how to host openshift on web browser

November 11, 2015 625 views
Deployment

puppet file has been generated & after running the command puppet apply with file name i am getting the following output
puppet apply /root/ooinstallconfigureopenshift.openshiftdomain.com.pp
warning: Could not retrieve fact fqdn
warning: Scope(Class[Openshift
origin::Plugins::Dns::Nsupdate]): Generate the Key file with '/usr/sbin/dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom -K /var/named openshift.com'
warning: Scope(Class[Openshiftorigin::Plugins::Dns::Nsupdate]): Use the last field in the generated key file /var/named/Kopenshift.com*.key
bind
key is required. at /etc/puppet/modules/openshift_origin/manifests/plugins/dns/nsupdate.pp:30 on node openshift

if i try to generate bind key using the path provided i am getting following output
/usr/sbin/dnssec-keygen -a HMAC -MD5 -b 512 -n USER -r /dev/urandom -K /var/named openshift.com
dnssec-keygen: invalid argument -M
Usage:
dnssec-keygen [options] name

Version: 9.8.2rc1-RedHat-9.8.2-0.37.rc1.el6_7.4
name: owner of the key
Options:
-K <directory>: write keys into directory
-a <algorithm>:
RSA | RSAMD5 | DSA | RSASHA1 | NSEC3RSASHA1 | NSEC3DSA |
RSASHA256 | RSASHA512 | ECCGOST |
DH | HMAC-MD5 | HMAC-SHA1 | HMAC-SHA224 | HMAC-SHA256 |
HMAC-SHA384 | HMAC-SHA512
(default: RSASHA1, or NSEC3RSASHA1 if using -3)
-3: use NSEC3-capable algorithm
-b <key size in bits>:
RSAMD5: [512..4096]
RSASHA1: [512..4096]
NSEC3RSASHA1: [512..4096]
RSASHA256: [512..4096]
RSASHA512: [1024..4096]
DH: [128..4096]
DSA: [512..1024] and divisible by 64
NSEC3DSA: [512..1024] and divisible by 64
ECCGOST: ignored
HMAC-MD5: [1..512]
HMAC-SHA1: [1..160]
HMAC-SHA224: [1..224]
HMAC-SHA256: [1..256]
HMAC-SHA384: [1..384]
HMAC-SHA512: [1..512]
(if using the default algorithm, key size
defaults to 2048 for KSK, or 1024 for all others)
-n <nametype>: ZONE | HOST | ENTITY | USER | OTHER
(DNSKEY generation defaults to ZONE)
-c <class>: (default: IN)
-d <digest bits> (0 => max, default)
-E <engine name>
-e: use large exponent (RSAMD5/RSASHA1 only)
-f <keyflag>: KSK | REVOKE
-g <generator>: use specified generator (DH only)
-p <protocol>: (default: 3 [dnssec])
-s <strength>: strength value this key signs DNS records with (default: 0)
-T <rrtype>: DNSKEY | KEY (default: DNSKEY; use KEY for SIG(0))
ECCGOST: ignored
-t <type>: AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF (default: AUTHCONF)
-r <randomdev>: a file containing random data
-h: print usage and exit
-m <memory debugging mode>:
usage | trace | record | size | mctx
-v <level>: set verbosity level (0 - 10)
Timing options:
-P date/[+-]offset/none: set key publication date (default: now)
-A date/[+-]offset/none: set key activation date (default: now)
-R date/[+-]offset/none: set key revocation date
-I date/[+-]offset/none: set key inactivation date
-D date/[+-]offset/none: set key deletion date
-G: generate key only; do not set -P or -A
-C: generate a backward-compatible key, omitting all dates
-S <key>: generate a successor to an existing key
-i <interval>: prepublication interval for successor key (default: 30 days)
Output:
K<name>+<alg>+<id>.key, K<name>+<alg>+<id>.private

can you please help me with this, so that i will be able to generate bind key & proceed further!!! please help

1 Answer

Hello,

It appears you put a space between one of the commands and that's the error.

Notice the command is

/usr/sbin/dnssec-keygen -a HMAC-MD5 -b 512 -n USER -r /dev/urandom -K /var/named openshift.com

There is no space between the HMAC-MD5. When you post what you typed, you put a space. This means it reads -md5 as an argument; which it isn't. Can you try running the command without the typo?

Have another answer? Share your knowledge.