From d9ce77409a6a3dc04e8b0808db81b7f3bea98492 Mon Sep 17 00:00:00 2001 From: "Suren A. Chilingaryan" Date: Fri, 6 Dec 2019 10:18:39 +0100 Subject: Document problems with KIT certificates on the latest Mozilla (breaking access to OpenShift web interface) --- docs/problems.txt | 8 ++++++++ docs/vision.txt | 1 + 2 files changed, 9 insertions(+) diff --git a/docs/problems.txt b/docs/problems.txt index e616fe4..099193a 100644 --- a/docs/problems.txt +++ b/docs/problems.txt @@ -5,6 +5,14 @@ Actions Required * All other problems found in logs can be ignored. +Client Connection +================= + * For some reason OpenShift requests client certificates. This is ignored by majority of old browsers, + but Firefox 70+ is able to offer installed user certificates. If KIT certificate selected, OpenShift + fails to start. This can be easily circumvented just by pressing 'Cancel' when client-cerificate selection + box pops up. + + Rogue network interfaces on OpenVSwitch bridge ============================================== Sometimes OpenShift fails to clean-up after terminated pod properly. The actual reason is unclear, but diff --git a/docs/vision.txt b/docs/vision.txt index bfef287..0be70ba 100644 --- a/docs/vision.txt +++ b/docs/vision.txt @@ -1,6 +1,7 @@ Ands v.2 ======== - Try overlay2 storage driver (LVM is used in Ands v.1). Check also further docker configuration options: 'cgroup-driver', ... + * This actually seems problematic in CentOS-8. Something, like 'rsync portage portage/.tmp' is EXREMELY slow (<1 MB/s). Just check eix-sync. - Integrate fast Ethernet and use conteiner native networking. OpenVSwitch is slow and causes problems. - Do not run pods on Master nodes, but Gluster and a few databases pods (MySQL) are OK (multiple reasons, especially mounting a lot of Gluster Volumes) - Object Storage should be integrated, either Gluster Block is ready for production or we have to use Ceph as well -- cgit v1.2.3