Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1378840

Summary: Scaleup playbook not updating no_proxy lists
Product: OpenShift Container Platform Reporter: Jaspreet Kaur <jkaur>
Component: InstallerAssignee: Scott Dodson <sdodson>
Installer sub component: openshift-ansible QA Contact: Johnny Liu <jialiu>
Status: CLOSED WONTFIX Docs Contact:
Severity: medium    
Priority: low CC: agawand, aos-bugs, bleanhar, bpritche, erjones, ghuang, jokerman, mchappel, mmccomas, mruzicka, myllynen, nbhatt, pkanthal, sdodson
Version: 3.2.0   
Target Milestone: ---   
Target Release: 4.1.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-08-09 13:23:19 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jaspreet Kaur 2016-09-23 11:01:10 UTC 
Description of problem:

There are a number of places where no_proxy lists are being autogenerated to include all nodes/routers/masters during scale-up operations these aren't being updated.

After scaling up our cluster to add 'external' nodes we discovered that we couldn't access the pod logs for pods living on the new nodes.

After digging this was due to the requests being routed via our proxy (which doesn't allow port 10250).

We've manually added the new nodes to the various no_proxy lists on the masters and can now access the logs.

So far I've found the following files which need updating:

Masters:

    /etc/origin/master/master-config.yaml
    /etc/sysconfig/atomic-openshift-master
    /etc/sysconfig/atomic-openshift-master-api
    /etc/sysconfig/atomic-openshift-master-controllers

All Nodes:

    /etc/sysconfig/docker

Version

openshift 3.2


Steps To Reproduce

    stand up cluster including HTTP proxies, where the proxy won't allow port 10250 access
    Expand the cluster using the scaleup playbook
    Attempt to access log files for a pod on the new host

Current Result

Obscure permission denied errors


Expected Result : It should be able to add proxy configurations.
Comment 1 Mark Chappell 2016-09-23 12:32:13 UTC 
See also : https://github.com/openshift/openshift-ansible/issues/1940
Comment 2 Scott Dodson 2017-02-10 01:31:17 UTC 
*** Bug 1338676 has been marked as a duplicate of this bug. ***
Comment 3 Scott Dodson 2017-02-10 01:33:34 UTC 
A workaround for environments where all hosts within a given dns domain should not require a proxy is to set like openshift_no_proxy='.example.com'
Comment 10 Scott Dodson 2017-08-24 18:42:39 UTC 
Continuing to add each host's IP address is not a solution that scales well with many hosts. It's preferred that a dns zone is specified in openshift_no_proxy which will cover all the hosts for which services should not use a proxy.

Lowering priority.
Comment 19 Scott Dodson 2018-08-09 13:23:19 UTC 
The best solution here is to ensure that there's a dns zone that can be configured to exclude all hosts from proxy configuration.
Comment 21 Scott Dodson 2019-07-30 20:26:26 UTC 
*** Bug 1694012 has been marked as a duplicate of this bug. ***