Open ValheruEldarr opened 1 month ago
Hello @ValheruEldarr , I'm glad you like the course. It looks like you ran into an issue with RoleBindings.
system:serviceaccount:sheldonbernstein-dev:python\\" cannot list resource \\"pods\\" in API group \\"\\" in the namespace \\"openshift-virtualization-os-images\\"
you seem to be trying to run this from the openshift-virtualization-os-images
namespace, do you know why that is?
Are you running on the Red Hat OpenShift Developer Sandbox?
You will need to follow my documentation in the README to grant the right RoleBindings to get this to work in OpenShift AI. I just tested my instructions and they seem to be working as long as you create an OpenShift AI workbench named python
in your sheldonbernstein-dev
Data Science Project.
oc create rolebinding python-edit --clusterrole=edit \
--serviceaccount=$(oc get project -o \
jsonpath={.items[0].metadata.name}):python
oc create role python-edit-rolebindings \
--verb=get,list,watch,create,update,patch,delete \
--resource=roles,rolebindings
oc create rolebinding python-edit-rolebindings --role=python-edit-rolebindings \
--serviceaccount=$(oc get project -o jsonpath={.items[0].metadata.name}):python
Have a look at why this part -e ansible_operator_meta_namespace=$(oc get project -o jsonpath={.items[0].metadata.name})
of the Ansible Playbooks would be returning openshift-virtualization-os-images
for you, but you can replace this with the right namespace sheldonbernstein-dev
instead.
Appreciate the reply and the incredible work! I initially began on my macbook but them moved to the online terminal. Certain there is where the mistake was made. Started over using just the online terminal: bingo! Got to step 12 without any issues. Trying to figure out how to commit the work I have done, to git hub. But not making traction as of: Setting imports and app. For example, throughout the notebook (very well documented), I was able to SHIFT ENTER to execute commands (very helpful). As of: Section 12 Setting imports and app - this doesn't seem to be the case. Where should I be executing the commands for the remainder that notebook?
For example, where should I execute the following?
import os import pytz import requests from flask import Flask from datetime import datetime, timezone
app = Flask(name)
same problem. oc get project -o jsonpath={.items[0].metadata.name}
is the wrong way! the correct way is oc project -q
.
please update the 02-deploy-microservices.
@ValheruEldarr So the Jupyter Notebook #12 is for building your own new python project in the Jupyter workbench. I realize from your feedback that it's a bit difficult to understand, since we wrote and walked through this notebook together at a live Hackathon with 3 Universities in North Carolina a few months ago. See the section later on "Building a container with my application." It has some commands for you to run to initialize the project directory.
mkdir ~/smartvillage-service
touch ~/smartvillage-service/Dockerfile
touch ~/smartvillage-service/app.py
mkdir -p ~/smartvillage-service/.github/workflows/
touch ~/smartvillage-service/.github/workflows/build.yml
echo "**/.ipynb_checkpoints" >> ~/smartvillage-service/.gitignore
I'll keep that in mind to make that more clear.
Thanks. That helps.
Question: am I able to log into the smartcity instance on your page: https://www.smartabyarsmartvillage.org/
Hi @ValheruEldarr , the smartabyarsmartvillage.org is for student researchers at Boston University for their research. I'm curious, what would you like to do with the Smart Village platform?
Hi Christopher,
Apologies for the delay, I had taken ill. I am partnered with Tony and others in ogov and nova city. This is my research regarding RH’s deployment of such services. I like to get my hands dirty :)
Thanks, Sheldon
On Mon, Jun 3, 2024 at 10:28 Christopher Tate @.***> wrote:
Hi @ValheruEldarr https://github.com/ValheruEldarr , the smartabyarsmartvillage.org is for student researchers at Boston University for their research. I'm curious, what would you like to do with the Smart Village platform?
— Reply to this email directly, view it on GitHub https://github.com/smartabyar-smartvillage/smartabyar-smartvillage-sandbox-course/issues/5#issuecomment-2145645647, or unsubscribe https://github.com/notifications/unsubscribe-auth/BIK6S3ICOUXTNW3QVZWO4FDZFSKUJAVCNFSM6AAAAABHLZH4EWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBVGY2DKNRUG4 . You are receiving this because you were mentioned.Message ID: <smartabyar-smartvillage/smartabyar-smartvillage-sandbox-course/issues/5/2145645647 @github.com>
Great resources!
When deploying MongDB with the command: %%bash ansible-playbook ~/smartvillage-operator/apply-edgemongodb.yaml \ -e ansible_operator_meta_namespace=$(oc get project -o jsonpath={.items[0].metadata.name}) \ -e crd_path=~/smartvillage-operator/kustomize/overlays/sandbox/edgemongodbs/mongodb/edgemongodb.yaml echo DONE
This error is received and status checks fail: [WARNING]: No inventory was parsed, only implicit localhost is available [WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'
Task details: TASK [apply-edgemongodb : Query MongoDB pod] ***** fatal: [localhost]: FAILED! => {"msg": "An unhandled exception occurred while running the lookup plugin 'kubernetes.core.k8s'. Error was a <class 'kubernetes.dynamic.exceptions.ForbiddenError'>, original message: 403\nReason: Forbidden\nHTTP response headers: HTTPHeaderDict({'Audit-Id': '522d8e6c-f1c3-4399-9bfa-90297981a29b', 'Cache-Control': 'no-cache, private', 'Content-Type': 'application/json', 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains; preload', 'X-Content-Type-Options': 'nosniff', 'X-Kubernetes-Pf-Flowschema-Uid': '0b321f04-3a18-431d-abfa-9d04ea93f4d5', 'X-Kubernetes-Pf-Prioritylevel-Uid': 'f0c457a4-deeb-4b75-a040-46e5f739dfc1', 'Date': 'Tue, 07 May 2024 21:38:05 GMT', 'Content-Length': '321'})\nHTTP response body: b'{\"kind\":\"Status\",\"apiVersion\":\"v1\",\"metadata\":{},\"status\":\"Failure\",\"message\":\"pods is forbidden: User \\\"system:serviceaccount:sheldonbernstein-dev:python\\\" cannot list resource \\\"pods\\\" in API group \\\"\\\" in the namespace \\\"openshift-virtualization-os-images\\\"\",\"reason\":\"Forbidden\",\"details\":{\"kind\":\"pods\"},\"code\":403}\n'\nOriginal traceback: \n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/dynamic/client.py\", line 55, in inner\n resp = func(self, *args, kwargs)\n\n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/dynamic/client.py\", line 270, in request\n api_response = self.client.call_api(\n\n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/client/api_client.py\", line 348, in call_api\n return self.call_api(resource_path, method,\n\n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/client/api_client.py\", line 180, in __call_api\n response_data = self.request(\n\n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/client/api_client.py\", line 373, in request\n return self.rest_client.GET(url,\n\n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/client/rest.py\", line 244, in GET\n return self.request(\"GET\", url,\n\n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/client/rest.py\", line 238, in request\n raise ApiException(http_resp=r)\n. 403\nReason: Forbidden\nHTTP response headers: HTTPHeaderDict({'Audit-Id': '522d8e6c-f1c3-4399-9bfa-90297981a29b', 'Cache-Control': 'no-cache, private', 'Content-Type': 'application/json', 'Strict-Transport-Security': 'max-age=31536000; includeSubDomains; preload', 'X-Content-Type-Options': 'nosniff', 'X-Kubernetes-Pf-Flowschema-Uid': '0b321f04-3a18-431d-abfa-9d04ea93f4d5', 'X-Kubernetes-Pf-Prioritylevel-Uid': 'f0c457a4-deeb-4b75-a040-46e5f739dfc1', 'Date': 'Tue, 07 May 2024 21:38:05 GMT', 'Content-Length': '321'})\nHTTP response body: b'{\"kind\":\"Status\",\"apiVersion\":\"v1\",\"metadata\":{},\"status\":\"Failure\",\"message\":\"pods is forbidden: User \\\"system:serviceaccount:sheldonbernstein-dev:python\\\" cannot list resource \\\"pods\\\" in API group \\\"\\\" in the namespace \\\"openshift-virtualization-os-images\\\"\",\"reason\":\"Forbidden\",\"details\":{\"kind\":\"pods\"},\"code\":403}\n'\nOriginal traceback: \n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/dynamic/client.py\", line 55, in inner\n resp = func(self, *args, **kwargs)\n\n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/dynamic/client.py\", line 270, in request\n api_response = self.client.call_api(\n\n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/client/api_client.py\", line 348, in call_api\n return self.call_api(resource_path, method,\n\n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/client/api_client.py\", line 180, in __call_api\n response_data = self.request(\n\n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/client/api_client.py\", line 373, in request\n return self.rest_client.GET(url,\n\n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/client/rest.py\", line 244, in GET\n return self.request(\"GET\", url,\n\n File \"/opt/app-root/lib64/python3.9/site-packages/kubernetes/client/rest.py\", line 238, in request\n raise ApiException(http_resp=r)\n"}
PLAY RECAP ***** localhost : ok=7 changed=0 unreachable=0 failed=1 skipped=3 rescued=0 ignored=1