What About Time Zones?
Your containers may default to running in UTC. If so, the time observed in container logs may be surprising. The local container time zone may be changed by specifying an explicit environment variable either at build or run-time.
- To set at run-time: docker run -e TZ=America/New_YORK {your container name}
- To set at build-time: Include the following lines in your Dockerfile:
- ARG TZ
- ENV TZ ${TZ:-America/Detroit}
- RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
In OpenShift environment variables can be set from Environment tab or in the deployment configuration or template json/yaml.
Java - A Maven Build Needs A Jar Not In A Public Repository
Build and install that dependency from source right in the Dockerfile. It just adds a couple of lines to file. If this is a frequent problem other approaches can be discussed. This is likely not to work for a S2I build that bypasses the Dockerfile. Other methods such as linked builds and a UMich internal Maven repository may be possible.
Examining A Persistent Volume
OpenShift persistent volumes are not visible outside of the project they are in. That makes it difficult to examine or extract files directly. If you have persistent pods then it's possible to ssh into the pod and examine the volume from the command line or to use the oc rsync command. If you have a job that only runs periodically (e.g. a CronJob) then you can create a temporary application in the project and attach the storage to that. E.g. use the bash image from Dockerhub. Make sure to override the image arguments so that it runs an enduring process. Otherwise OpenShift will continuously kill and restart it. Adding ["sleep","60000"] as image args works.
Running Scheduled Jobs (cron)
OpenShift has an explicit concept of Jobs and CronJobs to run scheduled batch processing.
- OpenShift Cron Job documentation can be found here.
- Kubernetes Cron Job documentation can be found here.
Some Container Service customers have also run regular jobs using Jenkins. Contact the Container Service if you would like to discuss this further.
Viewing Logs In OpenShift
This topic is covered in masterly detail here.
Shibboleth/SAML
Several Container Service applications have utilized shibboleth as its authentication provider. This write-up documents how a python developer accomplished this.
OpenID Connect (OIDC)
Several Container Service applications have utilized OIDC as its authentication provider. This write-up documents provides some fundamental information useful when getting started with OIDC.