I am trying to launch a very basic VM using Apache Brooklyn 0.8 on OpenStack ( Liberty) setup . I have mentioned the option
auto-create-floating-ip true
in the YAML but I see the following error-
java.lang.IllegalArgumentException: Floating IPs are required by
options, but the extension is not available!
Blueprint used:
location:
jclouds:openstack-nova:
endpoint: https://myurl
identity: tenant-name:username
credential: "My-password"
jclouds.openstack-nova.auto-create-floating-ips: true
name: VM
services:
- type: brooklyn.entity.basic.EmptySoftwareProcess
name: Empty software process
provisioning.properties:
imageId: RegionOne/image-id
keyPair: my-keypair-name
securityGroups: my-security-group
privateKeyFile: /path/to/my-key/in/brooklyn-machine
loginUser: ubuntu
templateOptions:
availabilityZone: nova
Any help ?
Thanks in advance .
This error normally means one of two things:
that the OpenStack endpoint you are targeting does not support the Nova floating IP extension; or
the namespace is different from a "normal" OpenStack setup, so jclouds fails to correctly retrieve the available extensions (e.g. this currently happens for OpenStack devtest).
Can your provision a VM using floating IP manually? If no, it is likely (1) above - see the cloud provider's docs, or ask the administrator which extension should be used instead.
If yes, it is likely (2) - see the jira issue JCLOUDS-1013. You can check this using the nova python client, running the commands below:
nova list-extensions | grep FloatingIps
nova --debug list-extensions 2>&1 | grep namespace
If the namespace is equals to http://docs.openstack.org/compute/ext/fake_xml, then you'll need a special jclouds "provider" for openstack-devtest, to tell jclouds to expect this alternate namespace.
Work has been done by Andrea Turli at Cloudsoft for this. The code is at https://github.com/cloudsoft/jclouds-openstack-devtest, and there is a pre-built jar at https://drive.google.com/a/cloudsoftcorp.com/file/d/0Bxv4hWMwaFRKRWtsMFdhZlZnek0/view?usp=drive_web. This code may well move into the github jclouds org over time.
Note this code is written against jclouds 1.9.2. That means you'd have to upgrade to Brooklyn 0.9.0. Or if you really want to stick to Brooklyn 0.8.0, create a fork of jclouds-openstack-devtest so you can update the pom/code to be against jclouds 1.9.1.
To use the jclouds-openstack-devtest jar, put it into $BROOKLYN_HOME/lib/patch/, restart Brooklyn, and change your location definition to jclouds:openstack-devtest-compute (instead of jclouds:openstack-nova).
jclouds-openstack-devtest jar with Brooklyn 0.10 solved the above issue
Related
The Jelastic Marketplace is full of interesting software. However, sometimes, they do not comply to my security needs. In those cases, I would like to write my own manifest that would install the manifest from the marketplace and add up the components that I need for my use-case. Let's take an example: I would like to wrap the kubernetes installation with the addition of a load-balancer. I would like to do something like this:
type: install
name: My Example Manifest
onInstall:
- install:
jps: https://github.com/jelastic-jps/kubernetes/blob/1.23.6/manifest.jps
envName: env-${fn.random}
settings:
deploy: cmd
cmd: echo "do nothing"
topo: 0-dev
dashboard: general
ingress-controller: Nginx
storage: true
api: true
monitoring: true
version: 1.23.6
jaeger: false
- addNodes:
- nodeType: nginx-dockerized
nodeGroup: bl
count: 1
fixedCloudlets: 1
flexibleCloudlets: 4
The issue I am having here is that the manifest cannot add the nodes, because of the following error:
user [xyz] doesn't have any access rights to app [dashboard]
What am I doing wrong? How can I make this manifest work? I tried to set user: root in the addNodes function but it doesn't help.
Of course, I am interested in suggestions involving one single install manifest. I know I could make it happen by first installing the kubernetes manifest and then running an update manifest that would add my load-balancer nodes. I would like, however, to package the whole thing within one single step, as described by my manifest above.
I have set up kong in dbless mode on RHEL by following the below documentation
https://docs.konghq.com/gateway/latest/install-and-run/rhel/
Kong gateway is successfully started. Below are the configurations I added in kong.conf file where database is turned to off and path to declarative kong.yaml is specified
declarative_config = /temp/kong/kong.yml
database = off
Also, below is current .yaml file where I created a service using below link
https://docs.konghq.com/gateway/2.8.x/get-started/comprehensive/expose-services/
_format_version: "1.1"
services:
- host: mockbin.org
name: example_service
port: 80
protocol: http
routes:
- name: mocking
paths:
- /mock
strip_path: true
I have also installed deck to sync this the declarative configuration.
However, when I use the deck sync command to add this service to kong, I get below error
creating service example_service
Summary:
Created: 0
Updated: 0
Deleted: 0
Error: 1 errors occurred:
while processing event: {Create} service example_service failed: HTTP status 405 (message: "cannot create or update 'services' entities when not using a database")
Kindly need ideas on what could be wrong as I believe we can create a service in dbless mode, and I also think that this is the declarative format which should work. Looking forward to hear. Thanks
Kindly need ideas on what could be wrong as I believe we can create a service in dbless mode, and I also think that this is the declarative format which should work. Looking forward to hear. Thanks
You are correct that we can create a service in dbless mode, however the approach will be different.
If you already have the new config file in yaml format. you can load it to Kong using /config endpoint
I also think that decK should be process-agnostic and can be used with both db and dbless mode, But as it stands, loading yaml config file with /config endpoint looks like the best option.
I'm trying to use Concourse to grab a dockerfile defintion from a git repository, do some work, build the docker image, and push the new image to Artifactory. See below for the pipeline definition. At this time I have all stages up to the artifactory stage (the one that pushes to Artifactory) working. The artifactory stage exits with error with the following output:
waiting for docker to come up...
sha256:c6039bfb6ac572503c8d97f42b6a419b94139f37876ad331d03cb7c3e8811ff2
The push refers to repository [artifactory.server.com:2077/base/golang/alpine]
a4ab5bf94afd: Preparing
unauthorized: The client does not have permission to push to the repository.
This would seem straight-forward as an Artifactory permissions issue, except that I've tested locally with the docker cli and am able to push using the same user/pass as specified within destination_username and destination_password. I double checked the credentials to make sure I'm using the same ones and find that I am.
Question #1: is there any other known cause for getting this error? I've scoured the resource github page without finding anything. Any ideas why I may be getting the permissions error?
Without having an answer to the above question, I'd really like to dig deeper into troubleshooting the problem. To do so I use fly hijack to get a shell in the corresponding container. I notice that docker is installed on the container, so next step I think would be to do a docker import on the tarball for the image I'm trying to push and then perform a docker push to push it to the repo. When attempting to run the import I get the error:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is
the docker daemon running?
Question #2: Why can't I use docker commands from within the container? Perhaps this has something to do with the issue I'm seeing with pushing to repo when running the pipeline (I don't think so)? Is it because the container isn't running with privilege? I thought that the privileged argument would be supplied in the resource type definition, but if not, how can I run with privilege?
resources:
- name: image-repo
type: git
source:
branch: master
private_key: ((private_key))
uri: ssh://git#git-server/repo.git
- name: artifactory
type: docker-image
source:
repository: artifactory.server.com:2077/((repo))
tag: latest
username: ((destination_username))
password: ((destination_password))
jobs:
- name: update-image
plan:
- get: image-repo
- task: do-stuff
file: image-repo/scripts/do-stuff.yml
vars:
repository-directory: ((repo))
- task: build-image
privileged: true
file: image-repo/scripts/build-image.yml
- put: artifactory
params:
import_file: image/image.tar
Arghhhh. Found after much troubleshooting that the destination_password wasn't being picked up properly due to special characters and a lack of quotes. Fixed the issue by properly setting the password within yaml file being included with the --load-vars flag.
sudo juju bootstrap --constraints tags=juju mymaas maas-controller
Creating Juju controller "maas-controller" on mymaas
Looking for packaged Juju agent version 2.3.7 for amd64
Launching controller instance(s) on mymaas...
ERROR failed to bootstrap model: cannot start bootstrap instance: failed to acquire node: unexpected: ServerError: 400 BAD REQUEST ({"tags": ["No such tag(s): 'juju'."]})
Please refer to: https://docs.jujucharms.com/2.5/en/reference-constraints
This is an issue with tagging in MAAS as well as not using supported tags:
tags=juju mymaas maas-controller
This will specifically look for all servers with all of the tags:
juju
mymaas
maas-controller
Unless your maas controller has a server with all of those tags attached to it it will not find any servers and error out saying it cannot acquire a node with those tags, as it did.
Make the constraints match the supported standard, i.e. resource constraints.
Or, use a non-supported feature that I use when I deploy charms to maas and use the hostname.
juju bootstrap --to hostname.superdomain.com
this will search maas (assuming you have set it up correctly) for that hostname specifically and use it to bootstrap.
How can I write a Salt state that will upgrade all packages installed on a system (for lab) for both centos and ubuntu?
I have an upgrades.sls that has the following:
upgrades:
pkg.upgrade:
- name: '*'
But it returns a
State 'pkg.upgrade' was not found in SLS 'dfars.patching' Reason:
'pkg.upgrade' is not available.
Do I have to specify that for centos, then use yum.pkg and for Ubuntu to use apt?
You can use pkg.uptodate for this
update_pkg:
pkg.uptodate:
- refresh : True
You are getting error because pkg.upgrade is an execution module, you are trying to run it from a state file. execution modules are the functions called by the salt command, and cannot be executed from states directly.
You can, however, use module.run that allows execution module calls to be made via states,
upgrades:
module.run:
- pkg.upgrade
....
another way is to make use of something from states.pkg, such as, states.pkg.uptodate,
salt.states.pkg.uptodate(name, refresh=False, pkgs=None, **kwargs)
Verify that the system is completely up to date.
name: The name has no functional value and is only used as a tracking
reference
refresh: refresh the package database before checking for new
upgrades
pkgs: list of packages to upgrade