hgh dose

pulling image error : Get https://docker-registry.default.svc:5000/v2/: http: server gave HTTP response to HTTPS client error: build error: unable to get

February 2nd, 2020 by ayad


 Add –insecure-registry in /etc/sysconfig/docker # vim /etc/sysconfig/docker … OPTIONS=’ –selinux-enabled –log-driver=journald –signature-verification=False –insecure-registry docker-registry.default.svc:5000 ‘ … — Restart docker service to take effect. # systemctl restart docker.service

Which service using which port – linux command

January 20th, 2020 by ayad

$ netstat -tulpn

wait for the sync daemonset to become ready and available

January 11th, 2020 by ayad


need to set this for each master node


refer to the screenshot

Unable to add node failing with “Unable to update cni config: No networks found in /etc/cni/net.d” in Openshift Container Platform 3

January 9th, 2020 by ayad

Red Hat Openshift Container Platform 3.9
Showing errors
cni.go:171] Unable to update cni config: No networks found in /etc/cni/net.d There are no files in that directory as opposed to a working node which has a file named 80-openshift-network.conf kubelet_node_status.go:106] Unable to register node “ip-10-200-30-40.openshift-example.com” with API server: nodes “ip-10-200-30-40.openshift-example.com” is forbidden: node “ip-10-200-30-40.openshift-example.com” cannot modify node “ip-10-200-30-40.openshift-example.com”
This error is what happens when the host cannot resolve itself in DNS.
Root Cause
On this issue the VPC’s “DHCP Options Set”, had the value of domain-name = openshift-example.com instead of domain-name = openshift.example.com (notice the dash vs the period before the word ‘example’)

Service catalog fails because Template Service Broker won’t start

January 9th, 2020 by ayad

As a workaround, add the label region=infra to one or more nodes. Typically this should be added to existing infrastructure nodes.
# oc label node node1.example.com ‘region=infra’
Root Cause
The template service broker expects the label region=infra to install as part of the daemonset. This is not currently customizable, however a feature request is open:Issue
Upgrade playbook fails during the Upgrade Service Catalog play.
1. Error : Hosts: master-0.server.example.node.com Play: Upgrade Service Catalog Task: Verify that TSB is running Message: Status code was not [200]: Request failed: <urlopen error [Errno 111] Connection refused>
Returns error code similar to older non OCP issues here and here.
Add ‘template_service_broker_selector={‘zone’: ‘infra’}’ line in inventory file
Update daemonset with zone=infra value
Rerun the playbook

The route is not accepting traffic yet because it has not been admitted by a router.

January 9th, 2020 by ayad


Run the following command

#oc adm policy add-cluster-role-to-user -n default system:router -z router

Check if the system:serviceaccount:default:router has access to update routes and status:

#oc policy who-can update routes/status -n default

check number of CPU in Centos

January 7th, 2020 by ayad

lscpu |less

Error from server (Forbidden): users.user.openshift.io is forbidden: User “syste m:anonymous” cannot create users.user.openshift.io at the cluster scope: no RBAC policy matched

December 30th, 2019 by ayad


oc login -u system:admin

ansible playbook: Install httpd, start httpd and change hostname

December 26th, 2019 by ayad

  • name: just for testing by ayad hosts: web1 tasks:
    • name: installing httpd
      name: httpd
      state: present
    • name: starting the services
      name: httpd
      state: started
    • name: modify the hostname
      path: /etc/hosts
      regexp: ‘^’
      line: ayad.com.cm.my
      owner: root
      group: root
      mode: 0644

Pods status in openshift

December 25th, 2019 by ayad
kubectl get pods --all-namespaces
oc get pods --all-namespaces