From DElder at novacoast.com Mon Oct 2 22:00:29 2017 From: DElder at novacoast.com (Dan Elder) Date: Tue, 3 Oct 2017 04:00:29 +0000 Subject: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password In-Reply-To: <1506524690.17636.76.camel@suse.com> References: <59CAB917020000B90020DBE4@smtp.nue.novell.com> <2D840902-1A48-4698-B71E-DDD40FC7DEF7@sap.com> <1506524690.17636.76.camel@suse.com> Message-ID: <9da31932-20c8-be5e-a814-565492e1a683@novacoast.com> I haven't had any luck authentication with caasp-cli unfortunately. The credentials I supply work fine for Velum but caasp-cli says they're invalid (output attached). Is there some log I can pull from the admin node or somewhere else to troubleshoot this? I've done 2 installs and gotten the same result both times. Thanks, Dan On 09/27/2017 08:04 AM, Paul Gonin wrote: Hi, It should be on the media so you can install it on the admin node It is installed by default on admin node. You can also get (currently) rpms for different openSUSE/SUSE flavors https://build.opensuse.org/repositories/devel:CaaSP:Head:ControllerNode/caasp-cli And there is also a windows Build from Rob https://github.com/rssfed23/caasp-cli-windows/releases Tested / works but not supported (yet, but I assume to come) Once you have caasp-cli export KUBECONFIG= (set KUBECONFIG=kubeconfig in windows cmd shell) caasp-cli login -u caasp-user -p caasp-password -s https://caasp.fqdn:6443 and then you can use kubectl as previously For caasp-user and caasp-password you can use caasp admin credentials. You can also create users in local ldap rgds Paul Le mercredi 27 septembre 2017 ? 14:52 +0000, Ns, Rushi a ?crit : Thanks, where can I download . I see from github I can?t download the link . https://github.com/kubic-project/caasp-cli Best Regards, Rushi. I MAY BE ONLY ONE PERSON, BUT I CAN BE ONE PERSON WHO MAKES A DIFFERENCE From: Paul Gonin Date: Tuesday, September 26, 2017 at 1:31 PM To: "caasp-beta at lists.suse.com"

, Rushi NS Subject: RE : [caasp-beta] kubectl requires username and password Hi, With RC1, RBAC is available Consequence is that you have to use caasp-ctl to login to CaaSP and modify your kubectl and inject credentials in it. Rgds Paul -------- Message d'origine -------- De : "Ns, Rushi" Date : 26/09/2017 22:04 (GMT+01:00) ? : SUSE Beta Program

, caasp-beta at lists.suse.com Objet : [caasp-beta] kubectl requires username and password >>> "Ns, Rushi" 09/26/2017 21:04 >>> Hi I setup new cluster with this release and everything worked. I have 3 masters/10 workers ..looks fine VELUM web page as well and I have downloaded kubeconfig and tried to do some workload test but issue with access cluster. I have issue with using KUBECTL command line ..whatever ?kubectl? I run requires permission. I setup velum with my userid email and password, I thought it requires that and I tried but its not ? I have also tried root (linux) master/workers but it doesn?t take that too? Does anyone know what is the issue. kubectl get cluster-info kubectl get nodes Please enter Username: rushi.ns at sap.com Please enter Password: ********* Error from server (Forbidden): User "system:anonymous" cannot list nodes at the cluster scope. (get nodes) kubectl get nodes Please enter Username: admin Please enter Password: ******** Unable to connect to the server: x509: certificate is valid for 172.24.0.1, 172.16.18.0, 127.0.0.1, 172.16.18.1, 10.48.164.142, not 10.48.164.144 kubectl get nodes Please enter Username: root Please enter Password: ******** Unable to connect to the server: x509: certificate is valid for 172.24.0.1, 172.16.22.0, 127.0.0.1, 172.16.22.1, 10.48.164.141, not 10.48.164.144 Best Regards, Rushi. I MAY BE ONLY ONE PERSON, BUT I CAN BE ONE PERSON WHO MAKES A DIFFERENCE From:

on behalf of SUSE Beta Program

Reply-To: SUSE Beta Program

Date: Friday, September 22, 2017 at 7:48 AM To: "caasp-beta at lists.suse.com"

on behalf of SUSE Beta Program

Reply-To: SUSE Beta Program

Date: Friday, September 22, 2017 at 7:48 AM To: "caasp-beta at lists.suse.com"

Subject: [caasp-beta] [ANNOUNCE] SUSE Container as a Service Platform 2 RC 1 is available! Having trouble viewing this email? Please check the plain text version of it with your mailer. [http://beta.suse.com/private/SLE12/suse_logo_color-reduced.png] [https://www.suse.com/betaprogram/wp-content/uploads/2017/09/caasp-logo-beta-2-new.png] We are happy to announce SUSE CaaS Platform 2 Release Candidate 1! Download ? Please check out our dedicated SUSE CaaS Platform Beta web page, where you will find all the information needed around SUSE CaaS Platform Beta. What?s New with SUSE CaaS Platform 2 RC 1? * K8s Multi-Master: Kubernetes Multi Master for building High-Availability clusters. * caasp-cli: It's the new command line client for interacting with a CaaS Platform cluster. See for details. * Dex: Dex is an identity service that uses OpenID Connect to drive authentication for other apps. See for details. * OpenLDAP2: OpenLDAP2 running on an SLE12 container guest. Things to consider for this Beta? * DHCP Your DHCP server should provide resolveable hostnames. If this is not the case like with libvirt/KVM, you should consider providing one yourself by appending this kernel parameter "hostname=HOSTNAME" during installation. However, the kubeconfig file downloaded from the Dashboard could contain an incorrect "server" hostname that should be replaced with the IP address of your Master. For more information read: https://en.opensuse.org/SDB:Linuxrc#Network_Configuration * Autoyast/VMX-Images If you install via autoyast or one of the provided VMX beta images (KVM,Xen,VMware,...) please set a password or SSH key via cloud-init to be able to login. Release plan ? Release Notes ? Documentation ? Have fun beta testing! Your SUSE Linux Enterprise Team Please refer to our dedicated SUSE CaaSP Beta Program webpage for any general information. However, do not hesitate to contact us at beta-programs at lists.suse.com if you have any questions. You received this email because you're signed up to get updates from us. Click here to unsubscribe. _______________________________________________ caasp-beta mailing list caasp-beta at lists.suse.com http://lists.suse.com/mailman/listinfo/caasp-beta _______________________________________________ caasp-beta mailing list caasp-beta at lists.suse.com http://lists.suse.com/mailman/listinfo/caasp-beta -- Senior Engineer Linux Services Manager Novacoast, Inc. Mobile: (310) 243-6971 Office: (800) 949-9933 x1337 http://www.novacoast.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 2957 bytes Desc: image001.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.png Type: image/png Size: 1200 bytes Desc: image002.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.png Type: image/png Size: 790 bytes Desc: image003.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.png Type: image/png Size: 764 bytes Desc: image004.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.png Type: image/png Size: 756 bytes Desc: image005.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.png Type: image/png Size: 944 bytes Desc: image006.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image007.png Type: image/png Size: 802 bytes Desc: image007.png URL: From rob.decanha-knight at suse.com Tue Oct 3 09:05:23 2017 From: rob.decanha-knight at suse.com (Rob de Canha-Knight) Date: Tue, 3 Oct 2017 15:05:23 +0000 Subject: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password In-Reply-To: <8A3D53AB-B5CA-48DE-90C2-E2612D66F11A@suse.com> References: <59CAB917020000B90020DBE4@smtp.nue.novell.com> <2D840902-1A48-4698-B71E-DDD40FC7DEF7@sap.com> <1506524690.17636.76.camel@suse.com> <9da31932-20c8-be5e-a814-565492e1a683@novacoast.com> <8A3D53AB-B5CA-48DE-90C2-E2612D66F11A@suse.com> Message-ID: <61D5C7DA-74B8-4774-8059-7F0D099B8E07@suse.com> Hi Dan. My apologies but the port I previously gave is incorrect. The login string should look like: caasp-cli login -s https://master.caaspdemo.geeko.ninja:6443 -u rob at suse.com -p password So port 6443. Please also make sure you?re using the master nodes full fqdn that you inputted during the velum setup phase as well. ---- Rob de Canha-Knight EMEA Platform and Management Technical Strategist SUSE rob.decanha-knight at suse.com (Fuze/VOIP) +44 (0) 1635 937689 (M) +44 (0) 7392 087303 (TW) rssfed23 ---- [005168] [cid:image002.png at 01D33C61.6A46DE80] [cid:image003.png at 01D33C61.6A46DE80] [cid:image004.png at 01D33C61.6A46DE80] [cid:image005.png at 01D33C61.6A46DE80] [cid:image006.png at 01D33C61.6A46DE80] [cid:image007.png at 01D33C61.6A46DE80] From: on behalf of Rob de Canha-Knight Date: Tuesday, 3 October 2017 at 14:58 To: Dan Elder , "caasp-beta at lists.suse.com" Subject: Re: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password Hi Dan. In the log you?ve provided you?re using the admin server for the ?s argument I believe. You must use https://:8443 as the address for the k8s master node (noting correct port and https). Please let us know how you get on. Rob ---- Rob de Canha-Knight EMEA Platform and Management Technical Strategist SUSE rob.decanha-knight at suse.com (Fuze/VOIP) +44 (0) 1635 937689 (M) +44 (0) 7392 087303 (TW) rssfed23 ---- [05168] [cid:image009.png at 01D33C61.6A46DE80] [cid:image010.png at 01D33C61.6A46DE80] [cid:image011.png at 01D33C61.6A46DE80] [cid:image012.png at 01D33C61.6A46DE80] [cid:image013.png at 01D33C61.6A46DE80] [cid:image014.png at 01D33C61.6A46DE80] From: on behalf of Dan Elder Date: Tuesday, 3 October 2017 at 05:15 To: "caasp-beta at lists.suse.com" Subject: Re: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password I haven't had any luck authentication with caasp-cli unfortunately. The credentials I supply work fine for Velum but caasp-cli says they're invalid (output attached). Is there some log I can pull from the admin node or somewhere else to troubleshoot this? I've done 2 installs and gotten the same result both times. Thanks, Dan On 09/27/2017 08:04 AM, Paul Gonin wrote: Hi, It should be on the media so you can install it on the admin node It is installed by default on admin node. You can also get (currently) rpms for different openSUSE/SUSE flavors https://build.opensuse.org/repositories/devel:CaaSP:Head:ControllerNode/caasp-cli And there is also a windows Build from Rob https://github.com/rssfed23/caasp-cli-windows/releases Tested / works but not supported (yet, but I assume to come) Once you have caasp-cli export KUBECONFIG= (set KUBECONFIG=kubeconfig in windows cmd shell) caasp-cli login -u caasp-user -p caasp-password -s https://caasp.fqdn:6443 and then you can use kubectl as previously For caasp-user and caasp-password you can use caasp admin credentials. You can also create users in local ldap rgds Paul Le mercredi 27 septembre 2017 ? 14:52 +0000, Ns, Rushi a ?crit : Thanks, where can I download . I see from github I can?t download the link . https://github.com/kubic-project/caasp-cli Best Regards, Rushi. I MAY BE ONLY ONE PERSON, BUT I CAN BE ONE PERSON WHO MAKES A DIFFERENCE From: Paul Gonin Date: Tuesday, September 26, 2017 at 1:31 PM To: "caasp-beta at lists.suse.com"

on behalf of SUSE Beta Program

Reply-To: SUSE Beta Program

Date: Friday, September 22, 2017 at 7:48 AM To: "caasp-beta at lists.suse.com"

Subject: [caasp-beta] [ANNOUNCE] SUSE Container as a Service Platform 2 RC 1 is available! Having trouble viewing this email? Please check the plain text version of it with your mailer. [http://beta.suse.com/private/SLE12/suse_logo_color-reduced.png] [https://www.suse.com/betaprogram/wp-content/uploads/2017/09/caasp-logo-beta-2-new.png] We are happy to announce SUSE CaaS Platform 2 Release Candidate 1! Download ? Please check out our dedicated SUSE CaaS Platform Beta web page, where you will find all the information needed around SUSE CaaS Platform Beta. What?s New with SUSE CaaS Platform 2 RC 1? * K8s Multi-Master: Kubernetes Multi Master for building High-Availability clusters. * caasp-cli: It's the new command line client for interacting with a CaaS Platform cluster. See for details. * Dex: Dex is an identity service that uses OpenID Connect to drive authentication for other apps. See for details. * OpenLDAP2: OpenLDAP2 running on an SLE12 container guest. Things to consider for this Beta? * DHCP Your DHCP server should provide resolveable hostnames. If this is not the case like with libvirt/KVM, you should consider providing one yourself by appending this kernel parameter "hostname=HOSTNAME" during installation. However, the kubeconfig file downloaded from the Dashboard could contain an incorrect "server" hostname that should be replaced with the IP address of your Master. For more information read: https://en.opensuse.org/SDB:Linuxrc#Network_Configuration * Autoyast/VMX-Images If you install via autoyast or one of the provided VMX beta images (KVM,Xen,VMware,...) please set a password or SSH key via cloud-init to be able to login. Release plan ? Release Notes ? Documentation ? Have fun beta testing! Your SUSE Linux Enterprise Team Please refer to our dedicated SUSE CaaSP Beta Program webpage for any general information. However, do not hesitate to contact us at beta-programs at lists.suse.com if you have any questions. You received this email because you're signed up to get updates from us. Click here to unsubscribe. _______________________________________________ caasp-beta mailing list caasp-beta at lists.suse.com http://lists.suse.com/mailman/listinfo/caasp-beta _______________________________________________ caasp-beta mailing list caasp-beta at lists.suse.com http://lists.suse.com/mailman/listinfo/caasp-beta -- Senior Engineer Linux Services Manager Novacoast, Inc. Mobile: (310) 243-6971 Office: (800) 949-9933 x1337 http://www.novacoast.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 2957 bytes Desc: image001.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.png Type: image/png Size: 1200 bytes Desc: image002.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.png Type: image/png Size: 790 bytes Desc: image003.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.png Type: image/png Size: 764 bytes Desc: image004.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.png Type: image/png Size: 756 bytes Desc: image005.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.png Type: image/png Size: 944 bytes Desc: image006.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image007.png Type: image/png Size: 802 bytes Desc: image007.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image008.png Type: image/png Size: 2958 bytes Desc: image008.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image009.png Type: image/png Size: 1201 bytes Desc: image009.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image010.png Type: image/png Size: 791 bytes Desc: image010.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image011.png Type: image/png Size: 765 bytes Desc: image011.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image012.png Type: image/png Size: 757 bytes Desc: image012.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image013.png Type: image/png Size: 945 bytes Desc: image013.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image014.png Type: image/png Size: 803 bytes Desc: image014.png URL: From rushi.ns at sap.com Tue Oct 3 09:07:16 2017 From: rushi.ns at sap.com (Ns, Rushi) Date: Tue, 3 Oct 2017 15:07:16 +0000 Subject: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password In-Reply-To: <8A3D53AB-B5CA-48DE-90C2-E2612D66F11A@suse.com> References: <59CAB917020000B90020DBE4@smtp.nue.novell.com> <2D840902-1A48-4698-B71E-DDD40FC7DEF7@sap.com> <1506524690.17636.76.camel@suse.com> <9da31932-20c8-be5e-a814-565492e1a683@novacoast.com> <8A3D53AB-B5CA-48DE-90C2-E2612D66F11A@suse.com> Message-ID: Hi Rob, Whatever you have mentioned is not really working in reality. Using CAASP-cli is not at all authenticating and I spent 2 days to find a way to connect to cluster. VELUM is fine, I can logon with registed email but nothing can be done after that such as installing kubernetes dashboard is not ? first of all need to know how to connect with CAASP-CLI because there is no users created other than VELUM web login which was registered. Can you provide some steps how you have doing with caasp-cli..i see lot of things changed on this new release. Best Regards, Rushi. I MAY BE ONLY ONE PERSON, BUT I CAN BE ONE PERSON WHO MAKES A DIFFERENCE From: on behalf of Rob de Canha-Knight Date: Tuesday, October 3, 2017 at 6:57 AM To: Dan Elder , "caasp-beta at lists.suse.com" Subject: Re: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password Hi Dan. In the log you?ve provided you?re using the admin server for the ?s argument I believe. You must use https://:8443 as the address for the k8s master node (noting correct port and https). Please let us know how you get on. Rob ---- Rob de Canha-Knight EMEA Platform and Management Technical Strategist SUSE rob.decanha-knight at suse.com (Fuze/VOIP) +44 (0) 1635 937689 (M) +44 (0) 7392 087303 (TW) rssfed23 ---- [05168] [cid:image002.png at 01D33C1E.A22E8700] [cid:image003.png at 01D33C1E.A22E8700] [cid:image004.png at 01D33C1E.A22E8700] [cid:image005.png at 01D33C1E.A22E8700] [cid:image006.png at 01D33C1E.A22E8700] [cid:image007.png at 01D33C1E.A22E8700] From: on behalf of Dan Elder Date: Tuesday, 3 October 2017 at 05:15 To: "caasp-beta at lists.suse.com" Subject: Re: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password I haven't had any luck authentication with caasp-cli unfortunately. The credentials I supply work fine for Velum but caasp-cli says they're invalid (output attached). Is there some log I can pull from the admin node or somewhere else to troubleshoot this? I've done 2 installs and gotten the same result both times. Thanks, Dan On 09/27/2017 08:04 AM, Paul Gonin wrote: Hi, It should be on the media so you can install it on the admin node It is installed by default on admin node. You can also get (currently) rpms for different openSUSE/SUSE flavors https://build.opensuse.org/repositories/devel:CaaSP:Head:ControllerNode/caasp-cli And there is also a windows Build from Rob https://github.com/rssfed23/caasp-cli-windows/releases Tested / works but not supported (yet, but I assume to come) Once you have caasp-cli export KUBECONFIG= (set KUBECONFIG=kubeconfig in windows cmd shell) caasp-cli login -u caasp-user -p caasp-password -s https://caasp.fqdn:6443 and then you can use kubectl as previously For caasp-user and caasp-password you can use caasp admin credentials. You can also create users in local ldap rgds Paul Le mercredi 27 septembre 2017 ? 14:52 +0000, Ns, Rushi a ?crit : Thanks, where can I download . I see from github I can?t download the link . https://github.com/kubic-project/caasp-cli Best Regards, Rushi. I MAY BE ONLY ONE PERSON, BUT I CAN BE ONE PERSON WHO MAKES A DIFFERENCE From: Paul Gonin Date: Tuesday, September 26, 2017 at 1:31 PM To: "caasp-beta at lists.suse.com"

on behalf of SUSE Beta Program

Reply-To: SUSE Beta Program

Date: Friday, September 22, 2017 at 7:48 AM To: "caasp-beta at lists.suse.com"

Subject: [caasp-beta] [ANNOUNCE] SUSE Container as a Service Platform 2 RC 1 is available! Having trouble viewing this email? Please check the plain text version of it with your mailer. [http://beta.suse.com/private/SLE12/suse_logo_color-reduced.png] [https://www.suse.com/betaprogram/wp-content/uploads/2017/09/caasp-logo-beta-2-new.png] We are happy to announce SUSE CaaS Platform 2 Release Candidate 1! Download ? Please check out our dedicated SUSE CaaS Platform Beta web page, where you will find all the information needed around SUSE CaaS Platform Beta. What?s New with SUSE CaaS Platform 2 RC 1? * K8s Multi-Master: Kubernetes Multi Master for building High-Availability clusters. * caasp-cli: It's the new command line client for interacting with a CaaS Platform cluster. See for details. * Dex: Dex is an identity service that uses OpenID Connect to drive authentication for other apps. See for details. * OpenLDAP2: OpenLDAP2 running on an SLE12 container guest. Things to consider for this Beta? * DHCP Your DHCP server should provide resolveable hostnames. If this is not the case like with libvirt/KVM, you should consider providing one yourself by appending this kernel parameter "hostname=HOSTNAME" during installation. However, the kubeconfig file downloaded from the Dashboard could contain an incorrect "server" hostname that should be replaced with the IP address of your Master. For more information read: https://en.opensuse.org/SDB:Linuxrc#Network_Configuration * Autoyast/VMX-Images If you install via autoyast or one of the provided VMX beta images (KVM,Xen,VMware,...) please set a password or SSH key via cloud-init to be able to login. Release plan ? Release Notes ? Documentation ? Have fun beta testing! Your SUSE Linux Enterprise Team Please refer to our dedicated SUSE CaaSP Beta Program webpage for any general information. However, do not hesitate to contact us at beta-programs at lists.suse.com if you have any questions. You received this email because you're signed up to get updates from us. Click here to unsubscribe. _______________________________________________ caasp-beta mailing list caasp-beta at lists.suse.com http://lists.suse.com/mailman/listinfo/caasp-beta _______________________________________________ caasp-beta mailing list caasp-beta at lists.suse.com http://lists.suse.com/mailman/listinfo/caasp-beta -- Senior Engineer Linux Services Manager Novacoast, Inc. Mobile: (310) 243-6971 Office: (800) 949-9933 x1337 http://www.novacoast.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 2958 bytes Desc: image001.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.png Type: image/png Size: 1201 bytes Desc: image002.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.png Type: image/png Size: 791 bytes Desc: image003.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.png Type: image/png Size: 765 bytes Desc: image004.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.png Type: image/png Size: 757 bytes Desc: image005.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.png Type: image/png Size: 945 bytes Desc: image006.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image007.png Type: image/png Size: 803 bytes Desc: image007.png URL: From rob.decanha-knight at suse.com Tue Oct 3 09:17:57 2017 From: rob.decanha-knight at suse.com (Rob de Canha-Knight) Date: Tue, 3 Oct 2017 15:17:57 +0000 Subject: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password In-Reply-To: References: <59CAB917020000B90020DBE4@smtp.nue.novell.com> <2D840902-1A48-4698-B71E-DDD40FC7DEF7@sap.com> <1506524690.17636.76.camel@suse.com> <9da31932-20c8-be5e-a814-565492e1a683@novacoast.com> <8A3D53AB-B5CA-48DE-90C2-E2612D66F11A@suse.com> Message-ID: Rushi. The details I provided below on caasp-cli is how I?ve been using caasp-cli since day one. I?ve just tried again on a new cluster and running caasp-cli login -s https://master.caaspdemo.geeko.ninja:6443 -u rob.decanha-knight at suse.com -p mypassword Where ?u is the email address of the user I created during velum first startup/login. Worked fine for me. I don?t have any other documents to hand (other than the attached) around logging in so all I can personally suggest is to make sure you?re using https and port 6443 of the kubernetes master after -s. I?ve also attached the main bit of documentation we have around the caasp-cli client (which will make it?s way into the version 2 final release). I would suggest trying again from scratch with a new cluster instance of RC1 (including downloading and installing the updated caasp-cli client available from https://github.com/kubic-project/caasp-cli/releases as this one is working fine for me). Make a note of every command you are running and the output it provides and you can send those details to this list as at the moment the information in the thread is a bit scattered and I can?t tell accurately what?s going on or what?s being done by the user. Yes there are a lot of changes in this release mainly an updated k8s version and a feature much requested by customers (I remember during 1.0 betas you also requested for user management and this is how we?ve implemented it). I?ve also attached the details on how to create/manage additional user accounts through ldap as well as the caasp-cli guidance that we have. As one of our closest partners you also have the option of reaching out to your partner sales engineer/rep for your region and discussing it directly with them. They should be able to go onsite and help you if asked to get things up and running for your team. All the best, Rob ---- Rob de Canha-Knight EMEA Platform and Management Technical Strategist SUSE rob.decanha-knight at suse.com (Fuze/VOIP) +44 (0) 1635 937689 (M) +44 (0) 7392 087303 (TW) rssfed23 ---- [005168] [cid:image002.png at 01D33C63.2B67FB20] [cid:image003.png at 01D33C63.2B67FB20] [cid:image004.png at 01D33C63.2B67FB20] [cid:image005.png at 01D33C63.2B67FB20] [cid:image006.png at 01D33C63.2B67FB20] [cid:image007.png at 01D33C63.2B67FB20] From: "Ns, Rushi" Date: Tuesday, 3 October 2017 at 16:07 To: "caasp-beta at lists.suse.com" , Dan Elder , Rob de Canha-Knight Subject: Re: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password Hi Rob, Whatever you have mentioned is not really working in reality. Using CAASP-cli is not at all authenticating and I spent 2 days to find a way to connect to cluster. VELUM is fine, I can logon with registed email but nothing can be done after that such as installing kubernetes dashboard is not ? first of all need to know how to connect with CAASP-CLI because there is no users created other than VELUM web login which was registered. Can you provide some steps how you have doing with caasp-cli..i see lot of things changed on this new release. Best Regards, Rushi. I MAY BE ONLY ONE PERSON, BUT I CAN BE ONE PERSON WHO MAKES A DIFFERENCE From: on behalf of Rob de Canha-Knight Date: Tuesday, October 3, 2017 at 6:57 AM To: Dan Elder , "caasp-beta at lists.suse.com" Subject: Re: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password Hi Dan. In the log you?ve provided you?re using the admin server for the ?s argument I believe. You must use https://:8443 as the address for the k8s master node (noting correct port and https). Please let us know how you get on. Rob ---- Rob de Canha-Knight EMEA Platform and Management Technical Strategist SUSE rob.decanha-knight at suse.com (Fuze/VOIP) +44 (0) 1635 937689 (M) +44 (0) 7392 087303 (TW) rssfed23 ---- [5168] [cid:image009.png at 01D33C63.2B67FB20] [cid:image010.png at 01D33C63.2B67FB20] [cid:image011.png at 01D33C63.2B67FB20] [cid:image012.png at 01D33C63.2B67FB20] [cid:image013.png at 01D33C63.2B67FB20] [cid:image014.png at 01D33C63.2B67FB20] From: on behalf of Dan Elder Date: Tuesday, 3 October 2017 at 05:15 To: "caasp-beta at lists.suse.com" Subject: Re: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password I haven't had any luck authentication with caasp-cli unfortunately. The credentials I supply work fine for Velum but caasp-cli says they're invalid (output attached). Is there some log I can pull from the admin node or somewhere else to troubleshoot this? I've done 2 installs and gotten the same result both times. Thanks, Dan On 09/27/2017 08:04 AM, Paul Gonin wrote: Hi, It should be on the media so you can install it on the admin node It is installed by default on admin node. You can also get (currently) rpms for different openSUSE/SUSE flavors https://build.opensuse.org/repositories/devel:CaaSP:Head:ControllerNode/caasp-cli And there is also a windows Build from Rob https://github.com/rssfed23/caasp-cli-windows/releases Tested / works but not supported (yet, but I assume to come) Once you have caasp-cli export KUBECONFIG= (set KUBECONFIG=kubeconfig in windows cmd shell) caasp-cli login -u caasp-user -p caasp-password -s https://caasp.fqdn:6443 and then you can use kubectl as previously For caasp-user and caasp-password you can use caasp admin credentials. You can also create users in local ldap rgds Paul Le mercredi 27 septembre 2017 ? 14:52 +0000, Ns, Rushi a ?crit : Thanks, where can I download . I see from github I can?t download the link . https://github.com/kubic-project/caasp-cli Best Regards, Rushi. I MAY BE ONLY ONE PERSON, BUT I CAN BE ONE PERSON WHO MAKES A DIFFERENCE From: Paul Gonin Date: Tuesday, September 26, 2017 at 1:31 PM To: "caasp-beta at lists.suse.com"

on behalf of SUSE Beta Program

Reply-To: SUSE Beta Program

Date: Friday, September 22, 2017 at 7:48 AM To: "caasp-beta at lists.suse.com"

Subject: [caasp-beta] [ANNOUNCE] SUSE Container as a Service Platform 2 RC 1 is available! Having trouble viewing this email? Please check the plain text version of it with your mailer. [http://beta.suse.com/private/SLE12/suse_logo_color-reduced.png] [https://www.suse.com/betaprogram/wp-content/uploads/2017/09/caasp-logo-beta-2-new.png] We are happy to announce SUSE CaaS Platform 2 Release Candidate 1! Download ? Please check out our dedicated SUSE CaaS Platform Beta web page, where you will find all the information needed around SUSE CaaS Platform Beta. What?s New with SUSE CaaS Platform 2 RC 1? * K8s Multi-Master: Kubernetes Multi Master for building High-Availability clusters. * caasp-cli: It's the new command line client for interacting with a CaaS Platform cluster. See for details. * Dex: Dex is an identity service that uses OpenID Connect to drive authentication for other apps. See for details. * OpenLDAP2: OpenLDAP2 running on an SLE12 container guest. Things to consider for this Beta? * DHCP Your DHCP server should provide resolveable hostnames. If this is not the case like with libvirt/KVM, you should consider providing one yourself by appending this kernel parameter "hostname=HOSTNAME" during installation. However, the kubeconfig file downloaded from the Dashboard could contain an incorrect "server" hostname that should be replaced with the IP address of your Master. For more information read: https://en.opensuse.org/SDB:Linuxrc#Network_Configuration * Autoyast/VMX-Images If you install via autoyast or one of the provided VMX beta images (KVM,Xen,VMware,...) please set a password or SSH key via cloud-init to be able to login. Release plan ? Release Notes ? Documentation ? Have fun beta testing! Your SUSE Linux Enterprise Team Please refer to our dedicated SUSE CaaSP Beta Program webpage for any general information. However, do not hesitate to contact us at beta-programs at lists.suse.com if you have any questions. You received this email because you're signed up to get updates from us. Click here to unsubscribe. _______________________________________________ caasp-beta mailing list caasp-beta at lists.suse.com http://lists.suse.com/mailman/listinfo/caasp-beta _______________________________________________ caasp-beta mailing list caasp-beta at lists.suse.com http://lists.suse.com/mailman/listinfo/caasp-beta -- Senior Engineer Linux Services Manager Novacoast, Inc. Mobile: (310) 243-6971 Office: (800) 949-9933 x1337 http://www.novacoast.com/ -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 2957 bytes Desc: image001.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image002.png Type: image/png Size: 1200 bytes Desc: image002.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image003.png Type: image/png Size: 790 bytes Desc: image003.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image004.png Type: image/png Size: 764 bytes Desc: image004.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image005.png Type: image/png Size: 756 bytes Desc: image005.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image006.png Type: image/png Size: 944 bytes Desc: image006.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image007.png Type: image/png Size: 802 bytes Desc: image007.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image008.png Type: image/png Size: 2959 bytes Desc: image008.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image009.png Type: image/png Size: 1202 bytes Desc: image009.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image010.png Type: image/png Size: 792 bytes Desc: image010.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image011.png Type: image/png Size: 766 bytes Desc: image011.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image012.png Type: image/png Size: 758 bytes Desc: image012.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image013.png Type: image/png Size: 946 bytes Desc: image013.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image014.png Type: image/png Size: 804 bytes Desc: image014.png URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Documentation_RBAC_RBAC-LoggingIn.pdf Type: application/pdf Size: 122165 bytes Desc: Documentation_RBAC_RBAC-LoggingIn.pdf URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: Documentation_RBAC_RBAC-AdminHowto.pdf Type: application/pdf Size: 171023 bytes Desc: Documentation_RBAC_RBAC-AdminHowto.pdf URL: From DElder at novacoast.com Tue Oct 3 09:52:57 2017 From: DElder at novacoast.com (Dan Elder) Date: Tue, 3 Oct 2017 15:52:57 +0000 Subject: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password In-Reply-To: <61D5C7DA-74B8-4774-8059-7F0D099B8E07@suse.com> References: <59CAB917020000B90020DBE4@smtp.nue.novell.com> <2D840902-1A48-4698-B71E-DDD40FC7DEF7@sap.com> <1506524690.17636.76.camel@suse.com> <9da31932-20c8-be5e-a814-565492e1a683@novacoast.com> <8A3D53AB-B5CA-48DE-90C2-E2612D66F11A@suse.com> <61D5C7DA-74B8-4774-8059-7F0D099B8E07@suse.com> Message-ID: <0c0e8b87-c92c-eeae-64ea-ce8779d0bcde@novacoast.com> Hi Rob, I apologize, my naming conventions are a little different so for clarification purposes: caasp-controller.suserd.com -> admin (Velum) node caasp-admin.suserd.com -> k8 master node caasp-worker1.suserd.com -> k8 worker node caasp-worker2.suserd.com -> k8 worker node In my case, caasp-admin.suserd.com is the master node (I'll cleanup the names in the future). I've tried using caasp-cli on an OpenSUSE Leap 42.3 (caasp-cli-0.0.1+20170929.git_r32_b195256-1.1.x86_64) and the k8 master (caasp-cli-0.0.1+20170914.git_r18_acbee3b-1.2.x86_64) but get the same result. The only system listening on 6443 in my environment is the k8 master (caasp-admin.suserd.com). The nodes themselves are assigned addresses and hostnames from the DHCP server and all entries are also in DNS. Time is in sync across the nodes. I don't see anything obvious in any of the logs on the k8 master but any pointers on what I should be looking for would be helpful. Thanks, Dan On 10/03/2017 08:05 AM, Rob de Canha-Knight wrote: Hi Dan. My apologies but the port I previously gave is incorrect. The login string should look like: caasp-cli login -s https://master.caaspdemo.geeko.ninja:6443 -u rob at suse.com -p password So port 6443. Please also make sure you?re using the master nodes full fqdn that you inputted during the velum setup phase as well. ---- Rob de Canha-Knight EMEA Platform and Management Technical Strategist SUSE rob.decanha-knight at suse.com (Fuze/VOIP) +44 (0) 1635 937689 (M) +44 (0) 7392 087303 (TW) rssfed23 ---- [005168] [cid:part4.714502EC.5AADC203 at novacoast.com] [cid:part5.842FE9DB.80951553 at novacoast.com] [cid:part7.F607605D.3B851C1C at novacoast.com] [cid:part9.990F13B7.D6C7161C at novacoast.com] [cid:part11.EC41E238.27F56FAE at novacoast.com] [cid:part13.FCB4F465.A70B313C at novacoast.com] From:

on behalf of Rob de Canha-Knight

Date: Tuesday, 3 October 2017 at 14:58 To: Dan Elder , "caasp-beta at lists.suse.com"

Subject: Re: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password Hi Dan. In the log you?ve provided you?re using the admin server for the ?s argument I believe. You must use https://:8443 as the address for the k8s master node (noting correct port and https). Please let us know how you get on. Rob ---- Rob de Canha-Knight EMEA Platform and Management Technical Strategist SUSE rob.decanha-knight at suse.com (Fuze/VOIP) +44 (0) 1635 937689 (M) +44 (0) 7392 087303 (TW) rssfed23 ---- [05168] [cid:part19.B071E236.E51BA630 at novacoast.com] [cid:part20.36AA1A29.2A18AF08 at novacoast.com] [cid:part22.2C336149.D98F4C92 at novacoast.com] [cid:part24.66A991B7.C5771134 at novacoast.com] [cid:part26.40204B51.02A8D9DB at novacoast.com] [cid:part28.E493266E.994C27B6 at novacoast.com] From:

on behalf of Dan Elder Date: Tuesday, 3 October 2017 at 05:15 To: "caasp-beta at lists.suse.com"

Subject: Re: [caasp-beta] [Newsletter] Re: RE : kubectl requires username and password I haven't had any luck authentication with caasp-cli unfortunately. The credentials I supply work fine for Velum but caasp-cli says they're invalid (output attached). Is there some log I can pull from the admin node or somewhere else to troubleshoot this? I've done 2 installs and gotten the same result both times. Thanks, Dan On 09/27/2017 08:04 AM, Paul Gonin wrote: Hi, It should be on the media so you can install it on the admin node It is installed by default on admin node. You can also get (currently) rpms for different openSUSE/SUSE flavors https://build.opensuse.org/repositories/devel:CaaSP:Head:ControllerNode/caasp-cli And there is also a windows Build from Rob https://github.com/rssfed23/caasp-cli-windows/releases Tested / works but not supported (yet, but I assume to come) Once you have caasp-cli export KUBECONFIG= (set KUBECONFIG=kubeconfig in windows cmd shell) caasp-cli login -u caasp-user -p caasp-password -s https://caasp.fqdn:6443 and then you can use kubectl as previously For caasp-user and caasp-password you can use caasp admin credentials. You can also create users in local ldap rgds Paul Le mercredi 27 septembre 2017 ? 14:52 +0000, Ns, Rushi a ?crit : Thanks, where can I download . I see from github I can?t download the link . https://github.com/kubic-project/caasp-cli Best Regards, Rushi. I MAY BE ONLY ONE PERSON, BUT I CAN BE ONE PERSON WHO MAKES A DIFFERENCE From: Paul Gonin Date: Tuesday, September 26, 2017 at 1:31 PM To: "caasp-beta at lists.suse.com"

on behalf of SUSE Beta Program

Reply-To: SUSE Beta Program

Date: Friday, September 22, 2017 at 7:48 AM To: "caasp-beta at lists.suse.com"