I’ve been working hard on multiarch enablement for various OpenShift features. Here are a few notes from the last few weeks:
New Blog on Cluster API
Delve into the powerful capabilities of Cluster API and how it enables effortless K8s cluster deployment on PowerVC: https://community.ibm.com/community/user/powerdeveloper/blogs/prajyot-parab/2023/05/31/simplifying-k8s-cluster-deployment-leveraging-capiPrajyot Parat from the Kubernetes/OpenShift on Power team
It’s a really helpful and interesting solution to deploying your cluster.
TIP: OpenShift Installer Provisioned Infrastructure on IBM Cloud
I installed a new cluster with the openshift-installer using IPI on IBM Cloud with a pre-defined VPC with predefined networks. If your install hangs and fails mysteriously after 30-40 minutes with three provisioned RHCOS nodes trying to call out to quay.io, it could point to the Public Gateway for the network not being enabled so it can call back to quay.io.
This issue was tough to debug, and I hope it helps you.
TIP: scp hangs because of bad mtu
The scp command opens the channel and hangs…
scp -vvv -i data/id_rsa sample.txt email@example.com:/tmp ... debug1: channel 0: free: client-session, nchannels 1 debug3: channel 0: status: The following connections are open: #0 client-session (t4 r0 i0/0 o0/0 e[write]/0 fd 6/7/8 sock -1 cc -1)
You can go check the optimal MTU to send to the destination.
# ping 126.96.36.199 -c 10 -M do -s 1499 PING 188.8.131.52 (184.108.40.206) 1499(1527) bytes of data. ping: local error: Message too long, mtu=1500 ping: local error: Message too long, mtu=1500 ping: local error: Message too long, mtu=1500 ping: local error: Message too long, mtu=1500
ip link set eth0 mtu 1400
Then it’ll work.
The above will help when scp hangs.
Blog: Using the oc-compliance plugin on the OpenShift Container Platform on Power
My team has added support for oc-compliance on OpenShift Container Platform on IBM Power, and in this post, I’m sharing the download, the setup, and using the tool in the cluster.https://community.ibm.com/community/user/powerdeveloper/blogs/aditi-jadhav/2023/06/07/using-the-oc-compliance-plugin-on-the-openshift-co
The oc-compliance plugin is super helpful, and my colleague Aditi has created a new blog on oc-compliance.
A blog on using seccomp with OCP4.https://medium.com/@aditijadhav38/configuring-seccomp-profile-on-openshift-container-platform-for-security-and-compliance-on-power-d94907f4b1f9
My teammate Aditi updated for 4.12 and 4.13 (surprise no changes, which is good).