Use "origin-dev-tools" when runnintg "./build/devenv local_build" on fedora 18.

Error: Package: openshift-origin-cartridge-jbossas-7-1.7.1-1.git.30.f066f00.fc18.noarch (openshift-origin)
Requires: jboss-as7-modules >= 7.1.0.Final

.openshift/action_hooks/* files need to be executable.

For unix users, it's quite easy to to: chmod +x /path/to/your/file

But for windows users it's quite hard: https://drupal.org/node/1189520

It would be nice to accept not executable files as action_hooks. It will make the life of windows developper easier.

Hi,
I've tried to install openshift-origin-auth-mongo, and when the console.conf is set to use remote_user, it uses the users defined in htpasswd, but when using basic, it just doesn't work.

I have managed to create an user in mongdb, from the oo-register command (and with security set to remote_user), but as soon as I set it to use basic, it fails with 401 error.

I contact you to seek for some help on how to configure it, but also to let you know that the last commit for auth/mongo is becoming old, and the /doc is clearly deprecated. (see ac9c496 )

Thanks in advance,
PunKeel

EDIT:
informations

[root@62-210-137-175]/etc/openshift# gem list|grep openshift
openshift-origin-admin-console (1.17.0.1)
**openshift-origin-auth-mongo (1.15.1.1, 1.1.1)**
openshift-origin-auth-remote-user (1.17.1.1)
openshift-origin-common (1.18.0.2)
openshift-origin-console (1.18.0.1)
openshift-origin-container-selinux (0.4.1.1)
openshift-origin-controller (1.18.0.1)
openshift-origin-dns-nsupdate (1.15.1.2)
openshift-origin-frontend-apache-mod-rewrite (0.3.1.1)
openshift-origin-frontend-apachedb (0.3.0.1)
openshift-origin-frontend-nodejs-websocket (0.3.0.1)
openshift-origin-msg-broker-mcollective (1.18.0.1)
openshift-origin-node (1.18.0.1)


[root@62-210-137-175]/etc/openshift# uname -a
Linux xxx 3.13.11-100.fc19.x86_64 #1 SMP Wed Apr 23 20:10:57 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

In addition to that, I added an used "Punky:Punky" and here is the added "row":
I'm unsure, but I think the "salt" column is missing, isn't it ?

{ "_id" : ObjectId("536e2f387c7a93262500001e"), "user" : "Punky", "password_hash" : "a5b5bccdd2cc7b351fdf4f4f9152cedc", "updated_at" : ISODate("2014-05-10T13:52:56.877Z"), "created_at" : ISODate("2014-05-10T13:52:56.877Z") }

I keep getting an email every day or so from the bot server saying my pull request can't be automatically merged or something, yet nobody is responding to this issue to explain why. The bot server message does not make it clear why this can't be merged. Please do something about it or turn off the bot server. #2234 (comment)

Usually people write their setup.py according to the directory structure where setup.py resides in.

The openshift-origin-cartridge-python-2.6 cartridge breaks this convention by running python setup.py develop in the virtualenv directory.

Currently, neither the oo-accept-broker script, nor the broker code itself can properly use alternative TSIG algorithms without failing.

A pull request will be forthcoming.

According to the pam_openshift.c source code, the module is under the same liense as openshift, but also under GPL. However, the GPL version is not explicited, and the spec file say "GPL" without a version, which would be problematic for inclusion in Fedora later ( as I assume this will end in Fedora, i decided to be proactive ) . The license shipped is a GPL v2 copy. Could the situation be clarified ( ie, just saying the version in the spec file, and adding this is under a double license would be enough IMHO )

Currently the AuthService requires the base_controller to implement logic to handle broker auth and prompt for basic, and then delegates a limited behavior to the service to authenticate/login. In general, access services may completely bypass BASIC auth and so the service needs access to the request before we prompt for basic auth. We also have no way of allowing lazy authentication within a method either (where the user may or may not be available), but that's only a secondary goal.

In order to set the stage for access tokens and more flexible auth logic (solutions)

• Add AuthService#authenticate!(request) which will either authenticate or challenge
• Change AuthService#authenticate to take a request only, and if no authorization is provided it will return nil (lazy auth)
• Remove/deprecate AuthService#login
• The authservice should provide a protected method to handle broker auth (until access tokens are full implemented). Subclasses can reuse that method.
• Remove the broker auth code from BaseController#authenticate
• Provide a new method on BaseController :current_user which retrieves the active cloud user or nil if no such user exists.
• Subclasses which reference @cloud_user should switch to current_user in all cases
• The authenticate filter should be renamed authenticate_user! to fit normal Devise conventions (currently used in the console)
• Remove instance variables for @login, @auth_method)
• Refactor log_action to use current_user and use rails 3.2 request.uuid method.

More details TBD

Hi,

The message "Action Required: Pull request cannot be automatically merged" is not that clear if you do not really know what the bot is doing. What about :
"Action Required: Pull request cannot be automatically merged, please rebase your pull request on latest HEAD and push again" ?

In openshift-origin-cartridge-jbossews the directory .openshift is mandatory because it contains the tomcat configurations.

If the openshift user forget to copy the .openshift in his repo, he will not be able to deploy to openshift.

It would be better to use default version/{shared,xx.yy}/configuration instead if the directory .openshift/config is not present

The top-level LICENSE file states Apache License v2.0 however the manifest.yml has LGPL as the license.

So which is it? All jboss cartridges seem to have the same ambiguity.

Currently require('$OPENSHIFT_REPO_DIR/package.json').main is used as the start script for nodejs.

Unfortunatley, the convention for main is to use it for libraries and not for executable scripts : https://npmjs.org/doc/json.html

It would better to use package.json start script instead: https://npmjs.org/doc/scripts.html

require('$OPENSHIFT_REPO_DIR/package.json').scripts.start

Grunt and Bower and two very commonly used npm modules for Node projects. They should be included in the global NPM module list and if a Gruntfile or bower.json is detected, the corresponding packages installed in the ./bin/control

See https://github.com/engineersamuel/openshift-origin-cartridge-nodejs/blob/master/bin/control#L224 for how I'm handling this.

The oo-list-stale script does not do much logging if things are working, so it is hard to tell if it is working of if there is an issue. Because this script calls out to there scripts, and they to do not log much when there is an error it is hard to know if there are issues with this script.

origin rel3 is prone to this error already resolved in Online some time ago (https://bugzilla.redhat.com/show_bug.cgi?id=980955)

i'm trying to deploy a nodejs app (https://github.com/qq99/echoplexus) from web console resulting in following error and subsequent cartrige removal:
RESULT=SUCCESS STATUS=unprocessable_entity TIMESTAMP=1394774822 DATE=2014-03-13 TIME=22:27:02 ACTION=ADD_APPLICATION REQ_ID=8e55064a46de619dcea90db0a0ccfe3b USER_ID=531f1b6545f3e95917000003 LOGIN=lsde DOMAIN=1 The initial build for the application failed: Shell command '/sbin/runuser -s /bin/sh 5322920f45f3e9096d000001 -c "exec /usr/bin/runcon 'unconfined_u:system_r:openshift_t:s0:c0,c1005' /bin/sh -c "gear postreceive --init >> /tmp/initial-build.log 2>&1""' exceeded timeout of 230

Specfile contains reference to tomcat7*.rpm:
https://github.com/openshift/origin-server/blob/master/cartridges/openshift-origin-cartridge-jbossews/openshift-origin-cartridge-jbossews.spec

This RPM does not present in dependencies repository and there is no documentation which can tell where it is located.

I followed the steps outlined at http://openshift.github.io/documentation/oo_deployment_guide_vm.html to run a local instance of openshift origin on my Fedora 19 laptop. When I create jenkins-enabled app and push to it the build fails with the following error.

ssh: Could not resolve hostname appname-domainname.example.com: Name or service not known

It seems to me that it should be preconfigured with the openshift.local domain defined via mDNS, but I'm no expert.

Also, from http://lists.openshift.redhat.com/openshift-archives/users/2013-September/msg00009.html it appears there isn't a convenient way to change the OPENSHIFT_CLOUD_NAME after the fact.

I keep getting an email every day or so from the bot server saying my pull request can't be automatically merged or something, yet nobody is responding to this issue to explain why. The bot server message does not make it clear why this can't be merged. Please do something about it or turn off the bot server. #2234 (comment)

I built the rpms from source as per this guide and everything went fine, although I had to fix somethings along the way but I had a usable/working version of Openshift Origin. Now when I tried to create a domain for any user using:

oo-admin-ctl-domain -n cloud -c create -l paasuser, the following error shows up:

comparison of Fixnum with nil failed and after digging through the logs and source code, I noticed that it was coming from line 122 of /opt/rh/ruby193/root/usr/share/gems/gems/openshift-origin-controller-1.23.0/app/models/membership.rb which has to do with

def team_members_are_limited
    max = Rails.configuration.openshift[:max_teams_per_resource]
    if members.target.count(&:team?) > max
     errors.add(:members, "You are limited to #{max} teams per #{self.class.model_name.humanize.downcase}")
   end
end

When I comment the conditional check, it seem to work but now I guess there is no way to check for when the teams exceed the maximum allowed?

def team_members_are_limited
    max = Rails.configuration.openshift[:max_teams_per_resource]
#    if members.target.count(&:team?) > max
#     errors.add(:members, "You are limited to #{max} teams per #{self.class.model_name.humanize.downcase}")
#   end
end

For this cartridge: https://github.com/openshift/origin-server/tree/master/cartridges/openshift-origin-cartridge-python
Vendor: redhat is reserved and the manifest does not contain Source-Url !!!
How can we download and install it ?
It gives error reserved vendor name.

Can IPv6 be enabled by default on downloadable VM images? It appears someone went to the trouble of shutting that off, which is normally enabled on Fedora. Was there something broken in IPv6 support that disabling IPv6 was fixing?

Currently the action_hooks/build is launched after the cartridge build.

It would be interesting to be able to override the cartridge build by a custom script.

Here is a log of the build process:

git push
Counting objects: 5, done.
Delta compression using up to 8 threads.
Compressing objects: 100% (3/3), done.
Writing objects: 100% (3/3), 276 bytes, done.
Total 3 (delta 2), reused 0 (delta 0)
remote: Stopping NodeJS cartridge
remote: Saving away previously installed Node modules
remote: Building git ref 'master', commit 002032b
remote: >>>> pre_build action hooks
remote: Building NodeJS cartridge
remote: npm info it worked if it ends with ok
remote: npm info using [email protected]
remote: npm info using [email protected]
remote: npm info preinstall [email protected]
remote: npm info build /var/lib/openshift/530df2785973cae34a000c74/app-root/runtime/repo
remote: npm info linkStuff [email protected]
remote: npm info install [email protected]
remote: npm info postinstall [email protected]
remote: npm info prepublish [email protected]
remote: npm info ok
remote: >>>> build action hooks
remote: Preparing build for deployment
remote: Deployment id is 6a064bcf
remote: Activating deployment
remote: Starting NodeJS cartridge

Processing files: rubygem-openshift-origin-common-1.6.1-1.git.0.d541a95.fc18.noarch
error: File not found: /root/rpmbuild/BUILDROOT/rubygem-openshift-origin-common-1.6.1-1.git.0.d541a95.fc18.x86_64/usr/share/gems/gems/openshift-origin-common-1.6.1/.yardoc

RPM build errors:
File not found: /root/rpmbuild/BUILDROOT/rubygem-openshift-origin-common-1.6.1-1.git.0.d541a95.fc18.x86_64/usr/share/gems/gems/openshift-origin-common-1.6.1/.yardoc

ERROR: Error running command

/home/ec2-user/origin-dev-tools/build/builder.rb:77:in block (3 levels) in find_and_build_specs': Unable to build rubygem-openshift-origin-common (RuntimeError) from /home/ec2-user/origin-dev-tools/build/builder.rb:75:inchdir'
from /home/ec2-user/origin-dev-tools/build/builder.rb:75:in block (2 levels) in find_and_build_specs' from /home/ec2-user/origin-dev-tools/build/builder.rb:74:ineach'
from /home/ec2-user/origin-dev-tools/build/builder.rb:74:in block in find_and_build_specs' from /home/ec2-user/origin-dev-tools/build/builder.rb:72:ineach'
from /home/ec2-user/origin-dev-tools/build/builder.rb:72:in each_with_index' from /home/ec2-user/origin-dev-tools/build/builder.rb:72:infind_and_build_specs'
from ./build/devenv:184:in local_build' from /usr/share/gems/gems/thor-0.14.6/lib/thor/task.rb:24:inrun'
from /usr/share/gems/gems/thor-0.14.6/lib/thor/invocation.rb:118:in invoke_task' from /usr/share/gems/gems/thor-0.14.6/lib/thor.rb:263:indispatch'
from /usr/share/gems/gems/thor-0.14.6/lib/thor/base.rb:389:in start' from ./build/devenv:776:in

The issue might be cause by me missing:
yum install -y ruby-release
yum install -y ruby193-build
yum install -y ruby193- ruby-abi

More details: #1922

For simple run application in coffee-script is better use

"scripts": {
    "start": "coffee app.coffee"
  },

than now i can have to:

"scripts": {
    "start": "~/app-root/repo/node_modules/coffee-script/bin/coffee app.coffee"
  },

This may be related to, or caused by #4155

Whenever a system-wide or already installed module is found, it is skipped, even when mentioned in deplist.txt.

See the details here: https://bugzilla.redhat.com/show_bug.cgi?id=1046753

Hi.

I am installed Openshift Origin Server with cartridge:
-10gen-mms-agent-0.1 10gen Mongo Monitoring Service Agent
-cron-1.4 Cron 1.4
-jenkins-client-1 Jenkins Client
-mariadb-5.5 MariaDB 5.5
-mongodb-2.2 MongoDB 2.2
-mysql-5.1 MySQL 5.1
-phpmyadmin-3 phpMyAdmin 3.5
-postgresql-9.2 PostgreSQL 9.2
-haproxy-1.4 Web Load Balancer

I need creat a app with MySQL 5.1 + phpMyAdmin 3.5.
I had add MySQL Cartridge.
But when i am adding phpMyAdmin cartridge, get this error:
Cartridge 'phpmyadmin-3' can not be added without cartridge 'mariadb'.

I had look "MySQL 5.5" and "phpMyAdmin 4" cartridges in Google, Github, Red Hat Documentation, OO Documentation.... but i not found one.

Help Me, thanks.

Hi,

I'm not very experienced with nodejs, so this issue may not actually be much of an issue. I also may be completely missing something obvious in the nodejs-0.10 cart.

I'm trying to make a project (pump.io -- not my own) easily deployable on openshift. The default way to start this is to run npm start. From my extremely limited experience with nodejs, this is quite a common way to start an application, and I was naively expecting the openshift cartridge to use that.
This application doesn't have a "main" key in the package.json file, neither does it have a server.js file (npm start points to bin/pump).

My first idea was to try to get a "main" key added to package.json, but that doesn't seem to be an optimal solution:

• It needs to be able to read a config file. Default locations are /etc/pump.io.json, and ~/.pump.io.json, neither of which are writeable by the user (on openshift online at least). Two possible solutions:
  • pass custom file path with '-c' parameter (makes "main" key openshift specific)
  • Set ${HOME} to ${OPENSHIFT_DATA_DIR} and put .pump.io.json in there. I can't seem to figure out how to do that (tried exporting in pre_start action hook with no luck) -- is there a way to do this?
• The "main" key seems to exist to be called when something else calls it as a dependency with e.g. require('pump.io') rather than running it as a standalone application (npm start). According to nodejitsu, "main" is highly advised not to generate any side-effects such as starting a server or connecting to a database. I imagine, on the other hand, that apps running on openshift will usually have side effects such as these (such is this case with the pump.io example here). Is this an incorrect assumption?

Is there a way to specify a custom start action here (override the defaults of "main" falling back to server.js)? Or at least a way to set $HOME to a custom location? Or is there a better way to think about this?

I also found it difficult to actually find out what the start control action would attempt without reading the code. Again, this may be me reading in the wrong places or just being silly!

Would it make sense for the cartridge to attempt npm start?

Thanks for any insight or help that you can provide.

The below script can be used

npm keeps per-user config in ~/.npmrc and cache in ~/.npm/ and Create files/directories, change ownership and SELinux file security context.

touch "$OPENSHIFT_HOMEDIR"/.npmrc
mkdir "$OPENSHIFT_HOMEDIR"/.npm
chown $OPENSHIFT_APP_UUID.$OPENSHIFT_APP_UUID -R "$OPENSHIFT_HOMEDIR"/.npm "$OPENSHIFT_HOMEDIR"/.npmrc
npm config set tmp $OPENSHIFT_TMP_DIR

We need this for using yeoman-maven-plugin

Tried npm config set cache $OPENSHIFT_DATA_DIR/.npm, to change the cache location but it requires atleast .npmrc file in home directory.

The wording/syntax of this error message is a little funky when there's only one acceptable size available:

$ rhc create-app -g medium -a districttest -t ruby-1.9
Your authorization token has expired. Please sign in now to continue.
Password: **********


Application Options
-------------------
  Namespace:  tbielawa
  Cartridges: ruby-1.9
  Gear Size:  medium
  Scaling:    no

Creating application 'districttest' ... Invalid size: medium. Acceptable values are small

I would expect to see something more like this:

...
Creating application 'districttest' ... Invalid size: medium. Acceptable values are: small

Running rake build_setup in an automated deployment results in the following error:

Aug  2 07:00:18 localhost cloud-init-cfg[833]: su -c '/usr/sbin/usermod -a -G mock '
Aug  2 07:00:18 localhost cloud-init-cfg[833]: usermod: user 'mock' does not exist
Aug  2 07:00:18 localhost cloud-init-cfg[833]: rake aborted!
Aug  2 07:00:18 localhost cloud-init-cfg[833]: Command failed with status (6): [su -c '/usr/sbin/usermod -a -G mock '...]

The problem appears to be build/Rakefile, where #{Etc.getlogin} is empty in this scenario:

sudo "/usr/sbin/usermod -a -G mock #{Etc.getlogin}"

I made a web app for the AngularJS project to help them triage their huge amounts of issues they have to deal with. I noticed your project gets a lot of issues as well and thought you could find it useful. Give it a look and feel free to ask me any questions or submit issues to the repository.
http://issuetemplate.com/

Following the steps from http://openshift.github.io/documentation/oo_deployment_guide_vm.html and booting up the virtual machine I had issues with the user accounts that where supposed to be there.

openshift:openshift as the unix account on the VM, doesn't exists:

[root@broker-66587a openshift]# id openshift
id: openshift: no such user

And neither does admin:admin for the service account, which I've tried in to use to access openshift via the browser

"Node execution" errors are occurring with downloadable VM images. It would appear that openshift-tc.service isn't starting correctly on bootup, but can be started by hand.

A list of cartridge is hardcoded here:

It make custom cartridge creation harder.

When trying to run unit tests:

 ~/code/origin-server/node → bundle exec rake unit_test
/home/mfojtik/.rbenv/versions/1.9.3-p448/bin/ruby -I"lib:/home/mfojtik/code/origin-server/node/lib:/home/mfojtik/code/origin-server/common/lib" -I"/home/mfojtik/.rbenv/versions/1.9.3-p448/lib/ruby/gems/1.9.1/gems/rake-0.9.6/lib" "/home/mfojtik/.rbenv/versions/1.9.3-p448/lib/ruby/gems/1.9.1/gems/rake-0.9.6/lib/rake/rake_test_loader.rb" "test/unit/*_test.rb" 
Coverage report generated for node tests to /home/mfojtik/code/origin-server/node/test/coverage/. 0 / 0 LOC (0.0%) covered.
/home/mfojtik/code/origin-server/node/test/test_helper.rb:20:in `require': cannot load such file -- mocha/setup (LoadError)

I tried several workarounds found on stackexange/mocha readme, but still not able to make test run. Any clues?

In the sample configuration file it is missing the sample line

#BIND_KEYVALUE=(HMAC-MD5|HMAC-SHA1|HMAC-SHA256|HMAC-512) # Default: HMAC-MD5

should actually have the option BIND_KEYALGORITHM as per line 25 in:

plugins/dns/nsupdate/config/initializers/openshift-origin-dns-nsupdate.rb

Relates to Issue #2678

Original forum post.

The following policy addition makes OpenShift nodes work for me. I've never attempted to write SELinux policies before; this policy was created with audit2allow as described in the forum post. It Works For Me, but I'd appreciate an expert review and help integrating into the RPM sources.

require {
    type cgroup_t;
    type sshd_t;
    type openshift_t;
    type devpts_t;
    type ssh_home_t;
    class tcp_socket { read write getattr setopt getopt };
    class dir { getattr search };
    class file { write getattr open };
    class netlink_audit_socket { nlmsg_relay write create };
}

#============= openshift_t ==============
allow openshift_t cgroup_t:dir { getattr search };
#!!!! The source type 'openshift_t' can write to a 'file' of the following types:
# anon_inodefs_t, openshift_rw_file_t, openshift_tmp_t, hugetlbfs_t, postfix_spool_maildrop_t, openshift_file_type, security_t

allow openshift_t cgroup_t:file { write getattr open };
allow openshift_t devpts_t:dir search;
allow openshift_t self:netlink_audit_socket { nlmsg_relay write create };
allow openshift_t ssh_home_t:dir search;
allow openshift_t sshd_t:tcp_socket { read write getattr setopt getopt };

We are using a multiple DNS setup (an internal DNS for our own hosts) and an external DNS for all internet based hosts.

It appears that to clone a cartridge it uses a --connect-timeout of 2 seconds for the curl command. We seem to have hit a situation where we were timing out before the external cartridge was downloaded and thus couldn't pull any external cartridges. I believe this value should be user overridable, like the other parameters to the curl command?

https://github.com/openshift/origin-server/blob/master/controller/app/helpers/cartridge_cache.rb#L132

From a tooling perspective sometimes cartridges fail; then folks dive into ssh into the box.

However many cartridges have a logs directory (e.g. wildfly, tomcat, jetty, karaf, Fuse, most Java apps - and am sure most apps in general really).

It'd be nice if a cartridge could expose some of its local file system to the REST API so folks don't have to SSH in from tools and figure out in a cartridge specific way which files should be browsed in devops related tools.

Doing it via the cartridge's metadata would mean a cartridge can choose which temp/log/data files to expose to tools. Plus logs are so common, it'd make it easy to have a 'log browser' plugin in OpenShift consoles & tooling

Hi,

I've already described my problem here https://openshift.redhat.com/community/forums/openshift/websocket-support-possible-bug

In short ... I have create an application which is using Websockets on Openshift using NodeJS server.
My problem is that when I try to connect to my application's websocket using Firefox (from http://www.websocket.org/echo.html), it successfully connects to the NodeJS server and everything is working.

When I try the same thing using Chrome it just disconnect me and set the state of the websocket to 3.

In the Chrome developer console, when I try to connect to other websocket service (ws://echo.websocket.org), it at least shows 101 - Web socket Protocol Handshake

With NodeJS it just doesn't say anything. One week ago everything was working and I haven't changed my code.

Review the attached patch on BZ 1007830 and improve the logging for failure events when loading quickstarts.

Hi all, Ruby 2.0.0-p0 is released. Could someone write a cartridge support it?

Right now openshift-origin-broker overwrites /var/log/openshift/user_action.log on upgrade. It's not as simple as marking that file as %ghost since if the file isn't created with the proper SELinux context the broker will not be able to write to it. Also, currently the broker does not create that file. In order to correctly label it as %ghost we'll need the broker to handle creating that file.

I'm not able to update my Jenkins instance through the web UI (no button - just the link to the .war file). The default version is 1.509.1 which supports almost none of the available Jenkins plugins.
It would be nice if you can update the instances and provide automatic Jenkins updates. Especially for secutiry reasons.

On Fedora 18 x86_64 trying to
./build/devenv local_build
requries:

ruby193-build
ruby193-ruby-abi
ruby193-rubygem-ci_reporter
ruby193-rubygem-compass-rails
ruby193-rubygem-formtastic
ruby193-rubygem-haml
ruby193-rubygem-mocha
ruby193-rubygem-net-http-persistent
ruby193-rubygem-rails
ruby193-rubygem-rdiscount
ruby193-rubygem-simplecov
ruby193-rubygem-sprockets
ruby193-rubygem-test-unit
ruby193-rubygem-therubyracer
ruby193-rubygem-webmock
ruby193-rubygem-yard
ruby193-rubygems
ruby193-rubygems-devel

Those packages are not available in the regular repositories, using:

yum install -y audit ceylon rubygem-activemodel rubygem-activeresource rubygem-aws-sdk rubygem-bson_ext rubygem-ci_reporter rubygem-coffee-rails rubygem-compass-rails rubygem-cucumber rubygem-daemons rubygem-dnsruby rubygem-formtastic rubygem-haml rubygem-jquery-rails rubygem-json rubygem-json_pure rubygem-minitest rubygem-mocha rubygem-mongo rubygem-mongoid rubygem-net-http-persistent rubygem-open4 rubygem-parseconfig rubygem-passenger rubygem-passenger-native rubygem-passenger-native-libs rubygem-rails rubygem-rdiscount rubygem-regin rubygem-rest-client rubygem-rspec rubygem-sass-rails rubygem-simplecov rubygem-sprockets rubygem-state_machine rubygem-systemu rubygem-test-unit rubygem-therubyracer rubygem-uglifier rubygem-webmock rubygem-xml-simple rubygem-yard rubygems rubygems-devel rubygem-redcarpet

fixed the issue for me.

Still I am missing the replicates for:
yum install -y ruby-release
yum install -y ruby193-build
yum install -y ruby193- ruby-abi

Many, if not most, security guides require that remote root access to a system be denied.

If possible, an alternate gear migration mechanism should be found to alleviate compliance arguments with local security enforcement organizations.

Reference:

• http://scap-securityguide.rhcloud.com/RHEL6/output/rhel6-guide.html#item-sshd_disable_root_login

After Origin 2014 March release the Document root is set to the repo folder. The wsgi folder is suggested not to be used.

Django projects are typically collecting static files under ./static folder.

This creates the issues with serving static files as they are only accessible from within ./wsgi/static due to the backwards compatibility Apache script with Alias: https://github.com/openshift/origin-server/blob/master/cartridges/openshift-origin-cartridge-python/usr/versions/shared/etc/conf.d/openshift.conf.erb

WSGIScriptAlias / in fact is processed for all URLs except pre-defined Alias ( https://code.google.com/p/modwsgi/wiki/QuickConfigurationGuide#Mounting_At_Root_Of_Site )

Using .htaccess RewriteRules thus do not have any influence.

Additionally static files are deleted during git push even when hot_deploy is activated. This is then visible several minutes.

Suggestions:

a) set the secondary alias towards ./static folder for serving static files (so we can get rid of wsgi/static folder) and create mechanism to keep the data during git push

b) Set the DocumentRoot to the www under data folder (django projects will create static subfolder and collect the static files there overwriting on each git push)

c) set the secondary alias towards data/static folder for serving static files in the case old wsgi setup is not used

It would be nice to have the ability to take a TCP dump for a gear (to troubleshoot issues). I would assume this would be implemented in a similar fashion to the thread dump script for Java based cartridges.

Hello. I am trying to install OpenShift Origin on Amazon EC2. I followed this guide: https://www.openshift.com/blogs/deploying-highly-available-openshift-origin-clusters-with-ansible
Step by step guide. I configured the file "group_vars / all": ec2_access_key: "XXXXXXXXXXXXXXX" ec2_secret_key: "XXXXxxxxxxXXXXXXXXXXXX" keypair: "my_key_pair" instance_type: "t1.micro" image: "ami-bf5021d6" group: "default" count: 1

And execute from my MAC: ansible-playbook -i ec2hosts ec2.yml -e id=openshiftv1 -e ansible_ssh_private_key_file=my_key_pair.pem --user root -vvvv

And ever i have somehting error like this:

fatal: [ec2-54-00-00-15.compute-1.amazonaws.com] => failed to transfer file to /root/.ansible/tmp/ansible-tmp-1402919043.76-125557901424971/yum: sftp> put /var/folders/rt/xnw2_wl9x935m0000gs/T/tmpfzGlBF /root/.ansible/tmp/ansible-tmp-1402919043.76-12588801424971/yum Uploading /var/folders/rt/xnw2_wl9x935m0000gs/T/tmpfzGlBF to /root/.ansible/tmp/ansible-tmp-1402919043.76-12588801424971/yum

Connected to ec2-54-00-00-15.compute-1.amazonaws.com. Connection closed

fatal: [ec2-54-00-00-237.compute-1.amazonaws.com] => SSH encountered an unknown error. The output was: OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011 debug1: Reading configuration data /etc/ssh_config debug1: /etc/ssh_config line 20: Applying options for * debug1: auto-mux: Trying existing master debug1: Control socket "/Users/user/.ansible/cp/ansible-ssh-ec2-54-00-00-237.compute-1.amazonaws.com-22-root" does not exist debug2: ssh_connect: needpriv 0 debug1: Connecting to ec2-54-00-00-237.compute-1.amazonaws.com [54.00.00.237] port 22. debug2: fd 3 setting O_NONBLOCK debug1: connect to address 54.00.00.237 port 22: Operation timed out ssh: connect to host ec2-54-00-00-237.compute-1.amazonaws.com port 22: Operation timed out

fatal: [ec2-54-00-00-216.compute-1.amazonaws.com] => {'msg': "One or more undefined variables: 'dict object' has no attribute u'ansible_eth0'", 'failed': True} fatal: [ec2-54-00-00-216.compute-1.amazonaws.com] => {'msg': "One or more undefined variables: 'dict object' has no attribute u'ansible_eth0'", 'failed': True} fatal: [ec2-54-00-00-212.compute-1.amazonaws.com] => {'msg': "One or more undefined variables: 'dict object' has no attribute u'ansible_eth0'", 'failed': True} fatal: [ec2-54-00-00-212.compute-1.amazonaws.com] => {'msg': "One or more undefined variables: 'dict object' has no attribute u'ansible_eth0'", 'failed': True} fatal: [ec2-54-00-00-232.compute-1.amazonaws.com] => {'msg': "One or more undefined variables: 'dict object' has no attribute u'ansible_eth0'", 'failed': True} fatal: [ec2-54-00-00-232.compute-1.amazonaws.com] => {'msg': "One or more undefined variables: 'dict object' has no attribute u'ansible_eth0'", 'failed': True}

!/bin/bash

PREFIX=""
if [ -f /opt/rh/ruby193/root/usr/libexec/mcollective/update_yaml.rb ]; then
PREFIX="/opt/rh/ruby193/root"
fi
oo-exec-ruby ${PREFIX}/usr/libexec/mcollective/update_yaml.rb ${PREFIX}/etc/mcollective/facts.yaml &> /tmp/facts.log

this was assigned CVE-2013-4561 as per https://bugzilla.redhat.com/show_bug.cgi?id=1029652