docs/dev/libvirt: Add troubleshooting docs for libvirt console issue. #1371
Conversation
|
Hi @praveenkumar. Thanks for your PR. I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
added
the
needs-ok-to-test
openshift-ci-robot
added
the
size/S
docs/dev/libvirt-howto.md
Outdated
| @@ -286,6 +286,32 @@ kubectl get --all-namespaces pods | |||
| ## Troubleshooting | |||
| If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|
|||
| ### console doesn't come up | |||
| In case of libvirt there is no wildcard dns resolution and console is depend on the route which is created by auth operator. | |||
| To make it work we need to use the multi-stage installation and edit the `domain` for ingress. | |||
There was a problem hiding this comment.
nit: No newline for starting new sentences please. Either start a new paragraph or keep the sentence on the same line.
There was a problem hiding this comment.
@zeenix That what did for minishift also, making every sentence to a new line make it easier to read and navigate. I don't see any issue it here also.
There was a problem hiding this comment.
If that's true, let's be consistent and start every sentence on a new line? :) This is plain English text so English grammar rules should be followed here as much as they make sense. You break the line based on max characters per line (whatever is decided per project/file) on a word boundary.
As for minishift doing the same, yes I know it has become common practice recently but mostly cause people don't care, not because it helps anything. :-)
There was a problem hiding this comment.
Starting every sentence on a newline (in a system where newlines on their own don’t matter, as is the case here) is also nice for change control: it means that diffs don’t pull in the end of the previous sentence or the start of the next one, and changing one sentence’s length doesn’t cause the rest of the paragraph to reflow and show up in the diff...
There was a problem hiding this comment.
That would apply equally to starting every word on new line, as you often need to fix, add or remove words. :) I hope one thing we can all agree on, is consistency. If you want to start every sentence on a new line, maybe we can talk. Otherwise please let's stick to English grammar rules.
There was a problem hiding this comment.
Yes, I agree we need consistency! IME starting sentences on a new line (and word-wrapping them too) is a nice balance between source readability and long-term maintainability. It’s weird if the source text is also what the user sees, directly, but since most docs nowadays are post-processed and end up as HTML or something like that where newlines are ignored, it’s OK in practice.
docs/dev/libvirt-howto.md
Outdated
| // Create the manifests | ||
| $ openshift-install create manifests --dir myTestDir | ||
|
|
||
| // Edit the cluster-ingress-02-config.yml file |
There was a problem hiding this comment.
but the following command is not editing the file so comment is a bit confusing.
There was a problem hiding this comment.
@zeenix Edited.
docs/dev/libvirt-howto.md
Outdated
| @@ -286,6 +286,32 @@ kubectl get --all-namespaces pods | |||
| ## Troubleshooting | |||
| If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|
|||
| ### console doesn't come up | |||
| In case of libvirt there is no wildcard dns resolution and console is depend on the route which is created by auth operator. | |||
docs/dev/libvirt-howto.md
Outdated
| @@ -286,6 +286,32 @@ kubectl get --all-namespaces pods | |||
| ## Troubleshooting | |||
| If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|
|||
| ### console doesn't come up | |||
| In case of libvirt there is no wildcard dns resolution and console is depend on the route which is created by auth operator. | |||
| To make it work we need to use the multi-stage installation and edit the `domain` for ingress. | |||
There was a problem hiding this comment.
Suggest that you avoid 'the multi-stage installation' since that could be understood as indicating that the install command itself is to be run in stages where you run part of the install, do something, and then run the rest of the install.
There was a problem hiding this comment.
right, I had the same comment. multi-stage would likely refer here to the way the installer works... but this is actually abstracted away for most people, as they likely will experiment first with just create cluster. I would suggest to be more explicit and mention the order of the commands... or else mention how this could work AFTER the installation has been performed (if possible).
There was a problem hiding this comment.
Did some rewording, hope that make it bit clear.
docs/dev/libvirt-howto.md
Outdated
| domain: apps.tt.testing | ||
|
|
||
| // Start the installer to create the cluster | ||
| $ openshift-install create cluster |
There was a problem hiding this comment.
--dir myTestDir missing here?
|
@praveenkumar can make sure the commit message follow https://github.com/openshift/installer/blob/master/CONTRIBUTING.md#commit-message-format |
docs/dev/libvirt-howto.md
Outdated
| @@ -286,6 +286,32 @@ kubectl get --all-namespaces pods | |||
| ## Troubleshooting | |||
| If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|
|||
| ### console doesn't come up | |||
docs/dev/libvirt-howto.md
Outdated
| $ sudo systemctl restart NetworkManager | ||
|
|
||
| // Create the manifests | ||
| $ openshift-install create manifests --dir myTestDir |
There was a problem hiding this comment.
openshift-installer --dir $INSTALL_DIR create manifests
docs/dev/libvirt-howto.md
Outdated
| // Here `tt.testing` is the domain which I choose when running the installer. | ||
| $ cat /etc/NetworkManager/dnsmasq.d/openshift.conf | ||
| server=/tt.testing/192.168.126.1 | ||
| address=/.apps.tt.testing/192.168.126.51 |
There was a problem hiding this comment.
This will only work for a single worker, right?
There was a problem hiding this comment.
@gbraad yes and this is better than nothing atm.
There was a problem hiding this comment.
will it .apps.tt.testing or .apps.test.tt.testing
There was a problem hiding this comment.
@anildhingra no it is apps.tt.testing not the domain which your cluster use.
There was a problem hiding this comment.
it still fails
2019/03/11 13:33:10 auth: error contacting auth provider (retrying in 10s): request to OAuth issuer endpoint https://openshift-authentication-openshift-authentication.apps.test.tt.testing/oauth/token failed: Head https://openshift-authentication-openshift-authentication.apps.test.tt.testing: dial tcp: lookup openshift-authentication-openshift-authentication.apps.test.tt.testing on 172.30.0.10:53: no such host
2019/03/11 13:33:20 auth: error contacting auth provider (retrying in 10s): request to OAuth issuer endpoint https://openshift-authentication-openshift-authentication.apps.test.tt.testing/oauth/token failed: Head https://openshift-authentication-openshift-authentication.apps.test.tt.testing: dial tcp: lookup openshift-authentication-openshift-authentication.apps.test.tt.testing on 172.30.0.10:53: no such host
if i do dummy nslookup it works
[root@test-wm76w-master-0 ~]# nslookup one.apps.test.tt.testing
Server: 192.168.126.1
Address: 192.168.126.1#53
but in above case its looking - openshift-authentication-openshift-authentication.apps.test.tt.testing
There was a problem hiding this comment.
Could not this be done automatically when libvirt is selected?
Extend the functionality of create.go
Congratulations also for the solution !!
Best Regards,
Fábio Sbano
There was a problem hiding this comment.
This is a temporary solution. In future we do not want to have to do so many modifications. Since a solution that is cross-platform is preferred, we might not continue with using dnsmasq, but rather coredns for example.
There was a problem hiding this comment.
@praveenkumar This worked for me, but please explicitly mention the the IP address is of the worker node
There was a problem hiding this comment.
EDIT: nevermind the following. I forgot to run the create manifests command.
I can't find the manifest to edit in my cluster's installation directory:
steveej@steveej-t480s-work ✓ ~/src/job-redhat/GOPATH/src/github.com/openshift/installer/openshift-steveej 954533fcc ⚡
$ tree
.
├── auth
│ ├── kubeadmin-password
│ └── kubeconfig
├── disable-bootstrap.tfvars
├── metadata.json
├── terraform.tfstate
└── tls
├── journal-gatewayd.crt
└── journal-gatewayd.key
How do I get the installer to expose them?
praveenkumar
force-pushed
the
libvirt_console_issue
branch
from
cc4a3fd
to
20d54ad
Compare
openshift-ci-robot
added
size/M
|
@abhinavdahiya @wking do have another look, made requested changes. |
praveenkumar
force-pushed
the
libvirt_console_issue
branch
from
20d54ad
to
cf0fb11
Compare
praveenkumar
changed the title
|
/ok-to-test |
openshift-ci-robot
added
ok-to-test
|
/test e2e-libvirt |
2 similar comments
|
/test e2e-libvirt |
|
/test e2e-libvirt |
|
@praveenkumar Are e2e tests useful for this change? Let's not block on them unless that's the case. |
|
/test e2e-libvirt |
2 similar comments
|
/test e2e-libvirt |
|
/test e2e-libvirt |
|
Next step is to also add a reference to the default storage pool from #308 |
|
@abhinavdahiya I think all review comments have been addressed so let's give the missing label to get it merged? |
|
I think we want #1587, which will let us offload libvirt maintainership to folks with more time for it. But these two PRs could land in either order. |
praveenkumar
force-pushed
the
libvirt_console_issue
branch
2 times, most recently
from
a0137cf
to
d6e1f42
Compare
|
/test e2e-libvirt |
wking
changed the title
There was a problem hiding this comment.
It's been too long since I've played with a libvirt console, so I can't really review the steps. In the spirit of the pending #1662 I'm fine assuming that's all right ;). But style review is easier, so I've left a few nit suggestions inline.
docs/dev/libvirt/README.md
Outdated
| @@ -286,6 +286,38 @@ kubectl get --all-namespaces pods | |||
| ## Troubleshooting | |||
| If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|
|||
| ### Console doesn't come up | |||
| In case of libvirt there is no wildcard dns resolution and console depends on the route which is created by auth operator. | |||
docs/dev/libvirt/README.md
Outdated
| @@ -286,6 +286,38 @@ kubectl get --all-namespaces pods | |||
| ## Troubleshooting | |||
| If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|
|||
| ### Console doesn't come up | |||
| In case of libvirt there is no wildcard dns resolution and console depends on the route which is created by auth operator. | |||
| To make it works we need to first create the manifests and edit the `domain` for ingress config, before directly creating the cluster. | |||
There was a problem hiding this comment.
nit: "works" -> "work". Alternatively, drop the leader and compact the sentence to "We need to edit the ingress domain before creeating the cluster." or some such.
docs/dev/libvirt/README.md
Outdated
| In case of libvirt there is no wildcard dns resolution and console depends on the route which is created by auth operator. | ||
| To make it works we need to first create the manifests and edit the `domain` for ingress config, before directly creating the cluster. | ||
|
|
||
| Following steps are required to have console operator up and working. |
There was a problem hiding this comment.
I think the previous two sentences cover this. If you want to make it easier to blindly find this documentation, maybe include an example of the error message that eventually bubbles out if you don't take these steps?
docs/dev/libvirt/README.md
Outdated
|
|
||
| Following steps are required to have console operator up and working. | ||
| ```console | ||
| // Step-1 |
There was a problem hiding this comment.
nit: // are not shell comments. Either use $ # Step-1, etc., or (my preference), shift this supporting text outside of the fenced code block:
Add another domain entry in `openshift.conf`, which is...
```console
$ cat /etc/NetworkManager/dnsmasq.d/openshift.conf
server=/tt.testing/192.168.126.1
address=/.apps.tt.testing/192.168.126.51
```
Make sure you restart ...
docs/dev/libvirt/README.md
Outdated
|
|
||
| // Step-4 | ||
| // Domain entry for cluster-ingress-02-config.yml file should be following (here domain is what your created in Step-1) | ||
| $ cat $INSTALL_DIR/manifests/cluster-ingress-02-config.yml | grep domain |
There was a problem hiding this comment.
no need to cat, just grep domain $INSTALL_DIR/manifests/cluster-ingress-02-config.yml
There was a problem hiding this comment.
Actually, I suggest turning it into:
sed -i 's/test1.//g' mycluster/manifests/cluster-ingress-02-config.yml
Which is what I've been using and it makes things easy for people.
There was a problem hiding this comment.
@zeenix this will only work if you provided test1 as your domain name.
There was a problem hiding this comment.
@praveenkumar Right, it should be:
sed -i 's/YOUR_DOMAIN_NAME.//g' mycluster/manifests/cluster-ingress-02-config.yml
then. :)
There was a problem hiding this comment.
@praveenkumar could you please update this or let me know if you disagree?
praveenkumar
force-pushed
the
libvirt_console_issue
branch
from
d6e1f42
to
1abc94f
Compare
|
/test e2e-libvirt |
|
/retest |
|
|
||
| - Domain entry for cluster-ingress-02-config.yml file should be following (here domain is what your created initially) | ||
| ```console | ||
| $ grep domain $INSTALL_DIR/manifests/cluster-ingress-02-config.yml |
There was a problem hiding this comment.
@praveenkumar Wouldn't you agree that my sed suggestion would better since folks can just directly copy&paste it?
docs/dev/libvirt/README.md
Outdated
| @@ -286,6 +286,40 @@ kubectl get --all-namespaces pods | |||
| ## Troubleshooting | |||
| If following the above steps hasn't quite worked, please review this section for well known issues. | |||
|
|
|||
| ### Console doesn't come up | |||
| In case of libvirt there is no wildcard DNS resolution and console depends on the route which is created by auth operator. | |||
There was a problem hiding this comment.
I thought I asked for this before but maybe my comment didn't make it through: Could we please refer to the issue we're working around in here and in the commit log?
|
/test e2e-libvirt |
…ole issue. Currently cluster created by libvirt not able to resolve the auth route and because of that console doesn't comeup. This troubleshooting doc entry direct users to make some modification before running the cluster so that auth route can be resolved by the cluster. Fix openshift#1007
praveenkumar
force-pushed
the
libvirt_console_issue
branch
from
1abc94f
to
90b0d45
Compare
openshift-ci-robot
added
the
approved
|
/test e2e-libvirt |
|
/test e2e-aws |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: praveenkumar, zeenix The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
cc @wking @abhinavdahiya