| Summary: | Unknown Access Error on OpenShift container image analysis | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Red Hat CloudForms Management Engine | Reporter: | Josh Carter <jocarter> | ||||
| Component: | SmartState Analysis | Assignee: | Erez Freiberger <efreiber> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Einat Pacifici <epacific> | ||||
| Severity: | high | Docs Contact: | |||||
| Priority: | high | ||||||
| Version: | 5.5.0 | CC: | bkozdemb, cpelland, dajohnso, efreiber, fsimonce, gblomqui, jhardy, jocarter, kmorey, mfeifer, nstephan, obarenbo, roliveri, simaishi, srevivo, ssainkar | ||||
| Target Milestone: | GA | Flags: | epacific:
automate_bug+
|
||||
| Target Release: | 5.6.0 | ||||||
| Hardware: | All | ||||||
| OS: | All | ||||||
| Whiteboard: | container:smartstate | ||||||
| Fixed In Version: | 5.6.0.6 | Doc Type: | Bug Fix | ||||
| Doc Text: |
Previously, there was an Unknown Access Error on OpenShift container image analysis. This was due to an issue with authenticating the service account.
This fix authenticates the service account that will allow image-inspector to pull images from the Openshift registry with authentication which has now resolved the issue.
|
Story Points: | --- | ||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2016-06-29 15:36:14 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Attachments: |
|
||||||
Created attachment 1122846 [details]
correct log
Please make sure that they followed the "Service Account" documentation here: https://access.redhat.com/documentation/en/red-hat-cloudforms/4.0/managing-providers/chapter-3-containers-providers they're essential to give ManageIQ enough permissions to do the smart state analysis. Merged upstream Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2016:1348 |
Description of problem: Getting the following error - image is pulled correctly, container starts up, but job stops a couple minutes later with an "unknown access error to pod"/HTTP Bad Gateway. [----] I, [2016-02-02T11:40:06.091131 #15737:11e598c] INFO -- : Q-task_id([9c382c32-c9cb-11e5-920c-1264baf72861]) MIQ(ManageIQ::Providers::Kubernetes::ContainerManager::Scanning::Job#start) creating pod management-infra/manageiq-img-scan-8ea21f4b3377 to analyze docker image 8ea21f4b33771090a388616326edac7762b20d19310512cc6c4bc58ff76aeb39: {"apiVersion":"v1","kind":"Pod","metadata":{"name":"manageiq-img-scan-8ea21f4b3377","namespace":"management-infra","labels":{"name":"manageiq-img-scan-8ea21f4b3377","manageiq.org":"true"},"annotations":{"manageiq.org/hostname":"cl-rhm-4004.ba.ssa.gov","manageiq.org/guid":"1041ecd2-c47f-11e5-b3c2-1264baf72861","manageiq.org/image":"registry.access.redhat.com/openshift3/metrics-cassandra:3.1.0","manageiq.org/jobid":"9c382c32-c9cb-11e5-920c-1264baf72861"}},"spec":{"restartPolicy":"Never","containers":[{"name":"image-inspector","image":"docker.io/fsimonce/image-inspector:v0.1.3","command":["/usr/bin/image-inspector","--image=registry.access.redhat.com/openshift3/metrics-cassandra:3.1.0","--serve=0.0.0.0:8080"],"ports":[{"containerPort":8080}],"securityContext":{"privileged":true},"volumeMounts":[{"mountPath":"/var/run/docker.sock","name":"docker-socket"}]}],"volumes":[{"name":"docker-socket","hostPath":{"path":"/var/run/docker.sock"}}]}} [----] I, [2016-02-02T11:40:11.080247 #15735:b1f990] INFO -- : Q-task_id([9c382c32-c9cb-11e5-920c-1264baf72861]) MIQ(ManageIQ::Providers::Kubernetes::ContainerManager::Scanning::Job#pod_wait) waiting for pod management-infra/manageiq-img-scan-8ea21f4b3377 to be available [----] I, [2016-02-02T11:42:05.806632 #15735:b1f990] INFO -- : Q-task_id([9c382c32-c9cb-11e5-920c-1264baf72861]) MIQ(ManageIQ::Providers::Kubernetes::ContainerManager::Scanning::Job#pod_wait) unknown access error to pod management-infra/manageiq-img-scan-8ea21f4b3377: #<Net::HTTPBadGateway:0x0000000bb9bf58> [----] I, [2016-02-02T11:42:08.919109 #15735:b1f990] INFO -- : Q-task_id([9c382c32-c9cb-11e5-920c-1264baf72861]) MIQ(ManageIQ::Providers::Kubernetes::ContainerManager::Scanning::Job#cleanup) deleting pod management-infra/manageiq-img-scan-8ea21f4b3377 Version-Release number of selected component (if applicable): 5.5.0 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: