Bug 1316615

Summary: Release Notes, Know issues should explain all options to Customers.
Product: OpenShift Container Platform Reporter: Eric Rich <erich>
Component: DocumentationAssignee: Vikram Goyal <vigoyal>
Status: CLOSED CURRENTRELEASE QA Contact: Vikram Goyal <vigoyal>
Severity: high Docs Contact: Vikram Goyal <vigoyal>
Priority: high    
Version: 3.1.0CC: akostadi, aos-bugs, bleanhar, jdetiber, jialiu, jokerman, knakayam, mmccomas, pep, sdodson, xiama, zzhao
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1293578 Environment:
Last Closed: 2016-05-30 21:06:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Eric Rich 2016-03-10 15:36:57 UTC 
+++ This bug was initially created as a clone of Bug #1293578 +++

Document URL: https://docs.openshift.com/enterprise/3.1/release_notes/ose_3_1_release_notes.html#ose-3-1-1-known-issues

Section Number and Name: Known Issues > BZ#1293578

Describe the issue: 

Documentation only suggest an iptables rule change, this may not be desirable to all customers, and in fact this is not the only option! Livlyness changes to the router can also be made, that if implemented, iptalbes changes and port exposure is not needed. 

Suggestions for improvement: 

The docs here need to describe alternative options, to opening up ports with iptables.
Docs need to explain how to revert or remove iptables rules that are put in place with Ansible, as they are not need if the liveliness probe is used. 

# oc get dc/router -o yaml
        livenessProbe:
          httpGet:
            host: localhost               ### This needs to be added if you do not setup the iptables rule. 
            path: /healthz
            port: 1936
            scheme: HTTP 

Additional information:
Comment 1 Scott Dodson 2016-03-10 16:03:40 UTC 
> Docs need to explain how to revert or remove iptables rules that are put in
> place with Ansible, as they are not need if the liveliness probe is used. 

Ansible never did this. The only time that this would be in place is if they manually did it as part of an effort to remedy the liveness probe on a host where the value of openshift_hostname resolves to a non local IP address.

I had already put in a PR based on Kenjiro's comments on the bug this was cloned for. I've updated that PR to simply suggest that they switch the liveness probes to localhost.

Please see https://github.com/openshift/openshift-docs/pull/1723 for what i've suggested.
Comment 2 Vikram Goyal 2016-05-30 21:06:00 UTC 
(In reply to Scott Dodson from comment #1)
> > Docs need to explain how to revert or remove iptables rules that are put in
> > place with Ansible, as they are not need if the liveliness probe is used. 
> 
> Ansible never did this. The only time that this would be in place is if they
> manually did it as part of an effort to remedy the liveness probe on a host
> where the value of openshift_hostname resolves to a non local IP address.
> 
> I had already put in a PR based on Kenjiro's comments on the bug this was
> cloned for. I've updated that PR to simply suggest that they switch the
> liveness probes to localhost.
> 
> Please see https://github.com/openshift/openshift-docs/pull/1723 for what
> i've suggested.

Based on Scott's PR and changes [1], I am going to close this bug. Please let me know if you think otherwise.

https://docs.openshift.com/enterprise/3.1/install_config/upgrading/manual_upgrades.html#manual-step-ose-3-1-1