--
You received this message because you are subscribed to the Google Groups "fabric8" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fabric8+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "fabric8" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fabric8+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
With a Vanilla kubernetes cluster installed on AWS and with the latest verion of fabric8, I am affraid to say that there is a lot of things that simply don't work as expected. This is such a shame for such a promising and exciting project like Fabric8.
It seems to me that currently Fabric8 is used in an openshift enviroment mainly, as the Kubernetes+AWS setup I don't read much information about it, nor does the current version works out of the box. The following are the problems I found so far:1) The publish to docker container does not work. I needed to add the --insecure-registry flag to every docker container.2) Creating an application on a team, if I leave that page I cannot find that application project anymore. It is like the project is not saved3) Can't find a way to secure / create users on Farbric8 console4) Can't connect to the pods terminal on the Fabric8 console (When clicking the terminal icon it fails to open the terminal as says I don't have permissions)5) Can't access pods logs on Fabric8 console (the log viewer freezes and nothing showsSo far those are the problems I have experienced. I think it would save days of frustration to share this limitations on the Documentation page. If someone helps me, I am available to complete the documentation for Kubernetes + AWS. Did not took the time to dive into the code yet, but so far I am finding it is hard to opt for Fabric8 with Kubernetes on AWS as things just do not work
quinta-feira, 4 de Agosto de 2016 às 16:04:53 UTC+1, Rui Silva escreveu:Also I noticed something really strange. I create an application successfully, when I close that window, and go back to the Team dashboard I can't find my application anymore, it is like the applications are not stored.
quarta-feira, 3 de Agosto de 2016 às 15:11:39 UTC+1, Rui Silva escreveu:Hello,I am new to Fabric8. I have Fabric8 working with Kubernetes on AWS. So far so good, problem is, I can't find any documentation on how to secure Fabric8 Console. It is open for the public without any authentication what so ever. Nothing in the documentation covers how can we secure the console. What am I mssing here? Seems like a simple thing that should be configured somehow. I would expect a master user and ability to create other users with different permissions.Rui
--
You received this message because you are subscribed to the Google Groups "fabric8" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fabric8+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Hey!So afaik, Fabric8 will use whatever the underlying Kubernetes' authentication mechanisms. So for a vanilla Kubernetes install, I believe there's not any security. On GKE I think it uses the google oauth mechanisms and for OpenShift uses OpenShift's security.I suppose you could write plugins to secure the console itself, but really the part that you want to secure is the Kubernetes API.HTH!
On Wed, Aug 3, 2016 at 7:11 AM, Rui Silva <rui.ped...@gmail.com> wrote:
Hello,I am new to Fabric8. I have Fabric8 working with Kubernetes on AWS. So far so good, problem is, I can't find any documentation on how to secure Fabric8 Console. It is open for the public without any authentication what so ever. Nothing in the documentation covers how can we secure the console. What am I mssing here? Seems like a simple thing that should be configured somehow. I would expect a master user and ability to create other users with different permissions.Rui
--
You received this message because you are subscribed to the Google Groups "fabric8" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fabric8+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
On 29 Aug 2016, at 21:10, Venkat K <venkat.su...@gmail.com> wrote:Hello:A very promising solution particularly for polyglots like us and thank you for all the great work. I have been playing with this on AWS. I have also ran into many of the same issues and I wish I had looked into this topic ten days earlier.I would like to add to the list the following:1. Even if I change the source secret, only gogsadmin is used. I had artificially created a gogsadmin account in bitbucket to import a existing repo.
2. To find the gogsadmin password was a huge effort and I almost gave up. Even the fabric8 gogs dockerfile contained misleading information. Finally I found that in chat transcript.
yeah this was spotted this weekend actually, should have a fix soon https://github.com/fabric8io/fabric8/issues/6294#issuecomment-2432819683. Pipeline selection doesn't show up for certain type of projects like ruby on rails. I did find the pipeline in the libraHi Ventak ry and had to perform certain kind of dance to get it all setup.
4. UI does freeze up frequently and apps list blank but reloading the page makes it appear.
5. There is no persistence of data on disk in AWS so when I restarted the docker for insecure registry it wiped out everything.
6. Wish the services are only exposed by default through kubernetes API (basic auth protected)
If two things someone can help that would help in taking this deploy to production.1. Allow any source secret and not just gogsadmin. (At least some help to troubleshoot / workaround this)
2. Setup instructions for persisting the services data through some AWS volume