Ayad knowledge base

Solutions

 Add –insecure-registry in /etc/sysconfig/docker # vim /etc/sysconfig/docker … OPTIONS=’ –selinux-enabled –log-driver=journald –signature-verification=False –insecure-registry docker-registry.default.svc:5000 ‘ … — Restart docker service to take effect. # systemctl restart docker.service

$ netstat -tulpn

Solution:

need to set this for each master node

openshift_ip=192.168.0.51

refer to the screenshot

Environment
Red Hat Openshift Container Platform 3.9
Issue
Showing errors
Raw
cni.go:171] Unable to update cni config: No networks found in /etc/cni/net.d There are no files in that directory as opposed to a working node which has a file named 80-openshift-network.conf kubelet_node_status.go:106] Unable to register node “ip-10-200-30-40.openshift-example.com” with API server: nodes “ip-10-200-30-40.openshift-example.com” is forbidden: node “ip-10-200-30-40.openshift-example.com” cannot modify node “ip-10-200-30-40.openshift-example.com”
Resolution
This error is what happens when the host cannot resolve itself in DNS.
Root Cause
On this issue the VPC’s “DHCP Options Set”, had the value of domain-name = openshift-example.com instead of domain-name = openshift.example.com (notice the dash vs the period before the word ‘example’)

Resolution
As a workaround, add the label region=infra to one or more nodes. Typically this should be added to existing infrastructure nodes.
Raw
# oc label node node1.example.com ‘region=infra’
Root Cause
The template service broker expects the label region=infra to install as part of the daemonset. This is not currently customizable, however a feature request is open:Issue
Upgrade playbook fails during the Upgrade Service Catalog play.
Raw
1. Error : Hosts: master-0.server.example.node.com Play: Upgrade Service Catalog Task: Verify that TSB is running Message: Status code was not [200]: Request failed: <urlopen error [Errno 111] Connection refused>
Returns error code similar to older non OCP issues here and here.
Resolution
Add ‘template_service_broker_selector={‘zone’: ‘infra’}’ line in inventory file
Update daemonset with zone=infra value
Rerun the playbook

Solution:

Run the following command

#oc adm policy add-cluster-role-to-user -n default system:router -z router

Check if the system:serviceaccount:default:router has access to update routes and status:

#oc policy who-can update routes/status -n default

lscpu |less

Solution

oc login -u system:admin

• name: just for testing by ayad hosts: web1 tasks:
  • name: installing httpd
    yum:
    name: httpd
    state: present
  • name: starting the services
    service:
    name: httpd
    state: started
  • name: modify the hostname
    lineinfile:
    path: /etc/hosts
    regexp: ‘^127.0.0.1’
    line: 127.0.0.1 ayad.com.cm.my
    owner: root
    group: root
    mode: 0644

kubectl get pods --all-namespaces
or 
oc get pods --all-namespaces