projectatomic
Support *-data for Kubernetes certificates
Similar to the OpenShift work being done (https://github.com/projectatomic/atomicapp/pull/696), *-data certificates should be supported for the Kubernetes provider.
This issue still persists due to this line of code: https://github.com/projectatomic/atomicapp/blob/master/atomicapp/providers/lib/kubeshift/kubebase.py#L154
This has been fixed in https://github.com/cdrage/kubeshift however, it has not yet been ported to the atomicapp library.
also would be good to post a link to the error you see. with 0.6.3 and insecure-skip-tls-verify: true and you see:
[vagrant@rhel-cdk try]$ sudo atomic run padapp ./
docker run -it --rm --privileged -v /home/vagrant/try:/atomicapp -v /run:/run -v /:/host --net=host --name padapp -e USER -e SUDO_USER -e NAME=padapp -e IMAGE=padapp padapp run ./
This container uses privileged security switches:
INFO: --net=host
Processes in this container can listen to ports (and possibly rawip traffic) on the host's network.
INFO: --privileged
This container runs without separation and should be considered the same as root on your system.
For more information on these switches and their security implications, consult the manpage for 'docker run'.
INFO :: Atomic App: 0.6.3 - Mode: Run
INFO :: Found existing external application: mariadb-centos7-atomicapp Loading:
ANSWER => etherpad-app | db_name (Database Name): dn
INFO :: Using namespace default
ERROR :: [Errno 2] No such file or directory
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/atomicapp/cli/main.py", line 143, in cli_func_exec
cli_func(cli_func_args)
File "/usr/lib/python2.7/site-packages/atomicapp/cli/main.py", line 85, in cli_run
nm.run(**argdict)
File "/usr/lib/python2.7/site-packages/atomicapp/nulecule/main.py", line 322, in run
self.nulecule.run(cli_provider, dryrun)
File "/usr/lib/python2.7/site-packages/atomicapp/nulecule/base.py", line 206, in run
component.run(provider_key, dryrun)
File "/usr/lib/python2.7/site-packages/atomicapp/nulecule/base.py", line 336, in run
self._app.run(provider_key, dryrun)
File "/usr/lib/python2.7/site-packages/atomicapp/nulecule/base.py", line 206, in run
component.run(provider_key, dryrun)
File "/usr/lib/python2.7/site-packages/atomicapp/nulecule/base.py", line 340, in run
provider.init()
File "/usr/lib/python2.7/site-packages/atomicapp/providers/openshift.py", line 107, in init
self.api = Client(KubeConfig.from_file(default_config_loc), "openshift")
File "/usr/lib/python2.7/site-packages/atomicapp/providers/lib/kubeshift/client.py", line 46, in __init__
self.connection = KubeOpenshiftClient(config)
File "/usr/lib/python2.7/site-packages/atomicapp/providers/lib/kubeshift/openshift.py", line 60, in __init__
self.api.test_connection(self.k8s_api)
File "/usr/lib/python2.7/site-packages/atomicapp/providers/lib/kubeshift/kubebase.py", line 180, in test_connection
self.api.request("get", url)
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 464, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python2.7/site-packages/requests/sessions.py", line 576, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python2.7/site-packages/requests/adapters.py", line 431, in send
raise SSLError(e, request=request)
SSLError: [Errno 2] No such file or directory
workaround for now is to add insecure-skip-tls-verify: true to your
~/.kube/config file.