logstash deployment into open shift - jenkins

i have deploy logstash using jenkins into openshift ...
i have built an openshift file to be Template contains ( deployment , secret , configmap) ....
but the below error is generating :
hudson.AbortException: new-project returned an error;
{
err=Error from server (AlreadyExists):
project.project.****.io "data-collector" already exists
verb=new-project, cmd=oc --server=https://api.devsaibocp.saibnet2.saib.com:6443
--insecure-skip-tls-verify
--token=XXXXX new-project data-collector
--skip-config-write, out=, status=1 }
verb=, cmd=oc --server=https://api.devsaibocp.saibnet2.saib.com:6443
--insecure-skip-tls-verify
--namespace=data-collector
--token=XXXXX
apply -f https://****/bfm/account/account-data-pipline/-/blob/main/openshift.yml,
out=, status=1 }

Related

How to skip TLS cert check for crictl (containerd CR) while pulling the images from private repository

I have installed k8s 1.24 version and containerd (containerd://1.5.9) is the CR for my setup (ubuntu 20.04).
I have also installed docker on my VM and have added my private repository under /etc/docker/daemon.json with the following changes:
{ "insecure-registries" : ["myPvtRepo.com:5028"] }
When I am running docker pull myPvtRepo:123/image after login to my pvt repo by using docker login myPvtRepo:123 command, I am able to pull the images while running the same command with crictl pull myPvtRepo:123/image, I am facing:
E0819 06:49:01.200489 162610 remote_image.go:218] "PullImage from
image service failed" err="rpc error: code = Unknown desc = failed to
pull and unpack image "myPvtRepo.com:5028/centos:latest": failed to
resolve reference "myPvtRepo.com:5028/centos:latest": failed to do
request: Head https://myPvtRepo.com::5028/v2/centos/manifests/latest:
x509: certificate signed by unknown authority"
image="myPvtRepo.com::5028/centos:latest" FATA[0000] pulling image:
rpc error: code = Unknown desc = failed to pull and unpack image
"myPvtRepo.com::5028/centos:latest": failed to resolve reference
"myPvtRepo.com:5028/centos:latest": failed to do request: Head
https://myPvtRepo.com::5028/v2/centos/manifests/latest: x509:
certificate signed by unknown authority
FYI, I have modified /etc/containerd/config.toml with below content.
version = 2
[plugin."io.containerd.grpc.v1.cri".registry.configs."myPvtRepo.com:5028".tls]
insecure_skip_verify = true
[plugins."io.containerd.grpc.v1.cri".registry.mirrors]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."docker.io"]
endpoint = ["https://myPvtRepo.com:5028", "https://myPvtRepo.com:5038", "https://myPvtRepo.com:5037",
"https://myPvtRepo.com:5039"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."IP:5000"]
endpoint = ["http://IP:5000"]
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."IP:5000"]
endpoint = ["http://IP:5000"]
I have also modified containerd's endpoint to point to containerd's sock.
Can you please help me out to understand and fix that even after setting insecure_skip_verify = true for my pvt repository and restarting the containerd service why I am getting this issue.
I got a solution:
cd /usr/local/share/ca-certificates/
curl -L --remote-name http://your-artifacts.com/xyz-bundle.crt
/usr/sbin/update-ca-certificates
This one work for me.
Also make sure to update your endpoints under /etc/crictl.yaml
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: ""
timeout: 0
debug: false
pull-image-on-create: false
disable-pull-on-run: false
You will need to specify the hosts.toml file for the private registry and add skip-verify = true.
ref: https://github.com/containerd/containerd/blob/main/docs/hosts.md
Steps:
create folders: mkdir -p /etc/containerd/certs.d/<your registry>
add these config in /etc/containerd/config.toml:
[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/etc/containerd/certs.d"
create and edit hosts.toml under the just created folder
server = "https://<your registry>"
[host."https://<your registry>"]
capabilities = ["pull", "resolve"]
skip_verify = true

how to check if imagestream is existed in openshift container platform with jenkins pipeline

I ran this code to check and delete the imagestreams in Openshift
openshift.withCluster("${CLUSTER_NAME}") {
openshift.withProject("${DEV_ENV}") {
if (openshift.selector('imagestreams', '${imagestream_name}').exists()) {
openshift.selector('imagestreams', '${imagestream_name}').delete()
then I ran this
openshift.withCluster("${CLUSTER_NAME}") {
openshift.withProject("${DEV_ENV}") {
openshift.apply(openshift.raw("create -f '${imagestream_name}'.yaml"))
to create new imagestream from local yaml file but it end up with this error
ERROR: raw command [create -f 'imagestream-test'.yaml] returned an error;
{err=Error from server (AlreadyExists): error when creating "imagestream-test.yaml": imagestreams.image.openshift.io "testimagestream" already exists
Is there anyway to check if the imagestream is already in openshift ?
How about using apply instead of create? oc apply will create a resource if it doesn't exist or update if it does.
openshift.withCluster("${CLUSTER_NAME}") {
openshift.withProject("${DEV_ENV}") {
openshift.apply(openshift.raw("apply -f '${imagestream_name}'.yaml"))

Getting an error while running jenkins job to deploy java application to tomcat server using Ansible template

I am getting the following error using ansible playbook
Ansible Playbook:
hosts: all_hosts
become: true
tasks:
name: copy jar/war onto tomcat servers
copy:
src: /opt/playbooks/wabapp/target/webapp.war
dest: /opt/apache-tomcat-8.5.54/webapps
Error in jenkins
SSH: Connecting with configuration [Ansible] ...
SSH: EXEC: STDOUT/STDERR from command [ansible-playbook /opt/playbooks/file.yml] ...
ERROR! Syntax Error while loading YAML.
mapping values are not allowed in this context
The error appears to be in '/opt/playbooks/file.yml': line 6, column 13, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: copy jar/war onto tomcat servers
copy:
^ here
SSH: EXEC: completed after 801 ms
SSH: Disconnecting configuration [Ansible] ...
ERROR: Exception when publishing, exception message [Exec exit status not zero. Status [4]]
Build step 'Send files or execute commands over SSH' changed build result to UNSTABLE
Finished: UNSTABLE

kubernetes cluster setup on bare metal

I am trying to setup 3 node kubernetes cluster on bare metal(1 master and 2 worker nodes). I am following the below links for setup https://www.linuxtechi.com/install-kubernetes-1-7-centos7-rhel7/
and https://phoenixnap.com/kb/how-to-install-kubernetes-on-centos
Besides the prerequisites mentioned in the above link I have also disabled swap(systemctl stop firewalld), disabled selinux policy(sudo setenforce 0) and updated Iptables settings
cat < /etc/sysctl.d/master_node_name
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
But as soon as I start kubeadm init --apiserver-advertise-address 192.168.140.48(on master node)
I get the following errors in docker for k8s_kube-controller-manager :
E0204 1 leaderelection.go:330 error retrieving resource lock kube-system/kube-controller-manager: Get https://192.168.140.48:6443/api/v1/namespaces/kube-system/endpoints/kube-controller-manager?timeout=10s: Forbidden
and for docker k8s_kube-scheduler as below
E0204 1 reflector.go:123 k8s.io/client-go/informers/factory.go:134: Failed to list *v1.Node: Get https://192.168.140.48:6443/api/v1/nodes?limit=500&resourceVersion=0: Forbidden
E0204 10:45:44.629865 1 reflector.go:123] k8s.io/kubernetes/cmd/kube-scheduler/app/server.go:250: Failed to list *v1.Pod: Get https://192.168.140.48:6443/api/v1/pods?fieldSelector=status.phase%21%3DFailed%2Cstatus.phase%21%3DSucceeded&limit=500&resourceVersion=0: Forbidden
Any help would be appreciated. Thanks in advance.

ERROR: repository hyperledger/fabric-tools not found: does not exist or no pull access

I am trying to start up network using following command
./network_setup.sh up
After running this command I am receiving this errro
#
# Generating anchor peer update for Org2MSP
########################################################### 2017-06-05 18:16:35.716 CST [common/configtx/tool] main -> INFO 001
Loading configuration 2017-06-05 18:16:35.719 CST
[common/configtx/tool] doOutputAnchorPeersUpdate -> INFO 002
Generating anchor peer update 2017-06-05 18:16:35.719 CST
[common/configtx/tool] doOutputAnchorPeersUpdate -> INFO 003 Writing
anchor peer update
Pulling cli (hyperledger/fabric-tools:latest)...
ERROR: repository hyperledger/fabric-tools not found: does not exist or no pull access
ERROR !!!! Unable to pull the images
How I can remove this error?please help me
You can manually pull this (and any other Hyperledger Fabric image) image from DockerHub. There was a period when the fabric-tools image was not included in the helper script download-dockerimages.sh.
docker pull hyperledger/fabric-tools:x86_64-1.0.0-beta
docker tag hyperledger/fabric-tools:x86_64-1.0.0-beta hyperledger/fabric-tools
Note that it might be worth reviewing the set of published tags on DockerHub to be sure you are getting the latest.
https://hub.docker.com/u/hyperledger/
you write the command line : this :
docker pull hyperledger/fabric-tools:x86_64-1.1.0-rc1
after that
docker tag hyperledger/fabric-tools:x86_64-1.1.0-rc1 hyperledger/fabric-tools:latest

Resources