-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs/dev/libvirt: Add troubleshooting docs for libvirt console issue. #1371
docs/dev/libvirt: Add troubleshooting docs for libvirt console issue. #1371
Conversation
Hi @praveenkumar. Thanks for your PR. I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
docs/dev/libvirt-howto.md
Outdated
@@ -286,6 +286,32 @@ kubectl get --all-namespaces pods | |||
## Troubleshooting | |||
If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|||
### console doesn't come up | |||
In case of libvirt there is no wildcard dns resolution and console is depend on the route which is created by auth operator. | |||
To make it work we need to use the multi-stage installation and edit the `domain` for ingress. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: No newline for starting new sentences please. Either start a new paragraph or keep the sentence on the same line.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@zeenix That what did for minishift also, making every sentence to a new line make it easier to read and navigate. I don't see any issue it here also.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If that's true, let's be consistent and start every sentence on a new line? :) This is plain English text so English grammar rules should be followed here as much as they make sense. You break the line based on max characters per line (whatever is decided per project/file) on a word boundary.
As for minishift doing the same, yes I know it has become common practice recently but mostly cause people don't care, not because it helps anything. :-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Starting every sentence on a newline (in a system where newlines on their own don’t matter, as is the case here) is also nice for change control: it means that diff
s don’t pull in the end of the previous sentence or the start of the next one, and changing one sentence’s length doesn’t cause the rest of the paragraph to reflow and show up in the diff
...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That would apply equally to starting every word on new line, as you often need to fix, add or remove words. :) I hope one thing we can all agree on, is consistency. If you want to start every sentence on a new line, maybe we can talk. Otherwise please let's stick to English grammar rules.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I agree we need consistency! IME starting sentences on a new line (and word-wrapping them too) is a nice balance between source readability and long-term maintainability. It’s weird if the source text is also what the user sees, directly, but since most docs nowadays are post-processed and end up as HTML or something like that where newlines are ignored, it’s OK in practice.
docs/dev/libvirt-howto.md
Outdated
// Create the manifests | ||
$ openshift-install create manifests --dir myTestDir | ||
|
||
// Edit the cluster-ingress-02-config.yml file |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
but the following command is not editing the file so comment is a bit confusing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@zeenix Edited.
docs/dev/libvirt-howto.md
Outdated
@@ -286,6 +286,32 @@ kubectl get --all-namespaces pods | |||
## Troubleshooting | |||
If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|||
### console doesn't come up | |||
In case of libvirt there is no wildcard dns resolution and console is depend on the route which is created by auth operator. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suggest: s/is depend on/depends on/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
docs/dev/libvirt-howto.md
Outdated
@@ -286,6 +286,32 @@ kubectl get --all-namespaces pods | |||
## Troubleshooting | |||
If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|||
### console doesn't come up | |||
In case of libvirt there is no wildcard dns resolution and console is depend on the route which is created by auth operator. | |||
To make it work we need to use the multi-stage installation and edit the `domain` for ingress. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Suggest that you avoid 'the multi-stage installation' since that could be understood as indicating that the install command itself is to be run in stages where you run part of the install, do something, and then run the rest of the install.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
right, I had the same comment. multi-stage would likely refer here to the way the installer works... but this is actually abstracted away for most people, as they likely will experiment first with just create cluster
. I would suggest to be more explicit and mention the order of the commands... or else mention how this could work AFTER the installation has been performed (if possible).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did some rewording, hope that make it bit clear.
docs/dev/libvirt-howto.md
Outdated
domain: apps.tt.testing | ||
|
||
// Start the installer to create the cluster | ||
$ openshift-install create cluster |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
--dir myTestDir
missing here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
inconsistent use of --dir
and needs clearer instructions around 'multi-stage'
@praveenkumar can make sure the commit message follow https://github.com/openshift/installer/blob/master/CONTRIBUTING.md#commit-message-format |
docs/dev/libvirt-howto.md
Outdated
@@ -286,6 +286,32 @@ kubectl get --all-namespaces pods | |||
## Troubleshooting | |||
If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|||
### console doesn't come up |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Console
docs/dev/libvirt-howto.md
Outdated
$ sudo systemctl restart NetworkManager | ||
|
||
// Create the manifests | ||
$ openshift-install create manifests --dir myTestDir |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
openshift-installer --dir $INSTALL_DIR create manifests
docs/dev/libvirt-howto.md
Outdated
// Here `tt.testing` is the domain which I choose when running the installer. | ||
$ cat /etc/NetworkManager/dnsmasq.d/openshift.conf | ||
server=/tt.testing/192.168.126.1 | ||
address=/.apps.tt.testing/192.168.126.51 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will only work for a single worker, right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@gbraad yes and this is better than nothing atm.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
will it .apps.tt.testing or .apps.test.tt.testing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@anildhingra no it is apps.tt.testing
not the domain which your cluster use.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it still fails
2019/03/11 13:33:10 auth: error contacting auth provider (retrying in 10s): request to OAuth issuer endpoint https://openshift-authentication-openshift-authentication.apps.test.tt.testing/oauth/token failed: Head https://openshift-authentication-openshift-authentication.apps.test.tt.testing: dial tcp: lookup openshift-authentication-openshift-authentication.apps.test.tt.testing on 172.30.0.10:53: no such host
2019/03/11 13:33:20 auth: error contacting auth provider (retrying in 10s): request to OAuth issuer endpoint https://openshift-authentication-openshift-authentication.apps.test.tt.testing/oauth/token failed: Head https://openshift-authentication-openshift-authentication.apps.test.tt.testing: dial tcp: lookup openshift-authentication-openshift-authentication.apps.test.tt.testing on 172.30.0.10:53: no such host
if i do dummy nslookup it works
[root@test-wm76w-master-0 ~]# nslookup one.apps.test.tt.testing
Server: 192.168.126.1
Address: 192.168.126.1#53
but in above case its looking - openshift-authentication-openshift-authentication.apps.test.tt.testing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could not this be done automatically when libvirt is selected?
Extend the functionality of create.go
Congratulations also for the solution !!
Best Regards,
Fábio Sbano
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a temporary solution. In future we do not want to have to do so many modifications. Since a solution that is cross-platform is preferred, we might not continue with using dnsmasq, but rather coredns for example.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@praveenkumar This worked for me, but please explicitly mention the the IP address is of the worker node
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
EDIT: nevermind the following. I forgot to run the create manifests
command.
I can't find the manifest to edit in my cluster's installation directory:
steveej@steveej-t480s-work ✓ ~/src/job-redhat/GOPATH/src/github.com/openshift/installer/openshift-steveej 954533fcc ⚡
$ tree
.
├── auth
│ ├── kubeadmin-password
│ └── kubeconfig
├── disable-bootstrap.tfvars
├── metadata.json
├── terraform.tfstate
└── tls
├── journal-gatewayd.crt
└── journal-gatewayd.key
How do I get the installer to expose them?
cc4a3fd
to
20d54ad
Compare
@abhinavdahiya @wking do have another look, made requested changes. |
20d54ad
to
cf0fb11
Compare
/ok-to-test |
/test e2e-libvirt |
2 similar comments
/test e2e-libvirt |
/test e2e-libvirt |
@praveenkumar Are e2e tests useful for this change? Let's not block on them unless that's the case. |
/test e2e-libvirt |
2 similar comments
/test e2e-libvirt |
/test e2e-libvirt |
Next step is to also add a reference to the default storage pool from #308 |
@abhinavdahiya I think all review comments have been addressed so let's give the missing label to get it merged? |
I think we want #1587, which will let us offload libvirt maintainership to folks with more time for it. But these two PRs could land in either order. |
a0137cf
to
d6e1f42
Compare
/test e2e-libvirt |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's been too long since I've played with a libvirt console, so I can't really review the steps. In the spirit of the pending #1662 I'm fine assuming that's all right ;). But style review is easier, so I've left a few nit suggestions inline.
docs/dev/libvirt/README.md
Outdated
@@ -286,6 +286,38 @@ kubectl get --all-namespaces pods | |||
## Troubleshooting | |||
If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|||
### Console doesn't come up | |||
In case of libvirt there is no wildcard dns resolution and console depends on the route which is created by auth operator. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: "dns" -> "DNS"
docs/dev/libvirt/README.md
Outdated
@@ -286,6 +286,38 @@ kubectl get --all-namespaces pods | |||
## Troubleshooting | |||
If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|||
### Console doesn't come up | |||
In case of libvirt there is no wildcard dns resolution and console depends on the route which is created by auth operator. | |||
To make it works we need to first create the manifests and edit the `domain` for ingress config, before directly creating the cluster. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: "works" -> "work". Alternatively, drop the leader and compact the sentence to "We need to edit the ingress domain
before creeating the cluster." or some such.
docs/dev/libvirt/README.md
Outdated
In case of libvirt there is no wildcard dns resolution and console depends on the route which is created by auth operator. | ||
To make it works we need to first create the manifests and edit the `domain` for ingress config, before directly creating the cluster. | ||
|
||
Following steps are required to have console operator up and working. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the previous two sentences cover this. If you want to make it easier to blindly find this documentation, maybe include an example of the error message that eventually bubbles out if you don't take these steps?
docs/dev/libvirt/README.md
Outdated
|
||
Following steps are required to have console operator up and working. | ||
```console | ||
// Step-1 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: //
are not shell comments. Either use $ # Step-1
, etc., or (my preference), shift this supporting text outside of the fenced code block:
Add another domain entry in `openshift.conf`, which is...
```console
$ cat /etc/NetworkManager/dnsmasq.d/openshift.conf
server=/tt.testing/192.168.126.1
address=/.apps.tt.testing/192.168.126.51
```
Make sure you restart ...
docs/dev/libvirt/README.md
Outdated
|
||
// Step-4 | ||
// Domain entry for cluster-ingress-02-config.yml file should be following (here domain is what your created in Step-1) | ||
$ cat $INSTALL_DIR/manifests/cluster-ingress-02-config.yml | grep domain |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no need to cat
, just grep domain $INSTALL_DIR/manifests/cluster-ingress-02-config.yml
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually, I suggest turning it into:
sed -i 's/test1.//g' mycluster/manifests/cluster-ingress-02-config.yml
Which is what I've been using and it makes things easy for people.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@zeenix this will only work if you provided test1
as your domain name.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@praveenkumar Right, it should be:
sed -i 's/YOUR_DOMAIN_NAME.//g' mycluster/manifests/cluster-ingress-02-config.yml
then. :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@praveenkumar could you please update this or let me know if you disagree?
d6e1f42
to
1abc94f
Compare
/test e2e-libvirt |
/retest |
|
||
- Domain entry for cluster-ingress-02-config.yml file should be following (here domain is what your created initially) | ||
```console | ||
$ grep domain $INSTALL_DIR/manifests/cluster-ingress-02-config.yml |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@praveenkumar Wouldn't you agree that my sed
suggestion would better since folks can just directly copy&paste it?
docs/dev/libvirt/README.md
Outdated
@@ -286,6 +286,40 @@ kubectl get --all-namespaces pods | |||
## Troubleshooting | |||
If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|||
### Console doesn't come up | |||
In case of libvirt there is no wildcard DNS resolution and console depends on the route which is created by auth operator. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought I asked for this before but maybe my comment didn't make it through: Could we please refer to the issue we're working around in here and in the commit log?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@zeenix done.
/test e2e-libvirt |
…ole issue. Currently cluster created by libvirt not able to resolve the auth route and because of that console doesn't comeup. This troubleshooting doc entry direct users to make some modification before running the cluster so that auth route can be resolved by the cluster. Fix openshift#1007
1abc94f
to
90b0d45
Compare
/test e2e-libvirt |
/test e2e-aws |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: praveenkumar, zeenix The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
cc @wking @abhinavdahiya