| Summary: | Scaleup playbook not updating no_proxy lists | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Jaspreet Kaur <jkaur> |
| Component: | Installer | Assignee: | Scott Dodson <sdodson> |
| Installer sub component: | openshift-ansible | QA Contact: | Johnny Liu <jialiu> |
| Status: | CLOSED WONTFIX | Docs Contact: | |
| Severity: | medium | ||
| Priority: | low | CC: | agawand, aos-bugs, bleanhar, bpritche, erjones, ghuang, jokerman, mchappel, mmccomas, mruzicka, myllynen, nbhatt, pkanthal, sdodson |
| Version: | 3.2.0 | ||
| Target Milestone: | --- | ||
| Target Release: | 4.1.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-08-09 13:23:19 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
*** Bug 1338676 has been marked as a duplicate of this bug. *** A workaround for environments where all hosts within a given dns domain should not require a proxy is to set like openshift_no_proxy='.example.com' Continuing to add each host's IP address is not a solution that scales well with many hosts. It's preferred that a dns zone is specified in openshift_no_proxy which will cover all the hosts for which services should not use a proxy. Lowering priority. The best solution here is to ensure that there's a dns zone that can be configured to exclude all hosts from proxy configuration. *** Bug 1694012 has been marked as a duplicate of this bug. *** |
Description of problem: There are a number of places where no_proxy lists are being autogenerated to include all nodes/routers/masters during scale-up operations these aren't being updated. After scaling up our cluster to add 'external' nodes we discovered that we couldn't access the pod logs for pods living on the new nodes. After digging this was due to the requests being routed via our proxy (which doesn't allow port 10250). We've manually added the new nodes to the various no_proxy lists on the masters and can now access the logs. So far I've found the following files which need updating: Masters: /etc/origin/master/master-config.yaml /etc/sysconfig/atomic-openshift-master /etc/sysconfig/atomic-openshift-master-api /etc/sysconfig/atomic-openshift-master-controllers All Nodes: /etc/sysconfig/docker Version openshift 3.2 Steps To Reproduce stand up cluster including HTTP proxies, where the proxy won't allow port 10250 access Expand the cluster using the scaleup playbook Attempt to access log files for a pod on the new host Current Result Obscure permission denied errors Expected Result : It should be able to add proxy configurations.