nre-learning / antidote-selfmedicate Goto Github PK
View Code? Open in Web Editor NEWConfigs and scripts for spinning up a local instance of Antidote on your laptop for testing and lesson development
License: Apache License 2.0
Configs and scripts for spinning up a local instance of Antidote on your laptop for testing and lesson development
License: Apache License 2.0
Trying to perform more tests, I've tried and launch vagrant up on my Debian stable box, which fails:
==> Antidote 0.4.0: Pruning invalid NFS exports. Administrator privileges will be required...
Traceback (most recent call last):
126: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/batch_action.rb:82:in `block (2 levels) in run'
125: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/machine.rb:194:in `action'
124: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/machine.rb:194:in `call'
123: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/environment.rb:614:in `lock'
122: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/machine.rb:208:in `block in action'
121: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/machine.rb:239:in `action_raw'
120: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `run'
119: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/util/busy.rb:19:in `busy'
118: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `block in run'
117: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builder.rb:116:in `call'
116: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
115: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/check_virtualbox.rb:26:in `call'
114: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
113: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/call.rb:53:in `call'
112: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `run'
111: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/util/busy.rb:19:in `busy'
110: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `block in run'
109: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builder.rb:116:in `call'
108: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
107: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:95:in `block in finalize_action'
106: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
105: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/handle_box.rb:56:in `call'
104: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
103: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:95:in `block in finalize_action'
102: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
101: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/config_validate.rb:25:in `call'
100: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
99: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/call.rb:53:in `call'
98: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `run'
97: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/util/busy.rb:19:in `busy'
96: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `block in run'
95: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builder.rb:116:in `call'
94: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
93: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:95:in `block in finalize_action'
92: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
91: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/check_accessible.rb:18:in `call'
90: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
89: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/customize.rb:40:in `call'
88: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
87: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/prepare_clone.rb:15:in `call'
86: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
85: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/prepare_clone_snapshot.rb:17:in `call'
84: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
83: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/import.rb:13:in `call'
82: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/import.rb:74:in `import'
81: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
80: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/discard_state.rb:15:in `call'
79: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
78: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/match_mac_address.rb:22:in `call'
77: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
76: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:95:in `block in finalize_action'
75: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
74: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/check_virtualbox.rb:26:in `call'
73: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
72: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/config_validate.rb:25:in `call'
71: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
70: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/box_check_outdated.rb:84:in `call'
69: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
68: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/call.rb:53:in `call'
67: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `run'
66: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/util/busy.rb:19:in `busy'
65: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `block in run'
64: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builder.rb:116:in `call'
63: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
62: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:95:in `block in finalize_action'
61: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
60: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/call.rb:53:in `call'
59: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `run'
58: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/util/busy.rb:19:in `busy'
57: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `block in run'
56: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builder.rb:116:in `call'
55: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
54: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:95:in `block in finalize_action'
53: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
52: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/call.rb:53:in `call'
51: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `run'
50: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/util/busy.rb:19:in `busy'
49: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `block in run'
48: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builder.rb:116:in `call'
47: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
46: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:95:in `block in finalize_action'
45: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
44: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/check_accessible.rb:18:in `call'
43: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
42: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/clean_machine_folder.rb:17:in `call'
41: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
40: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/set_name.rb:50:in `call'
39: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
38: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/providers/virtualbox/action/clear_forwarded_ports.rb:15:in `call'
37: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
36: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/provision.rb:103:in `call'
35: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/provision.rb:103:in `each'
34: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/provision.rb:126:in `block in call'
33: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/provision.rb:126:in `call'
32: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/environment.rb:526:in `hook'
31: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `run'
30: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/util/busy.rb:19:in `busy'
29: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/runner.rb:66:in `block in run'
28: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builder.rb:116:in `call'
27: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:34:in `call'
26: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:95:in `block in finalize_action'
25: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/warden.rb:95:in `call'
24: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/lib/vagrant/action/builtin/provision.rb:138:in `run_provisioner'
23: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/provisioners/file/provisioner.rb:5:in `provision'
22: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/provisioners/file/provisioner.rb:5:in `tap'
21: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/provisioners/file/provisioner.rb:44:in `block in provision'
20: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/communicators/ssh/communicator.rb:293:in `upload'
19: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/communicators/ssh/communicator.rb:707:in `scp_connect'
18: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/communicators/ssh/communicator.rb:349:in `connect'
17: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/communicators/ssh/communicator.rb:709:in `block in scp_connect'
16: from /usr/share/rubygems-integration/all/gems/vagrant-2.2.3/plugins/communicators/ssh/communicator.rb:296:in `block in upload'
15: from /usr/lib/ruby/vendor_ruby/net/scp.rb:284:in `upload!'
14: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/channel.rb:272:in `wait'
13: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/session.rb:181:in `loop'
12: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/session.rb:181:in `loop'
11: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/session.rb:181:in `block in loop'
10: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/session.rb:228:in `process'
9: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/event_loop.rb:29:in `process'
8: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/event_loop.rb:101:in `ev_preprocess'
7: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/event_loop.rb:101:in `each'
6: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/session.rb:249:in `ev_preprocess'
5: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/session.rb:549:in `dispatch_incoming_packets'
4: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/session.rb:682:in `channel_close'
3: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/session.rb:573:in `channel_closed'
2: from /usr/lib/ruby/vendor_ruby/net/ssh/connection/channel.rb:610:in `do_close'
1: from /usr/lib/ruby/vendor_ruby/net/scp.rb:365:in `block (3 levels) in start_command'
/usr/lib/ruby/vendor_ruby/net/scp.rb:398:in `await_response_state': scp: error: unexpected filename: . (Net::SCP::Error)
This looks very much like hashicorp/vagrant#10662 which should hopefully be worked around easily... will report.
Locally running NRE labs via minikube and virtualbox on OSX crashes when Netskope intercepts SSL web calls to storage.googleapis.com
and k8s.gcr.io
. To get around these issues corporate laptops need to reach out to IT, create a case, and receive the following certs:
netskopeint.pem
(intermediate cert)netskoperoot.pem
(root cert)After this the user must make a directory structure under ~/.minikube
and copy in certificates:
$ mkdir -p ~/.minikube/files/etc/ssl/certs
$ cp netskopeint.pem ~/.minikube/etc/files/ssl/certs
$ cp netskoperoot.pem ~/.minikube/etc/files/ssl/certs
NOTE: verify permissions are at least 644 at least on these cert files.
$ minikube start
or ./anti-up.sh
should now function
I installed antidote-selfmedicate
alongside the nrelabs-curriculum
current master branch. After a few tweaks and troubleshooting with the vagrant script, kubectl/docker versions, and some changes in the Docker file of the images in the networkInterfaces: - ' '
, I managed to get it up and running accessing through http://antidote-local:30001
with no problems. Lessons with basic Linux utility images are working with no issues as well.
However, I have not been able to boot lessons with vqfx-snapx images. Lessons are validated and pods/containers are created with no apparent issues, but lessons are stuck on loading and then timeout. After some troubleshooting and looking through some logs from Docker, I found that the provisioning script of the images launch.sh
fails to execute the first command mount -o rw,remount /sys
presenting the error mount: cannot remount sysfs read-write, is write-protected
. And from there on, the rest of the script fail because I guess is not finding the expected mounted directory. I even logged in directly to the container to try to execute it and tried other options but is not working.
Looking forward for any recommendations into this issue.
Here is the output of ./selfmedicate.sh debug
and screenshot with the pods details for reference as well: https://gist.github.com/crosscacus/2dd26d6bd5f2c74cd09a0337f76e123b
After cloning the latest version of antidote-selfmedicate and running the script, I see the web interface is unavailable. When I go to the URL http://antidote-local:30001, I see "503 Service Temporarily Unavailable".
I'm using KVM to run the Minikube VM, but I also tried the same with Virtualbox and got the same issue.
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
antidote-web-57f98b78d4-5wr8l 1/2 Running 0 73m
nginx-ingress-controller-6f575d4f84-m2d5n 1/1 Running 0 73m
syringe-6ffd7b7ccc-6bsxv 1/1 Running 0 73m
$ kubectl get events
LAST SEEN TYPE REASON KIND MESSAGE
59m Normal Pulled Pod Successfully pulled image "antidotelabs/antidote-web:latest"
59m Normal Created Pod Created container
59m Normal Started Pod Started container
4m15s Warning Unhealthy Pod Readiness probe failed: HTTP probe failed with statuscode: 404
$ kubectl logs antidote-web-57f98b78d4-5wr8l antidote-web
14-May-2019 18:37:56.054 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version: Apache Tomcat/8.5.34
14-May-2019 18:37:56.100 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built: Sep 4 2018 22:28:22 UTC
14-May-2019 18:37:56.100 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server number: 8.5.34.0
14-May-2019 18:37:56.101 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Name: Linux
14-May-2019 18:37:56.101 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS Version: 4.15.0
14-May-2019 18:37:56.101 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Architecture: amd64
14-May-2019 18:37:56.102 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java Home: /usr/lib/jvm/java-8-openjdk-amd64/jre
14-May-2019 18:37:56.102 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Version: 1.8.0_181-8u181-b13-2~deb9u1-b13
14-May-2019 18:37:56.102 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM Vendor: Oracle Corporation
14-May-2019 18:37:56.102 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_BASE: /usr/local/tomcat
14-May-2019 18:37:56.103 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATALINA_HOME: /usr/local/tomcat
14-May-2019 18:37:56.120 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.config.file=/usr/local/tomcat/conf/logging.properties
14-May-2019 18:37:56.120 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
14-May-2019 18:37:56.120 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djdk.tls.ephemeralDHKeySize=2048
14-May-2019 18:37:56.206 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.protocol.handler.pkgs=org.apache.catalina.webresources
14-May-2019 18:37:56.207 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dorg.apache.catalina.security.SecurityListener.UMASK=0027
14-May-2019 18:37:56.208 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dignore.endorsed.dirs=
14-May-2019 18:37:56.215 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.base=/usr/local/tomcat
14-May-2019 18:37:56.216 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Dcatalina.home=/usr/local/tomcat
14-May-2019 18:37:56.217 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Command line argument: -Djava.io.tmpdir=/usr/local/tomcat/temp
14-May-2019 18:37:56.217 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent Loaded APR based Apache Tomcat Native library [1.2.17] using APR version [1.5.2].
14-May-2019 18:37:56.217 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].
14-May-2019 18:37:56.217 INFO [main] org.apache.catalina.core.AprLifecycleListener.lifecycleEvent APR/OpenSSL configuration: useAprConnector [false], useOpenSSL [true]
14-May-2019 18:37:56.281 INFO [main] org.apache.catalina.core.AprLifecycleListener.initializeSSL OpenSSL successfully initialized [OpenSSL 1.1.0f 25 May 2017]
14-May-2019 18:37:57.479 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["http-nio-8080"]
14-May-2019 18:37:57.667 INFO [main] org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared selector for servlet write/read
14-May-2019 18:37:57.802 INFO [main] org.apache.coyote.AbstractProtocol.init Initializing ProtocolHandler ["ajp-nio-8009"]
14-May-2019 18:37:57.813 INFO [main] org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector Using a shared selector for servlet write/read
14-May-2019 18:37:57.845 INFO [main] org.apache.catalina.startup.Catalina.load Initialization processed in 6669 ms
14-May-2019 18:37:58.248 INFO [main] org.apache.catalina.core.StandardService.startInternal Starting service [Catalina]
14-May-2019 18:37:58.253 INFO [main] org.apache.catalina.core.StandardEngine.startInternal Starting Servlet Engine: Apache Tomcat/8.5.34
14-May-2019 18:37:58.711 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deploying web application archive [/usr/local/tomcat/webapps/guacamole.war]
14-May-2019 18:38:19.262 INFO [localhost-startStop-1] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
18:38:24.829 [localhost-startStop-1] INFO o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/root/.guacamole".
18:38:26.816 [localhost-startStop-1] INFO o.a.g.rest.auth.HashTokenSessionMap - Sessions will expire after 60 minutes of inactivity.
18:38:30.292 [localhost-startStop-1] INFO o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/root/.guacamole".
18:38:54.185 [localhost-startStop-1] INFO o.a.g.extension.ExtensionModule - Extension "PostgreSQL Authentication" loaded.
18:38:54.237 [localhost-startStop-1] INFO o.a.g.environment.LocalEnvironment - GUACAMOLE_HOME is "/root/.guacamole".
18:38:56.122 [localhost-startStop-1] INFO o.a.g.t.w.WebSocketTunnelModule - Loading JSR-356 WebSocket support...
14-May-2019 18:39:01.892 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register Registering org.apache.guacamole.rest.RESTExceptionMapper as a provider class
14-May-2019 18:39:01.906 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register Registering org.apache.guacamole.rest.extension.ExtensionRESTService as a root resource class
14-May-2019 18:39:01.906 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register Registering org.apache.guacamole.rest.language.LanguageRESTService as a root resource class
14-May-2019 18:39:01.906 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register Registering org.apache.guacamole.rest.patch.PatchRESTService as a root resource class
14-May-2019 18:39:01.907 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register Registering org.apache.guacamole.rest.auth.TokenRESTService as a root resource class
14-May-2019 18:39:01.907 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register Registering org.apache.guacamole.rest.session.SessionRESTService as a root resource class
14-May-2019 18:39:01.910 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.register Registering org.codehaus.jackson.jaxrs.JacksonJsonProvider as a provider class
14-May-2019 18:39:01.948 INFO [localhost-startStop-1] com.sun.jersey.server.impl.application.WebApplicationImpl._initiate Initiating Jersey application, version 'Jersey: 1.17.1 02/28/2013 12:47 PM'
14-May-2019 18:39:03.252 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.getComponentProvider Binding org.apache.guacamole.rest.RESTExceptionMapper to GuiceManagedComponentProvider with the scope "Singleton"
14-May-2019 18:39:03.299 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.getComponentProvider Binding org.codehaus.jackson.jaxrs.JacksonJsonProvider to GuiceManagedComponentProvider with the scope "Singleton"
14-May-2019 18:39:12.237 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.getComponentProvider Binding org.apache.guacamole.rest.extension.ExtensionRESTService to GuiceManagedComponentProvider with the scope "PerRequest"
14-May-2019 18:39:12.281 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.getComponentProvider Binding org.apache.guacamole.rest.language.LanguageRESTService to GuiceManagedComponentProvider with the scope "PerRequest"
14-May-2019 18:39:12.286 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.getComponentProvider Binding org.apache.guacamole.rest.patch.PatchRESTService to GuiceManagedComponentProvider with the scope "PerRequest"
14-May-2019 18:39:12.323 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.getComponentProvider Binding org.apache.guacamole.rest.auth.TokenRESTService to GuiceManagedComponentProvider with the scope "PerRequest"
14-May-2019 18:39:12.361 INFO [localhost-startStop-1] com.sun.jersey.guice.spi.container.GuiceComponentProviderFactory.getComponentProvider Binding org.apache.guacamole.rest.session.SessionRESTService to GuiceManagedComponentProvider with the scope "PerRequest"
14-May-2019 18:39:12.602 INFO [localhost-startStop-1] org.webjars.servlet.WebjarsServlet.init WebjarsServlet initialization completed
14-May-2019 18:39:12.851 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive [/usr/local/tomcat/webapps/guacamole.war] has finished in [74,140] ms
14-May-2019 18:39:12.855 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deploying web application archive [/usr/local/tomcat/webapps/ROOT.war]
14-May-2019 18:39:15.401 INFO [localhost-startStop-1] org.apache.jasper.servlet.TldScanner.scanJars At least one JAR was scanned for TLDs yet contained no TLDs. Enable debug logging for this logger for a complete list of JARs that were scanned but no TLDs were found in them. Skipping unneeded JARs during scanning can improve startup time and JSP compilation time.
14-May-2019 18:39:15.423 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive [/usr/local/tomcat/webapps/ROOT.war] has finished in [2,568] ms
14-May-2019 18:39:15.661 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"]
14-May-2019 18:39:16.055 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["ajp-nio-8009"]
14-May-2019 18:39:16.093 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 78247 ms
$ kubectl logs antidote-web-57f98b78d4-5wr8l guacd
guacd[8]: INFO: Guacamole proxy daemon (guacd) version 1.0.0 started
guacd[8]: INFO: Listening on host 0.0.0.0, port 4822
Error: waitid: no child processes
nginx: the configuration file /tmp/nginx-cfg370968901 syntax is ok
nginx: configuration file /tmp/nginx-cfg370968901 test is successful
W0514 18:32:43.286987 1 controller.go:556] service default/antidote-web does not have any active endpoints
W0514 18:32:43.315860 1 controller.go:842] service default/antidote-web does not have any active endpoints
...removed many similar logs...
W0514 19:45:35.020347 1 backend_ssl.go:54] error obtaining PEM from secret default/: secret named default/ does not exist
W0514 19:45:45.025063 1 backend_ssl.go:54] error obtaining PEM from secret default/: secret named default/ does not exist
Software installed:
brew install kubernetes-cli
curl -Lo minikube https://storage.googleapis.com/minikube/releases/v0.34.1/minikube-darwin-amd64 && chmod +x minikube && sudo cp minikube /usr/local/bin/ && rm minikube
Cloned the antidote and antidote-selfmedicate repos into the same root directory.
Error received:
lab:antidote-selfmedicate collisio$ ./selfmedicate.sh start
Backing up existing kubeconfig to ~/.kube/preminikube_bkp...
cp: ~/.kube/config: No such file or directory
The script is correct, there is no ~/.kube/ directory.
Any ideas?
Maybe it's my particular setup, but I've hit the following problem :
=> Antidote 0.4.0: Mounting NFS shared folders...
The following SSH command responded with a non-zero exit status.
Vagrant assumes that this means the command failed!
mount -o vers=3,udp 192.168.34.1:/home/olivier/git/github.com/nre-learning/nrelabs-curriculum /antidote
Stdout from the command:
Stderr from the command:
mount.nfs: requested NFS version or transport protocol is not supported
where /home/olivier/git/github.com/nre-learning/nrelabs-curriculum exists...
I guess this might be related to some shared folder driver issue... I kind of remember there may be problems on some non-standard kernel modules in the virtualbox extensions and such...
I'm running Debian testing, and VirtualBox reports of a mismatch of versions, rebuilds the modules in the guest and reboots it...
Hope I'm not alone ;)
Running the initial set-up on a Mac (MacOS Mojave), I get the following error:sed: 1: "/etc/hosts": extra characters at the end of h command
As its already reported, trying to access manually http://192.168.99.X:30001/ , getting 503 Service Temporarily Unavailable (nginx/1.11.12) .
pradga-mbp:~ pradga$ kubectl version
Client Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.1", GitCommit:"b7394102d6ef778017f2ca4046abbaa23b88c290", GitTreeState:"clean", BuildDate:"2019-04-08T17:11:31Z", GoVersion:"go1.12.1", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"13", GitVersion:"v1.13.3", GitCommit:"721bfa751924da8d1680787490c54b9179b1fed0", GitTreeState:"clean", BuildDate:"2019-02-01T20:00:57Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}
pradga-mbp:~ pradga$ minikube version
minikube version: v0.34.1
Every time, antidote-web is not getting ready (1/2) because of Readiness probe failed: HTTP probe failed with statuscode: 404
pradga-mbp:~ pradga$ kubectl get pods
NAME READY STATUS RESTARTS AGE
antidote-web-57f98b78d4-l4rnv 1/2 Running 0 113m
nginx-ingress-controller-6f575d4f84-t5c97 1/1 Running 0 113m
syringe-6ffd7b7ccc-t2qhj 1/1 Running 0 113m
pradga-mbp:~ pradga$ kubectl get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
antidote-web 0/1 1 0 114m
nginx-ingress-controller 1/1 1 1 114m
syringe 1/1 1 1 114m
pradga-mbp:~ pradga$ kubectl get service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
antidote-web ClusterIP 10.103.193.35 8080/TCP 114m
kubernetes ClusterIP 10.96.0.1 443/TCP 115m
nginx-ingress NodePort 10.97.117.34 80:30001/TCP 114m
syringe ClusterIP 10.108.235.71 50099/TCP,8086/TCP 114m
pradga-mbp:~ pradga$ kubectl get events
LAST SEEN TYPE REASON KIND MESSAGE
3m56s Warning Unhealthy Pod Readiness probe failed: HTTP probe failed with statuscode: 404
TL/DL: Would like to work on docs for installation of self-medicate piece on OSX. Going through process and will submit a PR with more detail. Finding spots that i think a non-dev/Linux skilled networking engineer might get stuck or confused.
[Question]
Any guidance on where the
git clone https://github.com/nre-learning/antidote-selfmedicate
Should be cloned to? Should assume that network engineers donโt know where to put things. What guidance do we want to give them? Given that iCloud sync can automatically remove local cache of files on desktop/documents Iโd like to recommend creating a folder in a non-icloud-syncโd location.
Thoughts?
Preamble: kata container is not necessarily an option, depending on K8S implementation.
Currently, flavor type (trusted, untrusted, legacy) is described in images.
And association between flavor and ContainerRuntime is hardcoded.
It could be more flexible if the antidote configuration allows to associate flavor and ContainerRuntime class.
For example, for the current settings, I will configure as:
flavorLegacy: none
flavorTrusted: none
flavorUntrusted: "kata"
But for a simple deployment (k3d) I will configure as:
flavorLegacy: none
flavorTrusted: none
flavorUntrusted: none
As these settings are related to Kubernetes backend, perhaps should it be placed in a dedicated tree. For example:
backends:
kubernetes:
flavorLegacy: none
flavorTrusted: none
flavorUntrusted: "kata"
At the moment, the starting of k8s and of the application is made in the same script.
This is fine for Vagrant provisionning where everything is run as a single script since the VM is rather empty (well, it has docker).
However, testing other ways of running k8s isn't facilitated. For instance I've tested running k8s with KinD (Kubernetes in Docker), with handles the starting of the cluster.
I'd then prefer if the kubernetes start and the launch of syringe + antidote + ingress are separated in different script.
Having 2 provisioning script shouldn't be blocking for Vagrant, whereas one could only run the last one separately when using minikube, kind or other ways to start Antidote over an existing k8s cluster.
Hope this makes sense.
One should not run vagrant up if the hostsupdater plugin isn't there... however this may not be a blocker.
In such case, maybe a warning message could be useful, for instance at the end of the provisionning down in the Vagrantfile, with something like:
if not defined?(VagrantPlugins::HostsUpdater)
config.vm.provision "shell", privileged: false, inline: <<-EOF
echo "You should install the Vagrant::Hostsupdater plugin to support configuration of the 'antidote-local' hostname."
EOF
end
On a band new Ubuntu 16.04 install, when starting selfmedicate (./selfmedicate.sh start ../antidote) minikube crashes. Here is the full error message:
: Waiting for pods: apiserver proxy etcd scheduler controller addon-manager dns! Error starting cluster: wait: waiting for k8s-app=kube-dns: timed out waiting for the condition
The discussion in tuesday october the 22nd popped something in my mind, when @Mierdin mentioned asterisk wildcard...
Maybe this can be of use: http://xip.io/ can be used as a widlcard DNS service. I've seen it used in many cloud-related demos/tutorials.
Not exactly sure whether this would apply to the current situation, but maybe that helps working around the need to edit the hosts file.
If only minikube is installed locally, the cluster gets started, but the script later fails on missing kubectl.
instructions should then require installation of kubectl too.
At the moment, we use k8s 1.14.0, whereas 1.14.z exist (minor patch releases).
I guess it would be safest to use latest patch release, in order to detect potential problems re- deployed version (security), and benefit from potential performance improvements.
Hth,
Running the initial set-up on a Mac, I get the following error:
sed: 1: "/etc/hosts": extra characters at the end of h command
as the attempt is made under sudo
to change /etc/hosts
.
Ref:
antidote-selfmedicate/selfmedicate.sh
Line 54 in be63fd5
Arghhh....
And here:
antidote-selfmedicate/selfmedicate.sh
Line 170 in be63fd5
There is a related patch in another repo here: passff/passff@f5cd7a3
When I employ that change, when I do run:
sudo sed -i '' '/antidote-local.*/d' /etc/hosts > /dev/null
it runs without error but when I cat
the /etc/hosts
file, nothing has changed...
However, I don't see anything on: http://IP.ADDR:30001. The box looks to be running in VirtualBox.
Checking kubectl
shows no activity:
kubectl get pods
# No resources found.
Updating kubectl
, resetting paths to latest version, destroying minikube instance and creating a new one seems to have helped....
It is highly recommended that you start by reading the docs.
here https://github.com/nre-learning/antidote-selfmedicate/blob/master/README.md
goes no where
\ SORRY /
\ /
\ This page does /
] not exist yet. [ ,'|
] [ / |
]___ ___[ ,' |
] ]\ /[ [ |: |
] ] \ / [ [ |: |
] ] ] [ [ [ |: |
] ] ]__ __[ [ [ |: |
] ] ] ]\ _ /[ [ [ [ |: |
] ] ] ] (#) [ [ [ [ :===='
] ] ]_].nHn.[_[ [ [
] ] ] HHHHH. [ [ [
] ] / `HH("N \ [ [
]__]/ HHH " \[__[
] NNN [
] N/" [
] N H [
/ N \
/ q, \
/ \
Minilube's output looks a lot like garbage. Probably the emoji/colour output.
Will try to remedy that in a PR.
I've had issues with downloading libc-dev package during virtualbox modules rebuild due to version mismatch, which is done automatically by Vagrant AFAIU... and having a look at the provisioning script I noticed there doesn't seem to be any apt-get update before the first apt-get install for docker-ce installation.
Maybe not a huge issue, but maybe worth updating first.
Hth
In my tests with (relatively slow) network (ADSL), the fetching of images is the main bottleneck to UX.
I guess it should be feasable to not rely on a generic Vagrant box, but instead create a dedicated box including the pre-fetched Docker images.
Hth,
Still a lot of problems with selfmedicate. Adding this to v0.3.1 to give this some badly needed TLC
I've noticed the following message:
/usr/local/bin/kubectl is version 1.16.2, and is incompatible with Kubernetes 1.14.0. You will need to update /usr/local/bin/kubectl or use 'minikube kubectl' to connect with this cluster
Ideally, I guess vagrant-provision.sh should then download the corresponding version... which should require transmission of that version number from env vars, etc.
On the other hand, it may well happen that that message is a bit wrong, and it just works ;)
When only cloning https://github.com/nre-learning/antidote-selfmedicate as instructed in https://antidoteproject.readthedocs.io/en/latest/building/local.html, ./selfmedicate.sh start
will fail as it won't be able to start the lessons:
./selfmedicate.sh start
Error - ../nrelabs-curriculum doesn't look like a proper curriculum directory.
Either this directory wasn't found, or the subdirectory 'lessons' within that directory wasn't found.
In either case, this script cannot continue. Please either place the appropriate directory in place, or
edit the LESSON_DIRECTORY variable at the top of this script.
I guess instructions should ask to clone https://github.com/nre-learning/nrelabs-curriculum alongside antidote-selfmedicate.
Hope this helps,
I've tried to test running from a Git clone made on Windows, with the default settings selected at GitForWindows installation, which converts line endings to windows.
Hence, when the provisionning runs selfmedicate.sh this will lead to:
==> Antidote 0.4.0: Running provisioner: custom (shell)...
Antidote 0.4.0: Running: inline script
Antidote 0.4.0: /home/vagrant/selfmedicate.sh: line 2: $'\r': command not found
Antidote 0.4.0: /home/vagrant/selfmedicate.sh: line 5: $'\r': command not found
Antidote 0.4.0: /home/vagrant/selfmedicate.sh: line 11: $'\r': command not found
Antidote 0.4.0: /home/vagrant/selfmedicate.sh: line 37: syntax error near unexpected token `$'{\r''
' Antidote 0.4.0: /home/vagrant/selfmedicate.sh: line 37: `sub_help(){
The SSH command responded with a non-zero exit status. Vagrant
assumes that this means the command failed. The output for this command
should be in the log above. Please read the output to determine what
went wrong.
I guess maybe the line endings of the shell script could be forced if using this in .gitattributes:
*.sh text eol=lf
Haven't been able to test though.
Hope this helps.
I've tested latest version of selfmedicate.sh.
The message at the end will instruct to connect on http://antidote-local:30001/:
Finished! Antidote should now be available at http://antidote-local:30001/
However that machine name doesn't resolve.
Still it works on the public IP of the VirtualBox VM
./minikube status
host: Running
kubelet: Running
apiserver: Running
kubectl: Correctly Configured: pointing to minikube-vm at 192.168.99.133
./kubectl get service/nginx-ingress
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
nginx-ingress NodePort 10.111.217.28 <none> 80:30001/TCP 8m50s
So connecting to http://192.168.99.133:30001/ works.
Hope this helps.
P.S. haven't had time to investigate the script yet.
Hence
antidote-selfmedicate/syringe.yml
Lines 23 to 25 in af91103
If provide the branch name, git-clone.sh will throw error:
Cloning into '/antidote'...
fatal: ambiguous argument 'lesson-24': unknown revision or path not in the working tree.
Use '--' to separate paths from revisions, like this:
Seems git reset
supports existing refs only
Suggest modify to git checkout --force $REF
so that we can provide either commit id or branch name in the initContainers args.
After the modification, the syringe pod starts successfully and clones the non-default branch of my git repo.
Similar modification should apply to file syringe/scheduler/scheduler.go
also
In my recent forum post I mentioned that I used a heavily modified form of the selfmedicate script that uses the kvm2 driver to play around with kata containers. It worked beautifully. This caused me to start thinking about how the role of selfmedicate has changed in the last year.
In particular, there are a few things that are very different now than they were when this project started:
none
driver.I'm opening this issue because once I'm done with my "prod" work, I plan to open a PR to hyper-simplify things. Without context, it might look like I'm going on a killing spree, so I wanted to open this first to at least get my thoughts on paper, well in advance of a PR (which I won't have time for until at least a few weeks from now). I love the work that went into adding Vagrant support a year back, but I think the times have changed. It's time to return to the roots, where it really is just little more than a thin wrapper on top of minikube.
I guess the Apache 2 licence text isn't really copyrighted by Juniper. I'd then suggest to remove that first line from the LICENSE file.
Line 1 in b1a9008
I was going to work on this a while back but decided to do something else. In the meantime, I'll open an issue describing the problem.
In short, the Kubernetes Ingress API really seems to be incompatible with nonstandard ports. Having ports in the route for an ingress is explicitly not allowed, yet as a result, routing decisions to endpoints with nonstandard ports doesn't work. This issue is described well in kubernetes/kubernetes#41881
So while the whole stack works, HTTP presentations don't work in selfmedicate. The solution may be to use host networking for the nginx pods
I created a new lesson, similar to other lessons. I placed it in the ~/nrelabs-curriculum/lessons/fundamentals
directory. I named the new lesson directory lesson-100-frr
.
When I run the selfmedicate.sh --reload
command, the lessons do not appear in the web interface.
I looked in the minikube VM:
minikube ssh
And looked in the lesson directory
cd /antidote/lessons/fundamentals/
And I can see the lesson directory was copied over to the VM:
ls
lesson-100-frr lesson-16-jinja lesson-19-restapis lesson-23-linux
lesson-14-yaml lesson-17-git lesson-22-python
So, is there something I need to update elsewhere to add a lesson and test it? What am I missing?
selfmedicate.sh allows the definition of env vars, which could be stored in .antidote/config such as PRELOADED_IMAGES
It would be great to have a mean to set these from the host to have them passed by Vagrant to the script.
I installed Kubernetes latest version ( v1.16 ) and the self-medicate.sh script wouldn't run properly. It crashed due to Kubernetes API version updates.
I just had to modify all the yaml files in the antidote-selfmedicate/manifests sub-directory. I just replaced all "extensions/v1beta1" by "apps/v1".
Hope it will help
Things seem to work fine on the first start, but if we halt the VM and then run vagrant up later, none of the Antidote services are running inside of k8s.
Looks like sub_resume runs minikube start
, which in theory should just re-start what was running before, but it doesn't seem like the cluster remembers previously deployed artifacts. Maybe this is a byproduct of using the none
driver, since I don't remember this being a problem when we were using the minikube VM.
When I start a lesson, the shell remains blank on any node in the lesson. For example, when I start the "introduction to YAML" lesson, the network endpoint "Linux1" terminal window just show a blank, black screen.
It could be interesting to be able to use libvirt (for qemu/kvm) on Linux as an alternative to virtualbox.
Would be interesting to verify any gain on performance...
Minikube can be run with the --vm-driver kvm2 option (see https://github.com/kubernetes/minikube/blob/master/docs/drivers.md#kvm2-driver) to use a qemu/kvm VM instead of VirtualBox, when on Linux, and if the machine handles nested-virtualization.
I've juste added the option to selfmedicate.sh and the labs seem a bit faster from what I can see on my machine.
Of course YMMV, and a proper benchmark could be necessary.
I guess it could be made optional when/if people are running the script on Linux, and libvirt and other requirements are met, of course.
Other than that I'm not so sure everything else is the same, like mounting stuff to the guest VM...
Hope this helps,
Would you be able to document antibridge ?
Its repo seemed to be forked off CNI... but that ain't really documented AFAICS
antidote-selfmedicate/selfmedicate.sh
Line 111 in f02ddf4
Also, would it be contributable to the original project (not maintaining a forked version, etc.) ?
Thanks in advance.
I've noticed tlat coredns doesn't seem to be starting with the latest minikube in tests I've made today:
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system pod/coredns-fb8b8dccf-7cp7q 0/1 CrashLoopBackOff 22 68m
kube-system pod/coredns-fb8b8dccf-pltdp 0/1 CrashLoopBackOff 22 68m
...
NAMESPACE NAME READY UP-TO-DATE AVAILABLE AGE
default deployment.apps/antidote-web 1/1 1 1 19m
default deployment.apps/nginx-ingress-controller 1/1 1 1 19m
default deployment.apps/syringe 1/1 1 1 19m
kube-system deployment.apps/coredns 0/2 2 0 68m
I'm using vagrant + libvirt...
Maybe the issue is other, but it happens that minikube just issued a new release...
Also, maybe the k8s version should be updated, as minikube seems to be in sync with 1.16 as per its release notes ?
Maybe the coredns service isn't used in Antidote, after all ?
Hope this helps.
Hi
I followed all the instructions to install and use the nre-learning locally on my comouter.
I did not get any errors :
Creating minikube cluster. This can take a few minutes, please be patient...
There is a newer version of minikube available (v1.3.0). Download it here:
https://github.com/kubernetes/minikube/releases/tag/v1.3.0
To disable this notification, run the following:
minikube config set WantUpdateNotification false
๐ minikube v0.34.1 on linux (amd64)
๐ฅ Creating kvm2 VM (CPUs=4, Memory=8096MB, Disk=20000MB) ...
๐ฟ Downloading Minikube ISO ...
184.30 MB / 184.30 MB [============================================] 100.00% 0s
๐ถ "minikube" IP address is 192.168.39.111
๐ณ Configuring Docker as the container runtime ...
โจ Preparing Kubernetes environment ...
โช kubelet.network-plugin=cni
๐พ Downloading kubeadm v1.13.3
๐พ Downloading kubelet v1.13.3
๐ Pulling images required by Kubernetes v1.13.3 ...
๐ Launching Kubernetes v1.13.3 using kubeadm ...
๐ Configuring cluster permissions ...
๐ค Verifying component health .....
E0806 20:54:39.340764 6419 console.go:75] applyStyle(mount): unknown style: "mount"
Creating mount /home/ubuntu/nrelabs-curriculum:/antidote ...
๐ kubectl is now configured to use "minikube"
๐ Done! Thank you for using minikube!
The minikube cluster is now online. Now, we need to add some additional infrastructure components.
This will take some time - this script will pre-download large images so that you don't have to later. BE PATIENT.
######################################## Done.
######################################## Done.
######################################## Done.
######################################## Done.
######################################## Done.
######################################## Done.
About to modify /etc/hosts to add record for 'antidote-local' at IP address 192.168.39.111.
You will now be prompted for your sudo password.
Finished! Antidote should now be available at http://antidote-local:30001/
and
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported collection 12: Cisco"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported collection 8: Cumulus Networks"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported collection 3: General Datatech (GDT)"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported collection 4: HexaBuild"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported collection 5: IGNW"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported collection 1: Juniper Networks"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported collection 6: Myriad360"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported collection 10: Network To Code"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported collection 9: Packet Pushers"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported collection 7: Red Hat"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported collection 2: Synercomm"
time="2019-08-06T21:01:50Z" level=info msg="Imported 11 collection definitions."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-1-demo/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 1: Antidote Test Lesson with 6 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-100-frr/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 100: Introduction to Lessons with 1 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-14-yaml/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 14: Introduction to YAML with 1 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-16-jinja/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 16: Using Jinja for Configuration Templates with 1 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-17-git/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 17: Version Control with Git with 1 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-19-restapis/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 19: Working with REST APIs with 4 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-22-python/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 22: Introduction to Python with 1 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-23-linux/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 23: Linux Basics with 1 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-50-bash/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 50: Introduction to BASH with 1 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-12-jsnapy/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 12: Network Unit Testing with JSNAPY with 4 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-13-napalm/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 13: Multi-Vendor Network Automation with NAPALM with 2 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-15-stackstorm/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 15: Event-Driven Network Automation with StackStorm with 4 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-18-todd/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 18: End-to-End Network Testing with ToDD with 3 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-24-pyez/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 24: Junos Automation with PyEZ with 2 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-25-junosjet/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 25: Juniper Extension Toolkit (JET) with 2 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-26-openconfig/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 26: Vendor-Neutral Network Configuration with OpenConfig with 2 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-29-robot/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 29: Using Robot Framework for Automated Testing with 2 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-30-salt/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 30: Network Automation with Salt with 2 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-31-terraform/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 31: Terraform & Junos with 4 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/workflows/lesson-21-tshoot-ipphone/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 21: Automating the Troubleshooting Chain with 7 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/workflows/lesson-32-stigcompliance/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 32: Automated STIG Compliance Validation with 2 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/workflows/lesson-33-quickdeviceinventory/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 33: Quick and Easy Device Inventory with 3 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/workflows/lesson-34-configbackup/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 34: Automated Device Configuration Backup with 3 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Importing lesson definition at: /antidote/lessons/workflows/lesson-35-devicespecifictemplate/lesson.meta.yaml"
time="2019-08-06T21:01:50Z" level=info msg="Successfully imported lesson 35: Device Specific Template Generation with 3 endpoints."
time="2019-08-06T21:01:50Z" level=info msg="Imported 24 lesson definitions."
All detected curriculum resources imported successfully.
When I check http://antidote-local:30001/ it looks good but when I click on Lesson Catalog
I do not see any lesson. I already checked the config file and everything looks good
Thanks
The base box is bento/ubuntu-16.04, and I wonder whether it could be updated to a more recent version with benefits (or drawbacks)...
Not specifically and issue per se if everything works OK k8s-wise...
In reviewing nre-learning/nrelabs-curriculum#275, I tried to run the PoC lesson contained therein using the new Vagrant selfmedicate setup, and ran into this:
Could not access KVM kernel module: No such file or directory
qemu-system-x86_64: failed to initialize KVM: No such file or directory
We should modify the setup script to ensure the right packages and kernel mods are installed and loaded, in order to support this (as we do in NRE Labs production).
This might be a little more complicated as we consider compatibilities with VirtualBox, etc - but we should still do what we can to support this.
Syringe makes calls to git to clone the antidote-repo. When doing so in my locally running minikube setup (via antidote-selfmedicate), the Syringe pod crashes. This is due to the container git-clone
receiving the following error:
fatal: unable to access 'https://github.com/nre-learning/antidote.git/': SSL certificate problem: self signed certificate in certificate chain
This also happens when pulling up lessons in the antidote-web. For example, trying to access the lesson for git (lesson-14) will try to spin up a linux utility image and that pod will also have the same problem where it's git-clone
container will experience the same certificate issue and message.
$ kubectl --namespace=17-jwtzfp5fy8ktyo33-ns logs pod/linux1 git-clone
Cloning into '/antidote'...
fatal: unable to access 'https://github.com/nre-learning/antidote.git/': SSL certificate problem: self signed certificate in certificate chain
I found a workaround to get the syringe
pod up, but not a workaround for the lessons issue. This workaround is to include the following line in syringe.yml
within the antidote-selfmedicate
folder:
git config --global http.sslVerify false
This might also work, but I haven't tried it yet because I'm not sure which certs to use or where they are stored:
git config --system http.sslCAPath /path/to/cacerts
---
apiVersion: v1
kind: ConfigMap
metadata:
name: git-clone
data:
git-clone.sh: |
#!/bin/sh -e
REPO=$1
REF=$2
DIR=$3
# Init Containers will re-run on Pod restart. Remove the directory's contents
# and reprovision when this happens.
if [ -d "$DIR" ]; then
rm -rf $( find $DIR -mindepth 1 )
fi
git config --global http.sslVerify false #FIXME!! <<<<<<<< WORKAROUND: ADD THIS LINE
git clone $REPO $DIR
cd $DIR
git checkout --force $REF
Need to make Vagrant the primary way for doing selfmedicate, with an option to run it directly if you want.
As far as I know above line is no longer valid since following PR has disabled tags: nre-learning/antidote-core@3a6643e
if strings.Contains(ep.Image, ":") {
log.Error("Tags are not allowed in endpoint image refs")
return fail
}foll
Tools and Workflows are not loading properly. Logs from syringed:
time="2019-07-30T18:45:18Z" level=debug msg="Searching /antidote/lessons for lesson definitions"
time="2019-07-30T18:45:18Z" level=debug msg="Found lesson definition at: /antidote/lessons/fundamentals/lesson-1-demo/lesson.meta.yaml"
time="2019-07-30T18:45:18Z" level=debug msg="Found lesson definition at: /antidote/lessons/fundamentals/lesson-14-yaml/lesson.meta.yaml"
time="2019-07-30T18:45:18Z" level=debug msg="Found lesson definition at: /antidote/lessons/fundamentals/lesson-16-jinja/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/fundamentals/lesson-17-git/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/fundamentals/lesson-19-restapis/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/fundamentals/lesson-22-python/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/fundamentals/lesson-23-linux/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/fundamentals/lesson-50-bash/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/tools/lesson-12-jsnapy/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/tools/lesson-13-napalm/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/tools/lesson-15-stackstorm/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/tools/lesson-18-todd/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/tools/lesson-24-pyez/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/tools/lesson-25-junosjet/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/tools/lesson-26-openconfig/lesson.meta.yaml"
time="2019-07-30T18:45:19Z" level=debug msg="Found lesson definition at: /antidote/lessons/tools/lesson-29-robot/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=debug msg="Found lesson definition at: /antidote/lessons/tools/lesson-30-salt/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=debug msg="Found lesson definition at: /antidote/lessons/tools/lesson-31-terraform/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=debug msg="Found lesson definition at: /antidote/lessons/tools/lesson-59-jsnapy2/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=debug msg="Found lesson definition at: /antidote/lessons/workflows/lesson-21-tshoot-ipphone/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=debug msg="Found lesson definition at: /antidote/lessons/workflows/lesson-32-stigcompliance/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=debug msg="Found lesson definition at: /antidote/lessons/workflows/lesson-33-quickdeviceinventory/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=debug msg="Found lesson definition at: /antidote/lessons/workflows/lesson-34-configbackup/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=debug msg="Found lesson definition at: /antidote/lessons/workflows/lesson-35-devicespecifictemplate/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-1-demo/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-14-yaml/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=info msg="Successfully imported lesson 14: Introduction to YAML with 1 endpoints."
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-16-jinja/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=info msg="Successfully imported lesson 16: Using Jinja for Configuration Templates with 1 endpoints."
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-17-git/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=info msg="Successfully imported lesson 17: Version Control with Git with 1 endpoints."
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-19-restapis/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-22-python/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=info msg="Successfully imported lesson 22: Introduction to Python with 1 endpoints."
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-23-linux/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=info msg="Successfully imported lesson 23: Linux Basics with 1 endpoints."
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/fundamentals/lesson-50-bash/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=info msg="Successfully imported lesson 50: Introduction to BASH with 1 endpoints."
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-12-jsnapy/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-13-napalm/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-15-stackstorm/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-18-todd/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-24-pyez/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-25-junosjet/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-26-openconfig/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-29-robot/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-30-salt/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-31-terraform/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/tools/lesson-59-jsnapy2/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/workflows/lesson-21-tshoot-ipphone/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/workflows/lesson-32-stigcompliance/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/workflows/lesson-33-quickdeviceinventory/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/workflows/lesson-34-configbackup/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=info msg="Importing lesson definition at: /antidote/lessons/workflows/lesson-35-devicespecifictemplate/lesson.meta.yaml"
time="2019-07-30T18:45:20Z" level=error msg="Tags are not allowed in endpoint image refs"
time="2019-07-30T18:45:20Z" level=warning msg="Imported 6 lesson definitions with errors."
time="2019-07-30T18:45:20Z" level=warning msg="Not all lesson definitions were imported"
time="2019-07-30T18:45:20Z" level=info msg="No syringe-managed namespaces found. Starting normally."
time="2019-07-30T18:45:20Z" level=info msg="Syringe API started." HTTP Port=8086 gRPC Port=50099
time="2019-07-30T18:45:20Z" level=debug msg="No syringe-managed namespaces found. No need to GC."
Lessons are not listed under their respective categories on the advisor page. Putting the URL in for a lesson directly causes the loading popup to appear, but then it just hangs without ever making any progress.
I'm testing the latest 0.6.0 version of selfmedicate (with libvirt), and cannot seem to be able to connect to the Web app.
The NGinx ingress responds with 503, and the aweb pod fails to deploy/start :
$ kubectl describe pod/aweb-7977f6bf4-wp5vz
Name: aweb-7977f6bf4-wp5vz
Namespace: default
Priority: 0
Node: antidote-060/192.168.121.55
Start Time: Mon, 13 Apr 2020 20:51:21 +0000
Labels: antidote_role=infra
app=aweb
pod-template-hash=7977f6bf4
Annotations: k8s.v1.cni.cncf.io/networks-status:
[{
"name": "",
"ips": [
"10.32.0.15"
],
"default": true,
"dns": {}
}]
Status: Running
IP: 10.32.0.15
IPs: <none>
Controlled By: ReplicaSet/aweb-7977f6bf4
Containers:
aweb:
Container ID: docker://6da093a0a8d3509891a36297e12ec6ecbcfaa3756c10044c84e17cf2b1e9599d
Image: antidotelabs/antidote-web:latest
Image ID: docker-pullable://antidotelabs/antidote-web@sha256:3711bfa6e8d5af58402aa11bd732bacb76f6aac65d193c625d211a5ad04b3f54
Port: 80/TCP
Host Port: 0/TCP
State: Running
Started: Mon, 13 Apr 2020 21:13:20 +0000
Last State: Terminated
Reason: Error
Exit Code: 137
Started: Mon, 13 Apr 2020 20:58:48 +0000
Finished: Mon, 13 Apr 2020 21:11:32 +0000
Ready: False
Restart Count: 1
Readiness: http-get http://:80/ delay=0s timeout=1s period=10s #success=1 #failure=3
Environment:
WEBSSH2_LOCATION: http://antidote-local:30010
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-bb2jw (ro)
Conditions:
Type Status
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
default-token-bb2jw:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-bb2jw
Optional: false
QoS Class: BestEffort
Node-Selectors: <none>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 23m default-scheduler Successfully assigned default/aweb-7977f6bf4-wp5vz to antidote-060
Warning FailedCreatePodSandBox 23m kubelet, antidote-060 Failed create pod sandbox: rpc error: code = Unknown desc = [failed to set up sandbox container "2a471cfe95cb813f028ddcfc1595100f9fad013d9963396ea2466225161b48f8" network for pod "aweb-7977f6bf4-wp5vz": NetworkPlugin cni failed to set up pod "aweb-7977f6bf4-wp5vz_default" network: failed to find plugin "multus" in path [/opt/cni/bin], failed to clean up sandbox container "2a471cfe95cb813f028ddcfc1595100f9fad013d9963396ea2466225161b48f8" network for pod "aweb-7977f6bf4-wp5vz": NetworkPlugin cni failed to teardown pod "aweb-7977f6bf4-wp5vz_default" network: failed to find plugin "multus" in path [/opt/cni/bin]]
Normal SandboxChanged 22m (x8 over 23m) kubelet, antidote-060 Pod sandbox changed, it will be killed and re-created.
Normal Pulling 22m kubelet, antidote-060 Pulling image "antidotelabs/antidote-web:latest"
Normal Pulled 16m kubelet, antidote-060 Successfully pulled image "antidotelabs/antidote-web:latest"
Normal Started 16m kubelet, antidote-060 Started container aweb
Normal Created 16m kubelet, antidote-060 Created container aweb
Warning Unhealthy 8m17s (x47 over 15m) kubelet, antidote-060 Readiness probe failed: HTTP probe failed with statuscode: 403
Warning FailedCreatePodSandBox 2m5s kubelet, antidote-060 Failed create pod sandbox: rpc error: code = Unknown desc = failed to set up sandbox container "43978315ea6a80da61008bcb9aa279cd4f78398b1686211111430c3b63f7ae6d" network for pod "aweb-7977f6bf4-wp5vz": NetworkPlugin cni failed to set up pod "aweb-7977f6bf4-wp5vz_default" network: Multus: Err in loading K8s Delegates k8s args: Multus: Err in getting k8s network from pod: getPodNetworkAnnotation: failed to query the pod aweb-7977f6bf4-wp5vz in out of cluster comm: Get https://10.96.0.1:443/api/v1/namespaces/default/pods/aweb-7977f6bf4-wp5vz: dial tcp 10.96.0.1:443: i/o timeout
Warning FailedCreatePodSandBox 2m3s kubelet, antidote-060 Failed create pod sandbox: rpc error: code = Unknown desc = [failed to set up sandbox container "a75a59a157a11cb66441ac5c137f1ef642246763162e875c0b5d87400ba45bf0" network for pod "aweb-7977f6bf4-wp5vz": NetworkPlugin cni failed to set up pod "aweb-7977f6bf4-wp5vz_default" network: Multus: Err in tearing down failed plugins: Multus: error in invoke Delegate add - "weave-net": unable to allocate IP address: Post http://127.0.0.1:6784/ip/a75a59a157a11cb66441ac5c137f1ef642246763162e875c0b5d87400ba45bf0: dial tcp 127.0.0.1:6784: connect: connection refused, failed to clean up sandbox container "a75a59a157a11cb66441ac5c137f1ef642246763162e875c0b5d87400ba45bf0" network for pod "aweb-7977f6bf4-wp5vz": NetworkPlugin cni failed to teardown pod "aweb-7977f6bf4-wp5vz_default" network: Multus: error in invoke Delegate del - "weave-net": Delete http://127.0.0.1:6784/ip/a75a59a157a11cb66441ac5c137f1ef642246763162e875c0b5d87400ba45bf0: dial tcp 127.0.0.1:6784: connect: connection refused]
Warning FailedCreatePodSandBox 2m kubelet, antidote-060 Failed create pod sandbox: rpc error: code = Unknown desc = [failed to set up sandbox container "70145f85a2ee037987f91a1125678d4467e5bdcc17e4fa0c175ca25419a3ea2b" network for pod "aweb-7977f6bf4-wp5vz": NetworkPlugin cni failed to set up pod "aweb-7977f6bf4-wp5vz_default" network: Multus: Err in tearing down failed plugins: Multus: error in invoke Delegate add - "weave-net": unable to allocate IP address: Post http://127.0.0.1:6784/ip/70145f85a2ee037987f91a1125678d4467e5bdcc17e4fa0c175ca25419a3ea2b: dial tcp 127.0.0.1:6784: connect: connection refused, failed to clean up sandbox container "70145f85a2ee037987f91a1125678d4467e5bdcc17e4fa0c175ca25419a3ea2b" network for pod "aweb-7977f6bf4-wp5vz": NetworkPlugin cni failed to teardown pod "aweb-7977f6bf4-wp5vz_default" network: Multus: error in invoke Delegate del - "weave-net": Delete http://127.0.0.1:6784/ip/70145f85a2ee037987f91a1125678d4467e5bdcc17e4fa0c175ca25419a3ea2b: dial tcp 127.0.0.1:6784: connect: connection refused]
Warning FailedCreatePodSandBox 117s kubelet, antidote-060 Failed create pod sandbox: rpc error: code = Unknown desc = [failed to set up sandbox container "56a877677bf95c067f25e81c860b4e6fb247c8b067bb7a9bc9a500700442b4e3" network for pod "aweb-7977f6bf4-wp5vz": NetworkPlugin cni failed to set up pod "aweb-7977f6bf4-wp5vz_default" network: Multus: Err in tearing down failed plugins: Multus: error in invoke Delegate add - "weave-net": unable to allocate IP address: Post http://127.0.0.1:6784/ip/56a877677bf95c067f25e81c860b4e6fb247c8b067bb7a9bc9a500700442b4e3: dial tcp 127.0.0.1:6784: connect: connection refused, failed to clean up sandbox container "56a877677bf95c067f25e81c860b4e6fb247c8b067bb7a9bc9a500700442b4e3" network for pod "aweb-7977f6bf4-wp5vz": NetworkPlugin cni failed to teardown pod "aweb-7977f6bf4-wp5vz_default" network: Multus: error in invoke Delegate del - "weave-net": Delete http://127.0.0.1:6784/ip/56a877677bf95c067f25e81c860b4e6fb247c8b067bb7a9bc9a500700442b4e3: dial tcp 127.0.0.1:6784: connect: connection refused]
Warning FailedCreatePodSandBox 115s kubelet, antidote-060 Failed create pod sandbox: rpc error: code = Unknown desc = [failed to set up sandbox container "d5f753fbb720f611fc9c94bc451c0192ff1fb990872dc5e2418b0bcaf3025c5c" network for pod "aweb-7977f6bf4-wp5vz": NetworkPlugin cni failed to set up pod "aweb-7977f6bf4-wp5vz_default" network: Multus: Err in tearing down failed plugins: Multus: error in invoke Delegate add - "weave-net": unable to allocate IP address: Post http://127.0.0.1:6784/ip/d5f753fbb720f611fc9c94bc451c0192ff1fb990872dc5e2418b0bcaf3025c5c: dial tcp 127.0.0.1:6784: connect: connection refused, failed to clean up sandbox container "d5f753fbb720f611fc9c94bc451c0192ff1fb990872dc5e2418b0bcaf3025c5c" network for pod "aweb-7977f6bf4-wp5vz": NetworkPlugin cni failed to teardown pod "aweb-7977f6bf4-wp5vz_default" network: Multus: error in invoke Delegate del - "weave-net": Delete http://127.0.0.1:6784/ip/d5f753fbb720f611fc9c94bc451c0192ff1fb990872dc5e2418b0bcaf3025c5c: dial tcp 127.0.0.1:6784: connect: connection refused]
Normal SandboxChanged 110s (x7 over 2m38s) kubelet, antidote-060 Pod sandbox changed, it will be killed and re-created.
Warning FailedCreatePodSandBox 110s kubelet, antidote-060 Failed create pod sandbox: rpc error: code = Unknown desc = failed to set up sandbox container "438593ef97dca23d5a1d4882cec5d8992e218d8c5a4b10c6c071caa041e3db3f" network for pod "aweb-7977f6bf4-wp5vz": NetworkPlugin cni failed to set up pod "aweb-7977f6bf4-wp5vz_default" network: Multus: Err in tearing down failed plugins: Multus: error in invoke Delegate add - "weave-net": unable to allocate IP address: Post http://127.0.0.1:6784/ip/438593ef97dca23d5a1d4882cec5d8992e218d8c5a4b10c6c071caa041e3db3f: dial tcp 127.0.0.1:6784: connect: connection refused
Warning Failed 108s kubelet, antidote-060 Failed to pull image "antidotelabs/antidote-web:latest": rpc error: code = Unknown desc = Error response from daemon: Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on [::1]:53: dial udp [::1]:53: connect: cannot assign requested address
Warning Failed 108s kubelet, antidote-060 Error: ErrImagePull
Normal BackOff 106s (x2 over 107s) kubelet, antidote-060 Back-off pulling image "antidotelabs/antidote-web:latest"
Warning Failed 106s (x2 over 107s) kubelet, antidote-060 Error: ImagePullBackOff
Normal Pulling 94s (x2 over 108s) kubelet, antidote-060 Pulling image "antidotelabs/antidote-web:latest"
Normal Pulled 88s kubelet, antidote-060 Successfully pulled image "antidotelabs/antidote-web:latest"
Normal Created 88s kubelet, antidote-060 Created container aweb
Normal Started 88s kubelet, antidote-060 Started container aweb
Warning Unhealthy 77s kubelet, antidote-060 Readiness probe failed: HTTP probe failed with statuscode: 403
also, there is:
$ kubectl logs pod/aweb-7977f6bf4-wp5vz
2020/04/13 21:15:21 [error] 10#10: *12 open() "/usr/share/nginx/html/index.html" failed (13: Permission denied), client: 10.32.0.1, server: localhost, request: "GET / HTTP/1.1", host: "10.32.0.15:80"
Unless I'm mistaken, antidote-selfmedicate still triggers an antidote 0.4 version inside the VM...
It'd be interesting to have the same Web app than for the production site...
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.