Bug 1353354
Summary: | Upgrade from 3.1 to 3.2 overwrites AWS variables in /etc/sysconfig/atomic-openshift-master-* | |||
---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Steven Walter <stwalter> | |
Component: | Cluster Version Operator | Assignee: | Devan Goodwin <dgoodwin> | |
Status: | CLOSED ERRATA | QA Contact: | Anping Li <anli> | |
Severity: | medium | Docs Contact: | ||
Priority: | high | |||
Version: | 3.2.0 | CC: | akokshar, aos-bugs, bleanhar, dgoodwin, jokerman, mmccomas | |
Target Milestone: | --- | |||
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Bug Fix | ||
Doc Text: |
Previous versions allowed the user to specify AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY in their /etc/sysconfig/ files for OpenShift services. During upgrade these files are updated according to a template, if the user had not yet switched to using the new cloud provider framework their pre-existing AWS variables would be overwritten.
The upgrade process has been modified to preserve these variables if they are present during upgrade, and a cloud provider is not configured.
|
Story Points: | --- | |
Clone Of: | ||||
: | 1370641 (view as bug list) | Environment: | ||
Last Closed: | 2016-09-27 09:39:20 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1370641 |
Description
Steven Walter
2016-07-06 21:29:41 UTC
Additional info: After installation we also noticed that mounting of the /etc/origin/cloudprovider directory was not present in /etc/systemd/system/atomic-openshift-node.service We had to add the following parameter manually: -v /etc/origin/cloudprovider:/etc/origin/cloudprovider Also new configuration has not been added to master-config.yaml, we thought that specifying the following in the hosts files would create proper entries: openshift_builddefaults_http_proxy openshift_builddefaults_https_proxy openshift_builddefaults_no_proxy openshift_builddefaults_git_http_proxy openshift_builddefaults_git_https_proxy From the customer: During the upgrade from 3.2.1.4 to 3.2.1.9 we faced the issue with missing AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY in /etc/sysconfig/atomic-openshift-master-api /etc/sysconfig/atomic-openshift-master-controllers We have learned that they are missing when hosts file contains the variables: openshift_release=v3.2 openshift_image_tag=v3.2.1.9 openshift_pkg_version=-3.2.1.9 We modified first the ansible templates - atomic-openshift-master-api.j2 - atomic-openshift-master-controllers.j2 and removed the "if" block {% if 'cloudprovider' in openshift and 'aws' in openshift.cloudprovider and 'kind' in openshift.cloudprovider and openshift.cloudprovider.kind == 'aws' and 'access_key' in openshift.cloudprovider.aws and 'secret_key' in openshift.cloudprovider.aws %} AWS_ACCESS_KEY_ID={{ openshift.cloudprovider.aws.access_key }} AWS_SECRET_ACCESS_KEY={{ openshift.cloudprovider.aws.secret_key }} {% endif %} leaving only: AWS_ACCESS_KEY_ID={{ openshift.cloudprovider.aws.access_key }} AWS_SECRET_ACCESS_KEY={{ openshift.cloudprovider.aws.secret_key }} In this case the ansible upgrade script failed with: fatal: [master01.pink.eu-central-1.aws.openpaas.axa-cloud.com]: FAILED! => {"changed": false, "failed": true, "msg": "AnsibleUndefinedVariable: 'dict object' has no attribute 'cloudprovider'"} After hardcoding the values, the upgrade procedure worked. The keys can be found after upgraded so move bug to verified. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2016:1933 |