We are bringing the best of Tectonic to Red Hat OpenShift to build the most secure, hybrid Kubernetes application platform.
Tectonic etcd nodes are not assigned a public IP address, only the master node are. To debug an etcd node, SSH to it through a master (bastion host) or use a VPN connected to the internal network.
To do so, perform the following:
Once a passphrase of the local ssh key is added to ssh-agent
, you will not be prompted for the credentials the next time connecting to nodes via SSH or SCP. The following instructions outline adding a passphrase to the ssh-agent
on the system.
$ eval ssh-agent
$ ssh-add
The ssh-add
command prompts for a private key passphrase and adds it to the list maintained by ssh-agent
.
Enter your private key passphrase.
Before logging out, run the following:
$ kill $SSH_AGENT_PID
To automatically run this command when logging out, place it in the .logout
file if you are using csh or tcsh. Place the command in the .bash_logout
file if you are using bash.
SSH to a master node with its EXTERNAL-IP
, providing the -A
flag to forward the local ssh-agent
. Add the -i
option giving the location of the ssh key known to Tectonic:
$ ssh -A core@10.0.23.37 -i /path/to/tectonic/cluster/ssh/key
Run the following command on the master instance:
core@ip-10-0-23-37 ~ $ grep etcd /opt/tectonic/manifests/kube-apiserver.yaml
- --etcd-servers=http://10.0.23.31:2379
# From the master node
$ ssh core@10.0.23.31
To investigate issues with etcd, execute:
$ systemctl status etcd-member && journalctl etcd-member