#rancher

/

      • RancherBot
      • <tsukaman> @vincent Thank you reply. But I’ve already got it from Github. I wanna only notice this web page issue to administrator of rancher web site.
      • flaccid joined the channel
      • ShadowApex has quit
      • jab416171 joined the channel
      • jri joined the channel
      • high_fiver joined the channel
      • [b__b] has quit
      • -- BotBot disconnected, possible missing messages --
      • -- BotBot disconnected, possible missing messages --
      • [b__b] joined the channel
      • _ChauffeR joined the channel
      • eclipse joined the channel
      • hue joined the channel
      • Reepicheep joined the channel
      • thansen joined the channel
      • dalareo joined the channel
      • mosulica joined the channel
      • akik joined the channel
      • Vapez has quit
      • Vapez joined the channel
      • Vapez has quit
      • Vapez joined the channel
      • <pcornelissen> Right, but as rancher uses the same mechanism inside the docker instances thi sstill might help. Putting a secret in rancher isn’t that hard ;)
      • <pcornelissen> works for me
      • Elsmorian joined the channel
      • jri joined the channel
      • jri has quit
      • jri joined the channel
      • <pcornelissen> Oh right, I downloaded the wrong files :slightly_smiling_face:
      • <rlishkov> @adalloz tnx for response ... Actualy I think to put rancher-cli in the container and mount /var/spool/cron/ like rancher-nfs Then crontab which restart rancher services/stacks
      • <adalloz> @rlishkov from a security perspective that's not a good choice
      • zenoway joined the channel
      • Vapez_ joined the channel
      • Vapez has quit
      • <rlishkov> Tnx for guides @adalloz I start container with env $RANCHER_URL $RANCHER_ACCESS_KEY and RANCHER_SECRET_KEY. There is no cred in rancher-nfs storage stored. What i miss in security prespective.
      • <adalloz> @rlishkov your container has full powers with that API access
      • <adalloz> environment variables can be read
      • MrBleu joined the channel
      • <sjkeerthi> is there way to bring my apache log into stdout/stderr under viewlog
      • MrBleu has quit
      • <sjkeerthi> if I have scale apache 2 so if I have an issue to identified log how will i check which container to check the logs
      • <sjkeerthi> any suggestion will really helps me out
      • <georgi> does anyone know why i get “Unable to revive connection: http://elasticsearch:9200/” when deploying the ELK Stack from the rancher community catalog? everything is up and running but kibana tells me Unable to connect to Elasticsearch at http://elasticsearch:9200.
      • <georgi> i did not modify the catalog yml everything is on default
      • mosulica has quit
      • <georgi> when im in the container and wget said address i get Connection refused.
      • mosulica joined the channel
      • <mrbleu> Hey guys :where are located the host drivers in the cattle/rancher code ? i am unable to find them :(
      • <dastan> any rancher guys here? I see you implement a `cloud-provider`, I’d like to implement one for our environment too. can you guys help to explain the mechanism of how k8s interact with a cloud-provider?
      • <dspx90> did you increase the vm.max_map_count, because in default it causes the elasticsearch container to restart again and again
      • <georgi> @dspx90 my containers are all up and running and healthy i managed to connect them but now i have i versioning error because there are 3 elasticsearch catalog items i hope one of them is compatible with the one kibana catalog item
      • <mpr> Hey, has anyone setup traefik as reverse proxy on rancher?
      • mosulica joined the channel
      • <dspx90> @georgi okay, that was just my quick idea, but i dont have much to do with elasticsearch at all :S
      • aze has quit
      • <dspx90> @georgi cant help you there, sorry
      • <georgi> @dspx90 the cluster version needs increased heap size so there is that :slightly_smiling_face:
      • <adalloz> the catalog template asks you for parameters when deploying
      • <georgi> you can also set sysctl to true
      • <adalloz> @georgi elasticsearch cluster 5.5.1 catalog item works with the kibana one
      • <georgi> thanks @adalloz that is the last thing i am just configuring :)
      • <georgi> tried the other 2 first
      • <adalloz> what it does not do properly is distributing the 3 data node instances over my 3 nodes
      • <georgi> you always enforce with rancher affinity labels
      • <georgi> but sidekicks are always on the same node i think
      • <sjkeerthi> is there way to bring my apache log into stdout/stderr under viewlog if I have scale apache 2 so if I have an issue to identified log how will i check which container to check the logs any suggestion will really helps me out
      • cvaillac has quit
      • cvaillac joined the channel
      • cvaillac is now known as umbSublime
      • z1mme has quit
      • divine has quit
      • divine joined the channel
      • <adalloz> @georgi the affinity labels are set
      • ssarah joined the channel
      • zenoway has quit
      • zenoway joined the channel
      • Pierre-O joined the channel
      • zenoway has quit
      • zenoway joined the channel
      • <georgi> @adalloz if the affinity labels are set it should work but as i said im not 100% on this but sidekicks always start on same node i think but the rest normal services start where you tell them to
      • him joined the channel
      • ssarah has quit
      • ssarah joined the channel
      • <martinlee> http://rancher.com/docs/rancher/v1.6/en/cattle/... if I set up a volume like this - will I need to schedule the container to always start on the same host, or will rancher deal with this for me?
      • <martinlee> @georgi I ended up building out my own ELK stack using the documentation on elastic.co - found it to be considerably better than the catalogue version
      • <georgi> @martinlee i might give it a try later but i just finished configuration for the catalog ELK stack thanks for the update
      • <georgi> environment volumes should be the correct answer you will see them in you Environment->Infrastructure->Storage Drivers, i think
      • <adept> Hey, there! unable to add a new hosts to exited rancher env. Healthcheck and ipsec is stuck in initializing-Timeout getting ip address. I've found only one simmilar issue on github. https://github.com/rancher/rancher/issues/9621 Does anyone know what it is? some logs attached bellow ``` time="2017-08-17T11:31:58Z" level=info msg="CNI up done"
      • cid=e80bf6394dab1f078ad0070848f58f131773706dbec6443bc86dba62de25d027 networkMode=ipsec result=<nil> time="2017-08-17T11:31:58Z" level=info msg="Setting up resolv.conf for ContainerId [57846725c94337632cc7cf0d48350e617105b2895232772ca3c2f219023c647d]" time="2017-08-17T11:31:58Z" level=info msg="Setting up resolv.conf for ContainerId [b68f2f36a9f4b77f2dadf557bddb767fa7b4909d379b7556494b2bfd6baa967a]"
      • time="2017-08-17T11:31:58Z" level=info msg="Setting up resolv.conf for ContainerId [ad7cbfca789fc712c153a966afc82370c14595dcb037ea35a4df1404e700fc49]" time="2017-08-17T11:31:58Z" level=info msg="Container [b33e29c1b5e4a94ebd4711606353860b2c8e0b2ac78a6f5ef960413967043119] not running. Can't setup resolv.conf." time="2017-08-17T11:31:58Z" level=info msg="CNI up"
      • cid=b68f2f36a9f4b77f2dadf557bddb767fa7b4909d379b7556494b2bfd6baa967a networkMode=ipsec time="2017-08-17T11:31:58Z" level=info msg="CNI up done" cid=b68f2f36a9f4b77f2dadf557bddb767fa7b4909d379b7556494b2bfd6baa967a networkMode=ipsec result=<nil> time="2017-08-17T11:31:58Z" level=info msg="CNI up" cid=ad7cbfca789fc712c153a966afc82370c14595dcb037ea35a4df1404e700fc49 networkMode=ipsec time="2017-08-17T11:31:58Z"
      • level=info msg="CNI up done" cid=ad7cbfca789fc712c153a966afc82370c14595dcb037ea35a4df1404e700fc49 networkMode=ipsec result=<nil> time="2017-08-17T11:32:05Z" level=info msg="Network router changed, syncing ARP tables 2/10 in containers, new MAC: 02:a0:41:62:70:ec" time="2017-08-17T11:32:12Z" level=info msg="Network router changed, syncing ARP tables 3/10 in containers, new MAC: 02:a0:41:62:70:ec"
      • time="2017-08-17T11:32:17Z" level=info msg="Network router changed, syncing ARP tables 4/10 in containers, new MAC: 02:a0:41:62:70:ec" time="2017-08-17T11:32:22Z" level=info msg="Network router changed, syncing ARP tables 5/10 in containers, new MAC: 02:a0:41:62:70:ec" time="2017-08-17T11:33:03Z" level=info msg="CNI down" cid=ad7cbfca789fc712c153a966afc82370c14595dcb037ea35a4df1404e700fc49 networkMode=ipsec
      • time="2017-08-17T11:33:03Z" level=info msg="Applying new port rules" time="2017-08-17T11:33:03Z" level=info msg="Network router changed, syncing ARP tables 6/10 in containers, new MAC: 02:a0:41:62:70:ec" time="2017-08-17T11:33:03Z" level=info msg="CNI down" cid=b68f2f36a9f4b77f2dadf557bddb767fa7b4909d379b7556494b2bfd6baa967a networkMode=ipsec time="2017-08-17T11:33:07Z" level=info msg="CNI down"
      • cid=e80bf6394dab1f078ad0070848f58f131773706dbec6443bc86dba62de25d027 networkMode=ipsec time="2017-08-17T11:33:07Z" level=info msg="Applying new port rules" time="2017-08-17T11:33:28Z" level=info msg="Setting up binaries for: map[]" time="2017-08-17T11:33:58Z" level=error msg="vethsync/utils: couldn't find any local bridge link" time="2017-08-17T11:33:58Z" level=error msg="vethsync: error building hostVethMap
      • list" time="2017-08-17T11:33:58Z" level=error msg="vethsync: while syncing, got error: couldn't find any local bridge link"```
      • <georgi> try deleting healthcheck and ipsec and start them again (they can be found in the official catalog) looks like a networking error there won’t be a domain or nameserver in your /etc/resolv,conf
      • <adept> @georgi already did that. and also had tried to reinstall docker using another version and delete the veth interface via ip link delete veth636aef9 - with no luck ```time="2017-08-17T11:48:41Z" level=error msg="vethsync/utils: couldn't find any local bridge link" time="2017-08-17T11:48:41Z" level=error msg="vethsync: error building hostVethMap list" time="2017-08-17T11:48:41Z" level=error msg="vethsync:
      • while syncing, got error: couldn't find any local bridge link" time="2017-08-17T11:48:41Z" level=info msg="Starting event router." ```
      • <georgi> if you are adding a host on the same server as rancher-server you need to follow the docs http://rancher.com/docs/rancher/v1.6/en/hosts/c...
      • <adept> @georgi Not it wasn't the same server as rancher. I also tried to initialize stack on another cloud provider - same result.
      • <georgi> well if you cannot setup resolv.conf you wont have any luck finding your rancher server
      • <georgi> if you are using RancherOS you can include a nameserver in the cloud config but thats a stretch right there
      • <sjkeerthi> is there a way to post my apache container access.log and error.log into the viewlog
      • <adalloz> @sjkeerthi what is the viewlog?
      • <sjkeerthi> on the rancher management while I click the container there is options ExecuteShell / View Log
      • <adalloz> if you mean the log viewing through ranchers browser UI, then it is just stdout and stderr of the container process(es)
      • <adalloz> @sjkeerthi generally speaking, you do not let your containers write into logs within in the container
      • <adalloz> for apache you simply configure it with for instance: CustomLog /dev/stdout whatever
      • <sjkeerthi> My goal is I have a apache container where if I scale them each will have there own access.log and error.log if I have any issue and want to check them how do easily manage them identify on which container's access.log it is
      • <sjkeerthi> I have to each time login to both the container and have to tail them up is there any why to manage them
      • <adalloz> @sjkeerthi rethink your doing, you want central logging outside of your containers
      • Vapez_ has quit
      • <sjkeerthi> if in that case how to identify which container access log it is
      • <sjkeerthi> any suggestion will really help or ideas how to do that with any tool
      • <him> Doing some tests with prometheus in rancher, anyone worked with it and have a minute to answer a question or two? :slightly_smiling_face:
      • <adalloz> @sjkeerthi for me all necessary info is collected by logstash and pushed into elasticsearch where I can identify from which container the information comes
      • <adalloz> @him always best is to just ask
      • <him> @adalloz just didnt want to clog the other questions in the channel :slightly_smiling_face: Know that alot of people are here to ask for help with rancher and it should be primarily rancher questions in the general chat
      • <sjkeerthi> in my Dockerfile I pointed rancher-nfs volume /logs linked to /var/log/httpd but if I scale both are right into access.log how to bring them into containername-error.log and containername-access.log
      • zenoway has quit
      • <adalloz> @him ah, if you are worried, there is the random channel
      • zenoway joined the channel
      • <adalloz> @sjkeerthi didn't think it through, but that would just tell apache how to name the logs
      • zenoway has quit
      • bluenemo joined the channel
      • <adept> @georgi well I unable to add no one more host anymore on 1.5.5 rancher(my current production rancher version) But 1.6.6 working fine
      • <georgi> @adept i guess networking can have multiple sources for errors, i always try to stick to latest stable
      • <warroyo> Is there a way to deploy a stack as an infrastructure stack without creating a catalog item? Maybe a label that can be set?
      • pujan14 joined the channel
      • pujan14 has quit
      • eclipse is now known as wiggle
      • garbageyard joined the channel
      • garbageyard
        I am getting error "msg="Error getting config." error="Invalid key content" while starting Rancher server on Google cloud. This was working before. Any idea?
      • RancherBot
        <robotmay> Bleh, I'm getting the following after Rancher having been running fine overnight: ``` time="2017-08-17T15:05:29Z" level=info msg="Build context (go=go1.7.5, user=root@afcddccec7e5, date=20170301-17:28:10)" source="main.go:197" time="2017-08-17T15:05:29Z" level=info msg="Listening on :9108" source="main.go:261" 170817 15:05:29 [Note] /usr/sbin/mysqld (mysqld 5.5.55-0ubuntu0.14.04.1) starting as process
      • 33 ... s6-svscanctl: fatal: unable to control /service: supervisor not listening``` The device still has ~100GB of space free, bit confused as to what's going on
      • <robotmay> Solved it. Need to `chown -R 102:105 /var/lib/mysql` if you're bind mounting
      • garbageyard
        I tried creating a fresh instance on Google Cloud using RancherOS image and i am still getting "msg="Error getting config." error="Invalid key content" while starting Rancher server
      • RancherBot
        <superseb> garbageyard: `Invalid key content` is not a critical error, it should retry. Running RancherOS on GCE needs a MTU adjustment (see https://github.com/rancher/rancher/issues/8910#...) just to make sure you're not hitting anything. If you can share the complete logging in DM I can take a look.