Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Sep 23 2017 15:53

    dpp on master

    Updated to README to kick off t… (compare)

  • Sep 23 2017 05:18

    dpp on master

    Push to the new Telegram magic … (compare)

  • Jun 14 2017 20:12
    dpp closed #32
  • Jun 14 2017 20:12
    dpp commented #32
  • Jun 13 2017 20:23

    dpp on master

    Test for realpath and only use … (compare)

  • Jun 13 2017 20:03

    dpp on master

    Add realpath so the inner docum… (compare)

  • Jun 13 2017 19:19

    dpp on master

    Don't fail if we can't delete t… (compare)

  • Jun 13 2017 19:12

    dpp on master

    Dealt with issue of starting/st… WIP for JDBC provider Implemented JDBC pooling middle… (compare)

  • Jun 10 2017 19:49

    dpp on master

    Got test and doc build working … (compare)

  • Jun 07 2017 20:22
    trotman23 edited #26
  • Jun 04 2017 19:58
    williamsaaron milestoned #36
  • Jun 04 2017 19:58
    williamsaaron opened #36
  • Jun 04 2017 19:57
    williamsaaron milestoned #35
  • Jun 04 2017 19:57
    williamsaaron opened #35
  • Jun 04 2017 19:55
    williamsaaron milestoned #34
  • Jun 04 2017 19:55
    williamsaaron opened #34
  • Jun 04 2017 19:55
    williamsaaron milestoned #33
  • Jun 04 2017 19:55
    williamsaaron opened #33
  • Jun 04 2017 19:53
    williamsaaron milestoned #32
  • Jun 04 2017 19:53
    williamsaaron opened #32
David Pollak
@dpp
I will think about a way to deal with trusting the connections... it's an issue that was in the back of my mind anyway, so bringing it to the forefront isn't the worst thing in the world...
Emanuel Borsboom
@borsboom
(in fact, pods currently have full access to the kubernetes API, although in 1.6 that's finally improved)
David Pollak
@dpp
How are secrets distributed?
Like DB passwords, etc.?
Emanuel Borsboom
@borsboom
Kubernetes Secret resources. Which are accessed through the API. Which means any pod can read any secret.
(there are ways around that though... it's possible to cut off access to the kube API)
David Pollak
@dpp
Okay... then at the end of the day, the answer is "Funcatron isn't going to solve issues that the K8s team has to solve"
Emanuel Borsboom
@borsboom
When I've needed isolation, I've accomplished it by running multiple clusters.
David Pollak
@dpp
K
Emanuel Borsboom
@borsboom
So in these scripts, we assume the user already has a Kube cluster (i.e. we're not responsible for spinning up the cluster), correct?
David Pollak
@dpp
Yes.
Have the same behavior for K8s is the goal.
Emanuel Borsboom
@borsboom
Ok, so looks like there are already Docker images so I don't need to worry about building anything.
How do I test it once it's running?
David Pollak
@dpp
Correct
Point to Nginx port 80 and you should see it proudly saying "Funcatron"
Emanuel Borsboom
@borsboom
Alright, I think I have all I need to get started. I'll ask here when I have any questions.
David Pollak
@dpp
Awesome! Looking forward to your work. Rock and roll!
Emanuel Borsboom
@borsboom
@dpp: Should the funcatron resources all be in their own namespace, or is the default namespace OK?
David Pollak
@dpp
What is the benefit of default vs. funcatron namespace?
Emanuel Borsboom
@borsboom
It's really just for organization. Commands like kubectl get pods only show the resources in the currently selected namespace, and each namespace gets its own subdomain on KubeDNS.
I usually put everything in the default namespace, unless one cluster is being used by multiple groups who will rarely want to see each others stuff.
David Pollak
@dpp
Let's use the default namespace
The scripts/configs are starting points for folks
So, if there's a K8s guru admin person, she can modify the scripts to suit her needs
Emanuel Borsboom
@borsboom
Ok, so maybe I'll just prefix all the resources like rabbitmq with funcatron- to avoid confusion.
David Pollak
@dpp
Yeah... sounds right
For rabbit funcatron-rabbitmq
For the other components funcatron-frontend, funcatron-tron, funcatron-runner
Emanuel Borsboom
@borsboom

Oh... and it would be ideal if what we do runs on K8s 1.2 :-)

I think this will be doable, that's the release where resource types like Deployments and ConfigMaps were introduced.

The trick is finding a cluster that old :)
Emanuel Borsboom
@borsboom
Do you happen to have a v1.2 cluster running somewhere I can use to test? I tried with minikube but it doesn't support versions that old.
David Pollak
@dpp
I don't have one up right now. How about doing the PR against Minikube and I'll test against 1.2 when I can spin up a cluster.
Emanuel Borsboom
@borsboom
This looks like a decent approach to the "waiting for dependencies to be ready" problem in Kubernetes: https://blog.giantswarm.io/wait-for-it-using-readiness-probes-for-service-dependencies-in-kubernetes/
InitContainers are a nice newish feature in Kube 1.5, but this can be done without them too.
David Pollak
@dpp
Given that the thing the rest of the system needs to wait for is RabbitMQ and there's no HTTPish thing that I know of in Rabbit, I think the best thing to do is just start everything at once and I'll deal with it at the application level
Emanuel Borsboom
@borsboom
Ok, cool.
Emanuel Borsboom
@borsboom

@dpp: How do I tell tron which hostname to use to connect to rabbit? Currently it appears to be trying localhost:

Failed to open RabbitMQ Connection using {:hosts ["localhost"], :port 5672, :username "guest", :password "guest"}

Emanuel Borsboom
@borsboom

Point to Nginx port 80 and you should see it proudly saying "Funcatron"

Even though neither runner nor tron are running, the frontend still seems to be proudly saying "Funcatron", so not sure how much this test actually works out all the components.

David Pollak
@dpp
I'm going to have to update each of the components to use DNS to discover Rabbit... so there's no way things will "just work"... but as long as Nginx is running and you can see Rabbit and the JVM processes are running, I can do the rest.
Emanuel Borsboom
@borsboom
tron and runner both fail to start, so there are no JVM processes running in those.
David Pollak
@dpp
Are there logs for either?
Emanuel Borsboom
@borsboom
Yup, that's where I'm seeing the "Failed to open RabbitMQ Connection" message.
David Pollak
@dpp
Sorry... I'm blind and stupid :-(
Emanuel Borsboom
@borsboom
(so clearly a JVM process does start, it's just that it quits)
David Pollak
@dpp
1 sec... lemme see what to pass as the parameters to the JVM
Emanuel Borsboom
@borsboom
The mesos marathon config also has tron and runner request 2.0 CPUs and 2GB of memory, which is quite a lot (and means they won't run on the minikube's default settings). Should they really request that much?
David Pollak
@dpp
If you can pass --rabbit_host dns-name-for-rabbit to the tron an runner
1 cpu and 756MB should be okay