How to re-route the Openshift private address to a public one - openshift-origin

I set up openshift V3 all-in-one on a VM in the cloud so how can I contact it as the address is private and internal.
I think I have to start Vagrand with some magic parameters but I haven't clue about them.
Thanks

When testing Openshift, I deployed the all in one VM in an Openstack instance.
To be able to access Openshift, I had to change master-config.yaml configuration (which in the VM is located in /var/lib/origin/openshift.local.config/master/master-config.yaml)
Changing all references of the internal IP (10.2.2.2) to my public domain (https://my-domain.com:8443) did the trick.
I also had to regenerate the server certificates, including the public IP of my Openstack instance, this way:
oadm ca create-server-cert --cert=master.server.crt --key=master.server.key --signer-cert=/var/lib/origin/openshift.local.config/master/ca.crt --signer-key=/var/lib/origin/openshift.local.config/master/ca.key --signer-serial=/var/lib/origin/openshift.local.config/master/ca.serial.txt --hostnames=kubernetes.default.svc,kubernetes.default.svc.cluster.local,localhost,openshift.default.svc.cluster.local,127.0.0.1,10.2.2.2,yourdomain.com,yourpublicIP
Hope this helps

Here is what I've tried (in an answer to better document my attempts)
1 -
systemctl stop origin
2 -
oadm ca create-server-cert --cert=/var/lib/origin/openshift.local.config/master/master.server.crt --key=/var/lib/origin/openshift.local.config/master/master.server.key --signer-cert=/var/lib/origin/openshift.local.config/master/ca.crt --signer-key=/var/lib/origin/openshift.local.config/master/ca.key --signer-serial=/var/lib/origin/openshift.local.config/master/ca.serial.txt --hostnames=kubernetes.default.svc,kubernetes.default.svc.cluster.local,localhost,openshift.default.svc.cluster.local,127.0.0.1,192.168.76.120
3 -
edit /var/lib/origin/openshift.local.config/master/master-config.yaml, replace all occurences of "10.2.2.2" with "192.168.76.120"
4 -
edit /etc/systemd/system/origin.service, replace "10.2.2.2" with "192.168.76.120"
5 -
systemctl daemon-reload
6 -
systemctl start origin
Following these steps, I get the following in the /var/log/messages:
Dec 29 21:12:29 localhost systemd: Starting Session 7 of user root.
Dec 29 21:13:30 localhost systemd: Starting OpenShift...
Dec 29 21:13:30 localhost openshift: W1229 16:13:30.512389 9725 start_master.go:272] Warning: assetConfig.loggingPublicURL: Invalid value: "": required to view aggregated container logs in the console, master start will continue.
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.525718 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.ClusterPolicyBinding: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.525809 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.ClusterPolicy: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.526034 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.Policy: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.526127 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.PolicyBinding: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.526417 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.Group: client: etcd cluster is unavailable or misconfigured
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.527610 9725 reflector.go:203] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/admission.go:154: Failed to list *api.LimitRange: Get https://10.2.2.2:8443/api/v1/limitranges?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.528199 9725 reflector.go:203] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/namespace/lifecycle/admission.go:122: Failed to list *api.Namespace: Get https://10.2.2.2:8443/api/v1/namespaces?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530127 9725 reflector.go:203] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/limitranger/admission.go:154: Failed to list *api.LimitRange: Get https://10.2.2.2:8443/api/v1/limitranges?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530246 9725 reflector.go:214] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/admission.go:103: Failed to list *api.ServiceAccount: Get https://10.2.2.2:8443/api/v1/serviceaccounts?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530309 9725 reflector.go:214] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/serviceaccount/admission.go:119: Failed to list *api.Secret: Get https://10.2.2.2:8443/api/v1/secrets?fieldSelector=type%3Dkubernetes.io%2Fservice-account-token&resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530494 9725 reflector.go:214] github.com/openshift/origin/vendor/k8s.io/kubernetes/plugin/pkg/admission/resourcequota/resource_access.go:83: Failed to list *api.ResourceQuota: Get https://10.2.2.2:8443/api/v1/resourcequotas?resourceVersion=0: dial tcp 10.2.2.2:8443: getsockopt: connection refused
Dec 29 21:13:30 localhost openshift: E1229 16:13:30.530524 9725 cacher.go:220] unexpected ListAndWatch error: pkg/storage/cacher.go:163: Failed to list *api.OAuthAccessToken: client: etcd cluster is unavailable or misconfigured

Related

rabbitmq-server don't start - unable to connect to epmd / Ubuntu 16.04

I followed this guide https://www.rabbitmq.com/install-debian.html and installed rabbitmq-server. However, it won't start with an error message:
Jul 31 20:29:49 76672.local rabbitmqctl[7519]: attempted to contact: [rabbit#76672]
Jul 31 20:29:49 76672.local rabbitmqctl[7519]: rabbit#76672:
Jul 31 20:29:49 76672.local rabbitmqctl[7519]: * unable to connect to epmd (port 4369) on 76672: badarg (unknown POSIX error)
Jul 31 20:29:49 76672.local rabbitmqctl[7519]: current node details:
Jul 31 20:29:49 76672.local rabbitmqctl[7519]: - node name: 'rabbitmq-cli-30#76672'
Jul 31 20:29:49 76672.local rabbitmqctl[7519]: - home dir: /var/lib/rabbitmq
Jul 31 20:29:49 76672.local rabbitmqctl[7519]: - cookie hash: VwJCJ/LkSvmUKaoPOglCcQ==
Jul 31 20:29:49 76672.local systemd[1]: Failed to start RabbitMQ broker.
Jul 31 20:29:49 76672.local systemd[1]: rabbitmq-server.service: Unit entered failed state.
Jul 31 20:29:49 76672.local systemd[1]: rabbitmq-server.service: Failed with result 'exit-code'.
dpkg: error processing package rabbitmq-server (--configure):
subprocess installed post-installation script returned error exit status 1
Processing triggers for systemd (229-4ubuntu17) ...
Processing triggers for ureadahead (0.100.0-19) ...
Errors were encountered while processing:
rabbitmq-server
E: Sub-process /usr/bin/dpkg returned an error code (1)
altor_work#76672:
I tried to do this installation on a clear instance of Ubuntu and got the same error. I googled the error message and it seems I have some problem with network settings - I guess I should change some settings from their default state.
Any idea what needed to be changed? Or with which setting I should take my first try?
P.S. I'm completely novice in Unix. For me, it's just a cloud environment where I run my Python scripts.
I solved my problem by setting HOSTNAME in the file rabbitmq-env.conf. I don't know what exactly caused the problem in the first place.
My settings:
sudo cat /etc/hostname
76672.localhost
sudo cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 ubuntu16.04 ubuntu16
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
127.0.0.1 76672.local
/etc/rabbitmq/rabbitmq-env.conf
# Empty - if the file is empty rabbitmq doesn't start
HOSTNAME=76672.local # With this rabbitmq doesn't start either
HOSTNAME=localhost # With this all works
If it works with localhost setting only please check out the following:
fgrep BindToDevice /lib/systemd/system/epmd.socket

Guacamole fails to connect to xRDP server

I have a xrdp server running and would like to connect to it using Guacamole. However, each time I try to make any RDP connection it always fails with "You Have Been Disconnected." I know it is a fault with guacamole because I can log into xRDP using Remmina RDP client using the same credentials.
Here are my Logs:
/var/run/syslog :
Jul 26 10:02:36 ubuntu guacd[1291]: Creating new client for protocol "rdp"
Jul 26 10:02:36 ubuntu guacd[1291]: Connection ID is "$0c72bf59-0ff9-448d-a5a2-dc3229157122"
Jul 26 10:02:36 ubuntu guacd[5737]: Security mode: ANY
Jul 26 10:02:36 ubuntu guacd[5737]: Resize method: none
Jul 26 10:02:36 ubuntu guacd[5737]: User "#cce2ec3d-03c5-4387-be88-054a00927f56" joined connection "$0c72bf59-0ff9-448d-a5a2-dc3229157122" (1 users now present)
Jul 26 10:02:36 ubuntu guacd[5737]: Loading keymap "base"
Jul 26 10:02:36 ubuntu guacd[5737]: Loading keymap "en-us-qwerty"
Jul 26 10:02:36 ubuntu kernel: [ 4736.455320] guacd[5749]: segfault at 8000000000 ip 0000008000000000 sp 00007f3bc9f8bc98 error 14
Jul 26 10:02:36 ubuntu kernel: [ 4736.455323] traps: guacd[5750] general protection ip:7f3bcb074c69 sp:7f3bc978ac98 error:0
Jul 26 10:02:36 ubuntu kernel: [ 4736.455323]
Jul 26 10:02:36 ubuntu kernel: [ 4736.455325] in libguac.so.5.0.0[7f3bcb070000+d000]
Jul 26 10:02:36 ubuntu guacd[1291]: Connection "$0c72bf59-0ff9-448d-a5a2-dc3229157122" removed.
/var/log/tomcat8/Catalina.out :
10:02:33.079 [http-nio-8080-exec-2] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from 0:0:0:0:0:0:0:1 for user "-------" failed.
10:02:33.943 [http-nio-8080-exec-1] WARN o.a.g.r.auth.AuthenticationService - Authentication attempt from 0:0:0:0:0:0:0:1 for user "jonathan" failed.
10:02:36.100 [http-nio-8080-exec-6] INFO o.a.g.r.auth.AuthenticationService - User "guacadmin" successfully authenticated from 0:0:0:0:0:0:0:1.
10:02:36.241 [http-nio-8080-exec-10] INFO o.a.g.tunnel.TunnelRequestService - User "guacadmin" connected to connection "3".
10:02:38.179 [Thread-7] INFO o.a.g.tunnel.TunnelRequestService - User "guacadmin" disconnected from connection "3". Duration: 1937 milliseconds
Connection settings:
security mode: any
port: 3389
I am on ubuntu server 16.04. Any possible solutions would be much appreciated.
Try:
Removing the [path to libfreerdp*.so]/freerdp/guac*.so files that were copied, assuming this is the case.
Create symbolic links within [path to libfreerdp*.so]/freerdp/ to /usr/local/lib/freerdp/guac*.so, so you do not need to worry about
this going forward.
Source: RDP stopped working v0.9.9 - Apache Guacamole.

mod_jk not changes IP of hostname when occurs changing of IP on DNS

In apache, the module mod_jk not changes IP of hostname when occurs changing of IP on DNS.
Version of apache:
Server version: Apache/2.2.15 (Unix)
Server built: Aug 2 2013 08:02:15
Version mod_jk: 1.2.37
Example:
workers.properties
worker.portalconsultoras_prd.type=ajp13
worker.portalconsultoras_prd.host=hostexample.com.br
worker.portalconsultoras_prd.port=8009
This configuration works fine.
But, when occurs change ip in the host name in DNS, the module md_jk starts fail to connect. Follow below the log of mod_jk:
[Wed Sep 18 12:00:33 2013] [5315:140659824723936] [info] jk_open_socket::jk_connect.c (627): connect to 107.xx.xx.220:8009 failed (errno=115)
[Wed Sep 18 12:00:33 2013] [5315:140659824723936] [info] ajp_connect_to_endpoint::jk_ajp_common.c (995): Failed opening socket to (107.xx.xxx.220:8009) (errno=115)
[Wed Sep 18 12:00:33 2013] [5315:140659824723936] [error] ajp_send_request::jk_ajp_common.c (1630): (portalconsultoras_prd) connecting to backend failed. Tomcat is probably not started or is listening on the wrong port (errno=115)
I would like a configuration of apache that avoid this problem.
Looking for the solutions in google, have turn on the "HostnameLookups", but is inefficient.
Thanks!

Two virtual machines limited in one physical machine above Eucalyptus Xen

I have an Eucalyptus-based cloud using Xen with 3 nodes. When I run a VM more than twice the number of physical machines in the xen cluster, the extra VMs never boot up, they always change state from pending to terminate, and the log file shows the node controller shutoff the extra VM after it check the instances number. When I manually shutdown some VM, then I can easily start up some VM exactly as the number I've shutdown.
The log shows this error:
ERROR: [Tue Jan 17 12:51:05 2012][004231][EUCAERROR ] libvirt: POST
operation failed: xend_post: error from xen daemon: (xend.err 'Device
2049 (vbd) could not be connected. /etc/xen/scripts/block failed;
error detected.') (code=11) [Tue Jan 17 12:51:05
2012][004231][EUCADEBUG ] doDescribeResource() invoked [Tue Jan 17
12:51:06 2012][004231][EUCADEBUG ] doDescribeInstances() invoked [Tue
Jan 17 12:51:06 2012][004231][EUCADEBUG ] doDescribeInstances():
instanceId=i-3BB00757 publicIp=192.168.4.165 privateIp=192.168.4.165
mac=d0:0d:3B:B0:07:57 vlan=-1 networkIndex=-1 [Tue Jan 17 12:51:06
2012][004231][EUCADEBUG ] doDescribeInstances(): instanceId=i-473807EE
publicIp=192.168.4.112 privateIp=192.168.4.112 mac=d0:0d:47:38:07:EE
vlan=-1 networkIndex=-1 [Tue Jan 17 12:51:06 2012][004231][EUCADEBUG ]
doDescribeInstances(): instanceId=i-348A06AE publicIp=0.0.0.0
privateIp=0.0.0.0 mac=d0:0d:34:8A:06:AE vlan=-1 networkIndex=-1 [Tue
Jan 17 12:51:06 2012][004231][EUCAERROR ] libvirt: POST operation
failed: xend_post: error from xen daemon: (xend.err 'Device 2049 (vbd)
could not be connected. /etc/xen/scripts/block failed; error
detected.') (code=11) [Tue Jan 17 12:51:08 2012][004231][EUCAERROR ]
libvirt: POST operation failed: xend_post: error from xen daemon:
(xend.err 'Device 2049 (vbd) could not be connected.
/etc/xen/scripts/block failed; error detected.') (code=11) [Tue Jan 17
12:51:09 2012][004231][EUCAERROR ] libvirt: POST operation failed:
xend_post: error from xen daemon: (xend.err 'Device 2051 (vbd) could
not be connected. /etc/xen/scripts/block failed; error detected.')
(code=11) [Tue Jan 17 12:51:10 2012][004231][EUCAERROR ] libvirt: POST
operation failed: xend_post: error from xen daemon: (xend.err 'Device
2051 (vbd) could not be connected. /etc/xen/scripts/block failed;
error detected.') (code=11) [Tue Jan 17 12:51:10
2012][004231][EUCAFATAL ] hypervisor failed to start domain [Tue Jan
17 12:51:10 2012][004231][EUCADEBUG ] state change for instance
i-348A06AE: Staging -> Shutoff (Extant) [Tue Jan 17 12:51:10
2012][004231][EUCAERROR ] libvirt: Domain not found:
xenUnifiedDomainLookupByName (code=42) [Tue Jan 17 12:51:10
2012][004231][EUCAINFO ] cleaning up state for instance i-348A06AE
Is this a limitation for CentOS 5.* and RedHat 5.? Is it fixed on CentOS 6.?
http://docs.vmd.citrix.com/XenServer/5.0.0/1.0/en_gb/guest.html#rhel5_limitations
"Only 3 virtual network interfaces are supported in versions below 5.2. For 5.2 and above, 7 virtual network interfaces are supported."
I opened this topic in both CentOS and Eucalyptus forums without luck:
https://www.centos.org/modules/newbb/viewtopic.php?topic_id=35491&forum=38
http://open.eucalyptus.com/forum/unable-run-more-4-instances-even-extra-resources
Thanks, Leandro
The error you are seeing seems related to disk not to network (Device 2049 (vbd) could not be connected. /etc/xen/scripts/block failed; error detected). I don't see that script on a CentOS 5.7 install I have here, so you may want to dig into that script to see if there is some obvious error.
The solution was to increase number of loop devices in CentOS 5, as detailed in the following link:
http://open.eucalyptus.com/participate/wiki/increase-number-loop-devices-centos-5
As the link is no longer valid, you have to go to archive.org or see this similar answer:
how to increase the loop devices number

apache won't start

Ok, so this has me so stumped that I don't see myself being able to solve the problem on my own.
I am running apache on my laptop under linux, so that when I'm away from my desktop I can still work with php and mySql. Everything works great. There is nothing wrong with the syntax of the httpd.conf; apachectl configtest returns OK. However, there is one cafe that I go to where apache will not start. I'll go down the street to the next ap and apache will start without issue, but at this one cafe apache won't start. Any help will be appreciated.
The log entry that I believe to be relevant is
[Wed Nov 16 14:03:11 2011] [alert] (EAI 2)Name or service not known: mod_unique_id: unable to find IPv4 address of "laptop"
[Wed Nov 16 14:33:36 2011] [alert] (EAI 2)Name or service not known: mod_unique_id: unable to find IPv4 address of "laptop"
[Wed Nov 16 14:42:48 2011] [alert] (EAI 2)Name or service not known: mod_unique_id: unable to find IPv4 address of "laptop"
[Wed Nov 16 14:45:27 2011] [alert] (EAI 2)Name or service not known: mod_unique_id: unable to find IPv4 address of "laptop"
[Wed Nov 16 14:52:54 2011] [alert] (EAI 2)Name or service not known: mod_unique_id: unable to find IPv4 address of "laptop"
If output of a command hostname is
# hostname
laptop
Giving this error in your logs:
(EAI 2)Name or service not known: mod_unique_id: unable to find IPv4 address of "laptop"
Then you should put in your /etc/hosts file sth like this :
127.0.0.1 laptop.homenetwork laptop localhost
::1 laptop.homenetwork laptop localhost
It also helps some people to put
ServerName localhost
in /etc/apache2/httpd.conf file
wait will apache not start or is the port blocked in this cafe? that would make sense to me and not that apache won't start. also, what happens if apache is running prior to going to this cafe? if you're still having issues, and i don't mean to sound cheeky here, but don't go to that particular cafe :)