We’re integrating Tectonic with Red Hat OpenShift

We are bringing the best of Tectonic to Red Hat OpenShift to build the most secure, hybrid Kubernetes application platform.

AWS: Troubleshooting Installation

Known issues and gotchas in Tectonic installation on AWS

Tectonic Installer stalls if the STS security token expires during a session

Tectonic installation on AWS fails if the AWS Security Token Service (STS) token expires before installation is complete. This issue arises when multi-factor authentication is configured for the IAM role. If the installation is resumed with a progress file, resource names might conflict because the cluster has been partially created on AWS. To work around, delete the AWS CloudFormation stack before using the progress file to restart the install. In the AWS console, click the CloudFormation option under Management Tools. Delete the stack with the name of the cluster whose installation stalled.

Route53 DNS resolution

An issue arises when a domain's A record resolution is attempted before Route53 publishes the cluster's A record and the NXDOMAIN response is cached in the NCACHE (RFC2308). This negative response may be cached for up to the number of seconds set in the domain's SOA record's TTL. Resolution fails until the negative caching TTL expires. These TTLs are typically large enough to disrupt the installation. The current workaround is to ensure your TTLs are set to a low interval, or to wait for them to expire, then proceed with the installation.

Domain name can't be changed

The domain configured for Route53 name service and the domain names selected for Tectonic and Controller DNS names during install cannot be easily changed later. If a cluster's domain name needs to change, set up a new cluster with the new domain name and migrate cluster work to it.

License and pull-secret formats

When copying your license and pull-secret from account.coreos.com, be sure to choose the correct format. The license format should be "Raw Format" and the pull-secret should be in the "dockercfg" format.

VPC peering not supported

A VPC containing a Tectonic cluster should not be peered with other VPCs due to the potential for IP routing conflicts.

Safari browser on OSX

Tectonic Installer may fail to download assets.zip file during the install due to a known issue in Safari/Webkit. OSX users are advised to use Firefox or Chrome to use Tectonic Installer on OSX machines.

Community Support Forum

Make sure to check out the community support forum to work through issues, report bugs, identify documentation requirements, or put in feature requests.