Upgrading OpenShift Enterprise from 3.1 to 3.2

Upgrading from OSE 3.1 to 3.2 using the playbook went quite well for me, but there were a few issues to sort out. The issues were related to: ip failover had to be updated manually there was about 5 minutes downtime during the upgrade updates to image streams docker error messages updated policy and role bindings build strategy Source is not allowed hawkular metrics Upgrade Process Following the directions is pretty straight forward.

Continue reading

Changing the SSL Certificate for OpenShift Console

OpenShift has an internal CA for generating certificates to authenticate intra-cluster communication, but your browser doesn’t trust this CA. Perhaps you want to fix that without mucking with the internal SSL communication? I did. Here is how. This OpenShift doc explains how to do this, but it isn’t very clear, to me at least. Overview An outline of the steps: Only make changes to the public URLs and not any internal URLs.

Continue reading

OpenShift High Availability - Routing

Highly availabile containers in OpenShift are baked into the cake thanks to replication controllers and service load balancing, but there are plenty of other single points of failure. Here is how to eliminate many of those. Single Points of Failure The components of OpenShift include: Master controller manager server and API endpoint Etcd configuration and state storage Docker Registry Router haproxy This post is mostly about adding high availability to the routing layer.

Continue reading