pmorie

$ sudo ausearch -ts recent -m AVC | grep comm=\"mt\"
type=AVC msg=audit(1428639294.464:499250): avc:  denied  { rlimitinh } for  pid=6215 comm="mt" scontext=system_u:system_r:docker_t:s0 tcontext=system_u:system_r:svirt_lxc_net_t:s0:c239,c1010 tclass=process permissive=1
type=AVC msg=audit(1428639294.464:499251): avc:  denied  { siginh } for  pid=6215 comm="mt" scontext=system_u:system_r:docker_t:s0 tcontext=system_u:system_r:svirt_lxc_net_t:s0:c239,c1010 tclass=process permissive=1
type=AVC msg=audit(1428639294.464:499252): avc:  denied  { noatsecure } for  pid=6215 comm="mt" scontext=system_u:system_r:docker_t:s0 tcontext=system_u:system_r:svirt_lxc_net_t:s0:c239,c1010 tclass=process permissive=1
type=AVC msg=audit(1428639294.470:499253): avc:  denied  { create } for  pid=6215 comm="mt" name="test-file" scontext=system_u:system_r:svirt_lxc_net_t:s0:c239,c1010 tcontext=system_u:object_r:docker_var_lib_t:s0 tclass=file permissive=0
type=AVC msg=audit(1428639299.242:499404): avc:  denied  { rlimitinh } for  pi

pmorie

Use cases:

1. As an application author, I want to define a set of parameters which can be consumed as environment variables in a pod
2. As an application author, I want to express that:
   1. A pod template consumes a set of parameters
   2. My pod should be redeployed when a paremeter it depends on changes
3. As an application author, when I add a new deployed pod

pmorie

$ mount
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime,seclabel)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
devtmpfs on /dev type devtmpfs (rw,nosuid,seclabel,size=8068044k,nr_inodes=2017011,mode=755)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,seclabel)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755)
tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,seclabel,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)

pmorie

$ go run hack/e2e.go -down -v
2015/01/14 11:48:22 Running: teardown
Traceback (most recent call last):
  File "/home/pmorie/google-cloud-sdk/./lib/googlecloudsdk/gcloud/gcloud.py", line 164, in <module>
    _cli = CreateCLI()
  File "/home/pmorie/google-cloud-sdk/./lib/googlecloudsdk/gcloud/gcloud.py", line 162, in CreateCLI
    return loader.Generate()
  File "/home/pmorie/google-cloud-sdk/./lib/googlecloudsdk/calliope/cli.py", line 194, in Generate
    return self.__LoadCLIFromGroups()
  File "/home/pmorie/google-cloud-sdk/./lib/googlecloudsdk/calliope/cli.py", line 231, in __LoadCLIFromGroups

pmorie

+++ Building tarball: full
2015/01/13 14:55:35 Running: up
Vagrant doesn't need special preparations for e2e tests
Starting cluster using provider: vagrant
... calling verify-prereqs
... calling kube-up
Using credentials: vagrant:vagrant
Bringing machine 'master' up with 'virtualbox' provider...
Bringing machine 'minion-1' up with 'virtualbox' provider...
==> master: VirtualBox VM is already running.

pmorie

$ _output/dockerized/bin/linux/amd64/kubectl --auth-path=/home/pmorie/.kubernetes_vagrant_auth get minions -o template -t {{range.items}}{{.id}}:{{end}}
F0113 14:43:37.934744   18437 get.go:131] Get http://localhost:8080/api/v1beta1/minions?namespace=default: dial tcp 127.0.0.1:8080: connection refused

pmorie

--- a/docs/router_sharding.md
+++ b/docs/router_sharding.md
@@ -125,10 +125,10 @@ The `RouteScheduler` processes `Route` resources as follows:
 1.  The `RouteScheduler` watches for newly created (and thus unscheduled) `Route`s and
     periodically list the unscheduled `Route`s to retry
 2.  The scheduler passes unscheduled `Route` records to the `RouteSchedulerStrategy` interface
-3.  The scheduler creates a `RouteBinding` for the  route and router if the route binding is
-    successful
-4.  The `RouteBinding` REST API applies the route binding to the `Route`'s status field, setting the
-    `DNS` and `Phase` fields

pmorie

Nov 26 13:33:41 ip-10-181-109-43 docker[281]: [c43733ca] -job build() = OK (0)
Nov 26 13:33:41 ip-10-181-109-43 docker[281]: [info] POST /v1.15/build?rm=1&t=openshift%2Forigin-haproxy-router
Nov 26 13:33:41 ip-10-181-109-43 docker[281]: [c43733ca] +job build()
-- Reboot --
Nov 26 13:34:15 ip-10-181-109-43.ec2.internal systemd[1]: Starting Docker Application Container Engine...
Nov 26 13:34:16 ip-10-181-109-43.ec2.internal docker[281]: 2014/11/26 13:34:16 docker daemon: 1.3.1 4e9bbfa/1.3.1; execdriver: native; graphdriver:
Nov 26 13:34:16 ip-10-181-109-43.ec2.internal docker[281]: [1c1e9739] +job serveapi(fd://)
Nov 26 13:34:16 ip-10-181-109-43.ec2.internal docker[281]: [info] Listening for HTTP on fd ()
Nov 26 13:34:16 ip-10-181-109-43.ec2.internal docker[281]: [1c1e9739] +job init_networkdriver()

pmorie

R&D Notes: Information Sharing & Hooks

This gist captures the results of a couple sprints of R&D on information sharing and hooks.

How gears are linked

We discussed two models of how gears are linked:

pmorie

$ sudo GOPATH=$GOPATH go get -v code.google.com/p/go.tools/cmd/gofmt
[sudo] password for pmorie: 
code.google.com/p/go.tools (download)
package code.google.com/p/go.tools/cmd/gofmt
        imports code.google.com/p/go.tools/cmd/gofmt
        imports code.google.com/p/go.tools/cmd/gofmt: cannot find package "code.google.com/p/go.tools/cmd/gofmt" in any of:
        /usr/lib/golang/src/pkg/code.google.com/p/go.tools/cmd/gofmt (from $GOROOT)
        /home/pmorie/go/src/code.google.com/p/go.tools/cmd/gofmt (from $GOPATH)