[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: 2. Newcomer to OpenShift Origin: a few questions (Ricardo Mendes)



   Message: 2
    Date: Fri, 09 Feb 2018 17:56:01 +0000
    From: Ricardo Mendes <maverickws icloud com>
    To: users <users lists openshift redhat com>
    Subject: Newcomer to OpenShift Origin: a few questions
    Message-ID: <E4E9BF3D-08C5-4A52-A71C-330B0BE2C50D icloud com>
    Content-Type: text/plain; charset="utf-8"

    Hi all,

     Looking at it I initially enjoyed it's simplicity and I'm really looking forward to try it out but this comes on testing OpenShift so first I would like to understand somethings like:

1. Some of the editing going on takes place on /etc/ansible/ - upon installation using yum the folder permissions are set to 755 which means only privileged mode/root is able to edit. Is there any special reason for this?

Answer: you can change the permission if you like. You can also specify any directory or user to run ansible  and anywhere to place your ansible.cfg and inventory/hosts file.

    2. With Chef it's very easy to change push a file using templates, and to set the proper permissions and selinux context, the first using chef's template rollout and the second with bash. how well goes ansible with this? giving a recent example, for the grav cms that's installed by git clone there is the need to run 'chcon -Rv --type=httpd_sys_rw_content_t .' otherwise it doesn't work. Ansible supports these tasks with ease?

Answer:  yes, ansible tasks do this with ease. 1 example, use the ansible ‘file’ module to chown or chmod the file. For your example, instead of using chcon, maybe use restorecon and use the sefcontext ansible module.

2. On the OpenShift context, is the machine where ansible runs from supposed to be the master? Is this a requirement? Or can ansible be called remotely from another machine like with Chef?

Answer:  You can use any machine you’d like to do the install from. On prem, we used the master, in aws we setup a ansible server as bastion.

    4. Using firewalld and setting the option 'os_firewall_use_firewalld = true' is it necessary to install the package iptables-services ?

Answer: you can setup a pre task in ansible to check the basic packages, but I believe the installer will install this if it’s set to true.

    5. On all the documentation they tell you to
    # yum install wget git net-tools bind-utils iptables-services bridge-utils bash-completion kexec-tools sos psacct

    before talking about ansible playbooks. Aren't these supposed to be packages installed by the openshift-ansible playbooks as well, or should they exist before running the ansible playbooks?

Answer: I believe the new installer will take care of these. However, we use satellite to install and just include the packages in our config, this case puppet, but you could do it however you want, ansible, chef, etc..

    6. For Docker?s thin provisioning using direct-lvm the most common approach (not to say all I encountered) is to use a separate physical drive setup with LVM for the volume group.
    Is there a problem with using one partitioned hard drive shared between the root system?
    This comes as some of the machines we use (which are rented) come with large hard drives on the initial configuration, and it?s easier to partition one big drive and mirror it than doing this with several, no? Are there disadvantages?

    Two machines have been configured with initial disk setup, one has boot + root and swap, where root and swap sit on LVM on a volume group /dev/sda2 and /dev/sda3 is the docker volume group, and the other has boot, root and swap as separate devices and only the remaining space is a volume group. Are both approaches correct or are there considerations to have in mind regarding these setups?

Answer: you should be able to use any partition or any raw disk.  We have used volume groups as part of existing PV or have our separate disk. Either way seems to work fine. Fyi for our aws config we use overlay2 and a separate ebs vol like this

DEVS='/dev/xvdb'
VG='docker_vg'
DATA_SIZE='95%VG'
STORAGE_DRIVER='overlay2'

    Thank you all, cheers!

    Ricardo M

Hope this helps
Todd


########################################################################
The information contained in this message, and any attachments thereto,
is intended solely for the use of the addressee(s) and may contain
confidential and/or privileged material. Any review, retransmission,
dissemination, copying, or other use of the transmitted information is
prohibited. If you received this in error, please contact the sender
and delete the material from any computer. UNIGROUP.COM
########################################################################



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]