A few weeks of notes

I’ve been working hard on multiarch enablement for various OpenShift features. Here are a few notes from the last few weeks:

New Blog on Cluster API

Delve into the powerful capabilities of Cluster API and how it enables effortless K8s cluster deployment on PowerVC: https://community.ibm.com/community/user/powerdeveloper/blogs/prajyot-parab/2023/05/31/simplifying-k8s-cluster-deployment-leveraging-capi 

Prajyot Parat from the Kubernetes/OpenShift on Power team

It’s a really helpful and interesting solution to deploying your cluster.

TIP: OpenShift Installer Provisioned Infrastructure on IBM Cloud

I installed a new cluster with the openshift-installer using IPI on IBM Cloud with a pre-defined VPC with predefined networks. If your install hangs and fails mysteriously after 30-40 minutes with three provisioned RHCOS nodes trying to call out to quay.io, it could point to the Public Gateway for the network not being enabled so it can call back to quay.io.

This issue was tough to debug, and I hope it helps you.

TIP: scp hangs because of bad mtu

The scp command opens the channel and hangs…

scp -vvv -i data/id_rsa sample.txt root@1.1.1.1:/tmp
...
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 r0 i0/0 o0/0 e[write]/0 fd 6/7/8 sock -1 cc -1)

You can go check the optimal MTU to send to the destination.

# ping 1.1.1.1 -c 10 -M do -s 1499
PING 1.1.1.1 (1.1.1.1) 1499(1527) bytes of data.
ping: local error: Message too long, mtu=1500
ping: local error: Message too long, mtu=1500
ping: local error: Message too long, mtu=1500
ping: local error: Message too long, mtu=1500

Then per the link https://unix.stackexchange.com/questions/14187/why-does-scp-hang-on-copying-files-larger-than-1405-bytes

ip link set eth0 mtu 1400

Then it’ll work.

The above will help when scp hangs.

Blog: Using the oc-compliance plugin on the OpenShift Container Platform on Power

My team has added support for oc-compliance on OpenShift Container Platform on IBM Power, and in this post, I’m sharing the download, the setup, and using the tool in the cluster. 

https://community.ibm.com/community/user/powerdeveloper/blogs/aditi-jadhav/2023/06/07/using-the-oc-compliance-plugin-on-the-openshift-co

The oc-compliance plugin is super helpful, and my colleague Aditi has created a new blog on oc-compliance.

Blog: Configuring Seccomp Profile on OpenShift Container Platform for Security and Compliance on Power

A blog on using seccomp with OCP4.

https://medium.com/@aditijadhav38/configuring-seccomp-profile-on-openshift-container-platform-for-security-and-compliance-on-power-d94907f4b1f9

My teammate Aditi updated for 4.12 and 4.13 (surprise no changes, which is good).


Posted

in

by

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.