[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Build always failed on openshift 3 connection refused to github



As the follow up of my questions,

Based on this documents https://docs.openshift.com/enterprise/3.0/architecture/additional_concepts/sdn.html and http://www.slideshare.net/enakai/openshift-45465283

My servers (nodes) are missing vxlan0, isn't it suppose to be configured by openshift (ansible)?

Any suggestions to fix this?

Sorry, I'm still new and learning, so any clues will be more than i expected, since i want to learn it by my self too.. 

thanks,

On Sat, Aug 8, 2015 at 3:32 PM, Marojahan M.T. Sigiro <marojahan gmail com> wrote:
"docker run -it nodejs-010-centos7 /bin/sh" 
and then attempt a git clone from within that container.

I've tried and it fails.

But now, the problem is deeper, I cant reach outside network from my docker containers.. 
I've tried using normal centos docker container, but the result is the same.

I assume that the network (bridge) configuration of docker in this openshift is different compared to the normal docker.

I've tried to run 2 docker containers on the same host, and they can talk each other.. but not to outside network.

So, I assumed for now that this is docker related problem, still looking into it.

But if there are any suggestion, please.. really need help.

This is my iptables on one for the openshift nodes

Thanks,
----
 [root node2 ~]# iptables -L -v

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

  116 10952 ACCEPT     udp  --  any    any     anywhere             anywhere             multiport dports 4789 /* 001 vxlan incoming */

 7688 1130K ACCEPT     all  --  tun0   any     anywhere             anywhere             /* traffic from docker for internet */

39915   43M ACCEPT     all  --  any    any     anywhere             anywhere             state RELATED,ESTABLISHED

    0     0 ACCEPT     icmp --  any    any     anywhere             anywhere            

    0     0 ACCEPT     all  --  lo     any     anywhere             anywhere            

    2   128 ACCEPT     tcp  --  any    any     anywhere             anywhere             state NEW tcp dpt:ssh

31092 3155K OS_FIREWALL_ALLOW  all  --  any    any     anywhere             anywhere            

31092 3155K REJECT     all  --  any    any     anywhere             anywhere             reject-with icmp-host-prohibited


Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

    0     0 DOCKER     all  --  any    lbr0    anywhere             anywhere            

    0     0 ACCEPT     all  --  any    lbr0    anywhere             anywhere             ctstate RELATED,ESTABLISHED

    0     0 ACCEPT     all  --  lbr0   !lbr0   anywhere             anywhere            

    0     0 DOCKER     all  --  any    docker0  anywhere             anywhere            

    0     0 ACCEPT     all  --  any    docker0  anywhere             anywhere             ctstate RELATED,ESTABLISHED

    0     0 ACCEPT     all  --  docker0 !docker0  anywhere             anywhere            

21996 2435K ACCEPT     all  --  any    any     10.1.0.0/16          anywhere            

14885 3589K ACCEPT     all  --  any    any     anywhere             10.1.0.0/16         

    0     0 REJECT     all  --  any    any     anywhere             anywhere             reject-with icmp-host-prohibited

    0     0 ACCEPT     all  --  docker0 docker0  anywhere             anywhere            

    0     0 ACCEPT     all  --  lbr0   lbr0    anywhere             anywhere            


Chain OUTPUT (policy ACCEPT 70133 packets, 11M bytes)

 pkts bytes target     prot opt in     out     source               destination         


Chain DOCKER (2 references)

 pkts bytes target     prot opt in     out     source               destination         

    0     0 ACCEPT     tcp  --  !lbr0  lbr0    anywhere             10.1.1.3             tcp dpt:jetcmeserver

    0     0 ACCEPT     tcp  --  !lbr0  lbr0    anywhere             10.1.1.3             tcp dpt:https

    0     0 ACCEPT     tcp  --  !lbr0  lbr0    anywhere             10.1.1.3             tcp dpt:http


Chain OS_FIREWALL_ALLOW (1 references)

 pkts bytes target     prot opt in     out     source               destination         

    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere             state NEW tcp dpt:10250

    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere             state NEW tcp dpt:http

    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere             state NEW tcp dpt:https



Network interface (addrs)


ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000

    link/ether 6c:ae:8b:5c:8f:d8 brd ff:ff:ff:ff:ff:ff

    inet 172.21.7.3/16 brd 172.21.255.255 scope global eno1

       valid_lft forever preferred_lft forever

    inet6 fe80::6eae:8bff:fe5c:8fd8/64 scope link 

       valid_lft forever preferred_lft forever

3: eno2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000

    link/ether 6c:ae:8b:5c:8f:d9 brd ff:ff:ff:ff:ff:ff

4: enp0s26u1u2u5: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000

    link/ether 6e:ae:8b:5c:8f:df brd ff:ff:ff:ff:ff:ff

5: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether d6:c2:08:65:cc:f4 brd ff:ff:ff:ff:ff:ff

8: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN 

    link/ether 56:84:7a:fe:97:99 brd ff:ff:ff:ff:ff:ff

    inet 172.17.42.1/16 scope global docker0

       valid_lft forever preferred_lft forever

9: br0: <BROADCAST,MULTICAST> mtu 1450 qdisc noop state DOWN 

    link/ether 62:74:be:44:be:42 brd ff:ff:ff:ff:ff:ff

10: tun0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN 

    link/ether f6:7e:3f:1e:ee:dc brd ff:ff:ff:ff:ff:ff

    inet 10.1.1.1/24 scope global tun0

       valid_lft forever preferred_lft forever

    inet6 fe80::f47e:3fff:fe1e:eedc/64 scope link 

       valid_lft forever preferred_lft forever

11: vovsbr: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master ovs-system state UP 

    link/ether ba:c7:02:a7:4a:53 brd ff:ff:ff:ff:ff:ff

    inet6 fe80::b8c7:2ff:fea7:4a53/64 scope link 

       valid_lft forever preferred_lft forever

12: vlinuxbr: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master lbr0 state UP 

    link/ether e2:42:d1:26:94:d7 brd ff:ff:ff:ff:ff:ff

    inet6 fe80::e042:d1ff:fe26:94d7/64 scope link 

       valid_lft forever preferred_lft forever

13: lbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP 

    link/ether b2:c2:1a:46:b0:0f brd ff:ff:ff:ff:ff:ff

    inet 10.1.1.1/24 scope global lbr0

       valid_lft forever preferred_lft forever

    inet6 fe80::c89f:64ff:fe0c:5db2/64 scope link 

       valid_lft forever preferred_lft forever

15: veth9a621ef: <BROADCAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master ovs-system state UP 

    link/ether 82:ee:3b:20:d2:9f brd ff:ff:ff:ff:ff:ff

    inet6 fe80::80ee:3bff:fe20:d29f/64 scope link 

       valid_lft forever preferred_lft forever

17: vethdc34d79: <BROADCAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master ovs-system state UP 

    link/ether 5e:e1:b8:b7:39:2d brd ff:ff:ff:ff:ff:ff

    inet6 fe80::5ce1:b8ff:feb7:392d/64 scope link 

       valid_lft forever preferred_lft forever

23: vethe4e2be3: <BROADCAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master lbr0 state UP 

    link/ether b2:c2:1a:46:b0:0f brd ff:ff:ff:ff:ff:ff

    inet6 fe80::b0c2:1aff:fe46:b00f/64 scope link 

       valid_lft forever preferred_lft forever


On Sat, Aug 8, 2015 at 4:18 AM, Ben Parees <bparees redhat com> wrote:
if you simply docker run a container on your host, are you able to reach github?

eg

"docker run -it nodejs-010-centos7 /bin/sh"
and then attempt a git clone from within that container.




On Fri, Aug 7, 2015 at 5:10 PM, Marojahan M.T. Sigiro <marojahan gmail com> wrote:
Hi All,

I hope someone can give me some guidelines here, since i'm still new.. 

My builds on my openshift 3 (install on bare metal with ansible) always failed because it cannot clone the git repository.

My server connected directly to internet without any proxy and my docker is in good configuration (i can pull images).

The builds always fails because it the connection to github.com:443 is refused.
I have try another approach by using source hosted on local git repository (intranet, with gitlab)  in case that the problem is my servers internet connection, but it also failed with the same error.

This is my builds error:

[root master ~]# oc build-logs nodejs-example 1

error: A build name is required

see 'oc build-logs -h' for help.

[root master ~]# oc build-logs nodejs-example-1

I0807 16:17:27.709759       1 builder.go:42] $BUILD env var is {"kind":"Build","apiVersion":"v1","metadata":{"name":"nodejs-example-1","namespace":"testing","selfLink":"/oapi/v1/namespaces/testing/builds/nodejs-example-1","uid":"ebfb0c05-3d1f-11e5-b379-6cae8b5c8f60","resourceVersion":"5154","creationTimestamp":"2015-08-07T16:18:21Z","labels":{"buildconfig":"nodejs-example","template":"nodejs-example"}},"spec":{"serviceAccount":"builder","source":{"type":"Git","git":{"uri":"https://github.com/openshift/nodejs-ex.git"}},"strategy":{"type":"Source","sourceStrategy":{"from":{"kind":"DockerImage","name":"openshift/nodejs-010-centos7:latest"}}},"output":{"to":{"kind":"DockerImage","name":"172.30.33.234:5000/testing/nodejs-example:latest"},"pushSecret":{"name":"builder-dockercfg-rkebs"}},"resources":{}},"status":{"phase":"Pending","config":{"kind":"BuildConfig","namespace":"testing","name":"nodejs-example"}}} 

I0807 16:17:27.721298       1 cfg.go:50] Problem accessing /root/.dockercfg: stat /root/.dockercfg: no such file or directory

I0807 16:17:27.722253       1 docker.go:216] Pulling image openshift/nodejs-010-centos7:latest

I0807 16:18:45.790019       1 sti.go:93] Creating a new S2I builder with build config: "Builder Name:\t\tNode.js 0.10\nBuilder Image:\t\topenshift/nodejs-010-centos7:latest\nBuilder Image Version:\t892b1e2\nBuilder Base Version:\td9851e5\nSource:\t\t\thttps://github.com/openshift/nodejs-ex.git\nOutput Image Tag:\t172.30.33.234:5000/testing/nodejs-example:latest\nEnvironment:\t\tOPENSHIFT_BUILD_NAMESPACE=testing,OPENSHIFT_BUILD_SOURCE=https://github.com/openshift/nodejs-ex.git,OPENSHIFT_BUILD_NAME=nodejs-example-1\nIncremental Build:\tdisabled\nRemove Old Build:\tdisabled\nForce Pull:\t\tdisabled\nQuiet:\t\t\tdisabled\nLayered Build:\t\tdisabled\nDocker Endpoint:\tunix:///var/run/docker.sock\n"

I0807 16:18:45.791180       1 docker.go:199] Image openshift/nodejs-010-centos7:latest available locally

I0807 16:18:45.792243       1 sti.go:99] Starting S2I build from testing/nodejs-example-1 BuildConfig ...

I0807 16:18:45.792265       1 sti.go:113] Building 172.30.33.234:5000/testing/nodejs-example:latest

I0807 16:18:45.840205       1 clone.go:27] Cloning into /tmp/sti398212991/upload/src

E0807 16:19:12.409844       1 git.go:127] fatal: unable to access 'https://github.com/openshift/nodejs-ex.git/': Failed connect to github.com:443; Connection refused

I0807 16:19:12.410730       1 clone.go:29] Git clone failed: exit status 128

I0807 16:19:12.410758       1 cleanup.go:23] Removing temporary directory /tmp/sti398212991

I0807 16:19:12.410762       1 fs.go:99] Removing directory '/tmp/sti398212991'

F0807 16:19:12.411454       1 builder.go:65] Build error: exit status 128

Regards,


--
Marojahan M.T. Sigiro

_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users




--
Ben Parees | OpenShift




--
Marojahan M.T. Sigiro



--
Marojahan M.T. Sigiro

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]