

// This will list according to groups like PREROUTING , INPUT, OUTPUT, POSTROUTING , etc.,
iptables -t nat -L --line-numbers

// to delete a specific rule
iptables -t nat -D PREROUTING <number>

// For example, here to delete third rule
iptables -t nat -D PREROUTING 3

==========================

Monday, April 9, 2018

force delete a pod in openshift (kubernetes)


For kubernetes:

kubectl delete pod --grace-period=0 --force --namespace <NAMESPACE> <PODNAME>


and for openshift

oc delete pod --grace-period=0 --force --namespace <NAMESPACE> <PODNAME>


output: 
warning: Immediate deletion does not wait for confirmation that the running resource has been terminated. The resource may continue to run on the cluster indefinitely.


This command may be use for deleting pods whose status is Unknown.
As the output says, the pod may still be running. 

--

To delete all pods in a namespace:
//In this example namespace in 'default'
kubectl delete pods --all  -n  default

To delete all svc in a namespace:
//In this example namespace in 'default'
kubectl delete svc --all  -n  default

--
 

Thursday, April 5, 2018

label a node in openshift


How to label a node in openshift as 'infra' ? 


====================================================================
# oc describe node dhcp41-180.lab.eng.test.mydomain.com

..
Labels:             beta.kubernetes.io/arch=amd64
                    beta.kubernetes.io/os=linux
                    glusterfs=storage-host
                    kubernetes.io/hostname=dhcp41-180.lab.eng.test.mydomain.com
                    region=primary
                    role=node
..
====================================================================

# oc label node dhcp41-180.lab.eng.test.mydomain.com region=infra 
error: 'region' already has a value (primary), and --overwrite is false

# oc label node dhcp41-180.lab.eng.test.mydomain.com region=infra   --overwrite
node "dhcp41-180.lab.eng.test.mydomain.com" labeled

====================================================================
# oc describe node dhcp41-180.lab.eng.test.mydomain.com
..
Labels:             beta.kubernetes.io/arch=amd64
                    beta.kubernetes.io/os=linux
                    glusterfs=storage-host
                    kubernetes.io/hostname=dhcp41-180.lab.eng.test.mydomain.com
                    region=infra
                    role=node
..
====================================================================