[caasp-beta] CaaS 1.0 beta2 pods issues with behind proxy server
Robert Roland
robert.roland at suse.com
Wed Apr 26 09:53:01 MDT 2017
No, this file can stay the same. The "kube-proxy" is used for Kubernetes
service traffic coming into the cluster from external sources, or from
nodes. It's unrelated to a Internet proxy.
On 04/25/2017 09:39 PM, Ns, Rushi wrote:
> Hi Robert,
>
> What about this file. Do I have to add the same info.
>
> /etc/kubernetes # more proxy
> ###
> # kubernetes proxy config
>
> # default config should be adequate
>
> # Add your own!
> KUBE_PROXY_ARGS="\
> --kubeconfig=/var/lib/kubelet/kubeconfig \
> --proxy-mode=iptables \
> \
> --v=2"
>
>
>
> Best Regards,
>
> Rushi.
> I MAY BE ONLY ONE PERSON, BUT I CAN BE ONE PERSON WHO MAKES A DIFFERENCE
>
>
> On 4/26/17, 6:09 AM, "Ns, Rushi" <rushi.ns at sap.com> wrote:
>
> Hi Robert,
>
> Thanks I have done those already but nothing working except you mentioned “cluster.local” which is missing. I will try this and let you know.
>
> As you mentioned you should try to provide that information during the installation or some sort of post-steps as all most all enterprise customers have proxy to go internet.
>
> You should try similar to what Redhat openshift container platform installation way they have a step where they ask the below proxy details during simple or advanced installation method.
> FYI, I have few clusters with openshift_container_platform and It works , whereas CAASP I am having issues ? ii have informed this to one of your engineer (Alejandro Bonilla) directly before asking the list community) . Anyways I will try adding the missing parameter and let you know my results.
>
>
>
> ==============Redhat Openshift Container Platform Installation step====================
> If a proxy is needed to reach HTTP and HTTPS traffic please enter the name below.
>
> This proxy will be configured by default for all processes needing to reach systems outside
>
> the cluster.
>
> More advanced configuration is possible if using ansible directly:
> https://docs.openshift.com/enterprise/latest/install_config/http_proxies.html
> Specify your http proxy ? (ENTER for none) []: http://proxy.pal.sap.corp:8080
>
> Specify your https proxy ? (ENTER for none) [http://proxy.pal.sap.corp:8080]:
>
> All hosts in your openshift inventory will automatically be added to the NO_PROXY value.
>
> Please provide any additional hosts to be added to NO_PROXY. (ENTER for none)
>
> []:
>
> *** Installation Summary ***
> ==============Redhat Openshift Container Platform Installation step====================
>
> Best Regards,
>
> Rushi.
> I MAY BE ONLY ONE PERSON, BUT I CAN BE ONE PERSON WHO MAKES A DIFFERENCE
>
>
> On 4/25/17, 9:54 PM, "caasp-beta-bounces at lists.suse.com on behalf of Robert Roland" <caasp-beta-bounces at lists.suse.com on behalf of robert.roland at suse.com> wrote:
>
> Hi there,
>
> Kubernetes pods can run behind a proxy, but this currently requires you
> to edit /etc/sysconfig/docker on each node, and add an entry for your proxy:
>
> HTTP_PROXY=http://proxy:8080
> HTTPS_PROXY=http://proxy:8080
>
> Replace the proxy URL accordingly. After this edit, restart the docker
> daemon with:
>
> sudo systemctl restart docker.service
>
> This will address the Docker daemon's ability to pull containers.
>
> As far as proxied Internet access within the containers themselves, you
> will need to add environment variables to the Kubernetes pod descriptors
> that add the HTTP_PROXY and HTTPS_PROXY and NO_PROXY variables accordingly.
>
> Using the Kubernetes guestbook example, you would add the following to
> the env section here:
> https://github.com/kubernetes/kubernetes/blob/master/examples/guestbook/frontend-deployment.yaml#L33
>
> - name: HTTP_PROXY
> value: http://proxy:8080
> - name: HTTPS_PROXY
> value: http://proxy:8080
> - name: NO_PROXY
> value: 127.0.0.1,localhost,cluster.local
>
> In this example, the NO_PROXY is very important, along with the
> cluster.local entry so that services running within your container
> network are not proxied (using kube-dns for service discovery).
>
> We should improve this situation via configuration (but I can't commit
> to it!) as this will be a common scenario for enterprise customers.
>
> Hope this helps,
>
> Robert
>
> On 04/25/2017 11:31 AM, Ns, Rushi wrote:
> > Hello
> >
> > we are behind proxy server to go internet. Right now I have issue that none of my applications are not active (PODs seems to be not getting created due to image retrieve since we have proxy (http://proxy:8080 ) to use internet.
> >
> > Does anyone have issues like us have proxy server to use ? if I have proxy how do I get applications working such as NGINX or whatever as status shows 0/1 always even the kubernetes dashboard is also failed?
> >
> >
> > NAME READY STATUS RESTARTS AGE
> > kube-loadbalancer-rc-43fbl 0/1 ImagePullBackOff 0 10d
> > loadbalancer-daemon-k69zx 0/1 ImagePullBackOff 0 10d
> > node-hello-3587361488-dlqlr 0/1 ImagePullBackOff 0 10d
> > weave-cortex-agent-1559359561-p4qvm 0/1 ErrImagePull 0 14d
> >
> >
> > Best Regards,
> >
> > Rushi.
> > I MAY BE ONLY ONE PERSON, BUT I CAN BE ONE PERSON WHO MAKES A DIFFERENCE
> >
> >
> > On 4/19/17, 5:26 PM, "caasp-beta-bounces at lists.suse.com on behalf of Rafael Fernández López" <caasp-beta-bounces at lists.suse.com on behalf of rfernandezlopez at suse.com> wrote:
> >
> > Hello,
> >
> > On 04/18/2017 04:27 PM, Mahadevan, Hari wrote:
> > > Using 3 VMware VM’s 1xAdmin, 1xMaster, 1xWorker
> > >
> > >
> > >
> > > Installed each VM individually booting from the iso image, using static
> > > IP address, gateway and DNS for each.
> > >
> > >
> > >
> > > After build the CaaS installer comes up with an incorrect/wierd hostname
> > > for each system
> > >
> > >
> > >
> > > Admin: ppklablinux30.localdomain
> > >
> > > Master: ppklablinux31.localdomain
> > >
> > > Worker: null-0050568c7c69
> >
> > Could you please login into the Admin node and provide the output of the
> > following commands?
> >
> > > docker exec -it $(docker ps | grep velum-dashboard | awk '{print $1}')
> > bundle exec rails runner "puts Pillar.all.to_json"
> >
> > and
> >
> > > docker exec -it $(docker ps | grep velum-dashboard | awk '{print $1}')
> > bundle exec rails runner "puts SaltEvent.all.to_json"
> >
> >
> > Thank you,
> > Rafael Fernández López.
> >
> >
> >
> > _______________________________________________
> > caasp-beta mailing list
> > caasp-beta at lists.suse.com
> > http://lists.suse.com/mailman/listinfo/caasp-beta
>
> _______________________________________________
> caasp-beta mailing list
> caasp-beta at lists.suse.com
> http://lists.suse.com/mailman/listinfo/caasp-beta
>
>
>
>
>
>
More information about the caasp-beta
mailing list