Bug 1415046

Summary: [3.1] Installer should persist net.ipv4.ip_forward
Product: OpenShift Container Platform Reporter: Jaspreet Kaur <jkaur>
Component: InstallerAssignee: Scott Dodson <sdodson>
Status: CLOSED CURRENTRELEASE QA Contact: Wenkai Shi <weshi>
Severity: low Docs Contact:
Priority: low    
Version: 3.1.0CC: abhgupta, aos-bugs, bbennett, gpei, jialiu, jkaur, jokerman, mmccomas, sdodson, tbielawa
Target Milestone: ---   
Target Release: 3.1.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: Network Manager resets the net.ipv4.ip_forward parameter Consequence: OpenShift loses certain functionality. Fix: The installer sets the sysctl parameter on the system level now. Result: Network manager restarts no longer interfere with the installation process.
Story Points: ---
Clone Of: 1372388 Environment:
Last Closed: 2017-04-19 20:17:11 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1372388, 1415067, 1477716    
Bug Blocks:    

Comment 4 Scott Dodson 2017-01-20 16:06:19 UTC
Workaround is to run the following

echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -w net.ipv4.ip_forward=1

Comment 6 Tim Bielawa 2017-03-16 18:24:22 UTC
The commit(s) that persist the sysctl parameter are present in the 1.2, 1.3, 1.4, 1.5, and master branches

I have checked where the original fix for this has propagated to. The original commit was in the master branch:

> https://github.com/openshift/openshift-ansible/commit/2ce9018ece4dffe10ecc355adffa6fd2782619d7

and was backported into the 1.{3,4,5} branches:

> $ git branch --contains=2ce9018ece4dffe10ecc355adffa6fd2782619d7 | grep -E '(release|master)'            
> * master
>   release-1.3
>   release-1.4
>   release-1.5

And later backported to the 3.2 branch (I forgot to cherry-pick so it got a new hash):

> https://github.com/openshift/openshift-ansible/commit/2ecf5f2305e0389a9c971a67cc1768d3bd3c60f5

> $ git branch --contains=2ecf5f2305e0389a9c971a67cc1768d3bd3c60f5 | grep -E '(release|master)'
>   release-1.2

I could not locate a release-1.1 branch in the openshift-ansible repository. I will consult with sdodson as to what we should do about this whole matter.

Comment 7 Tim Bielawa 2017-03-16 18:34:51 UTC
Scott pointed me at the branch. Whoops.

New PR is open to backport this to 1.1

https://github.com/openshift/openshift-ansible/pull/3686

Comment 8 Tim Bielawa 2017-03-16 18:37:55 UTC
Merged

Comment 10 Wenkai Shi 2017-03-17 06:23:14 UTC
(In reply to Tim Bielawa from comment #8)
> Merged

Could you please help to build a 3.1 errata puddle? Then I can verify this. Thank you!

Comment 11 Tim Bielawa 2017-03-17 16:14:17 UTC
(In reply to Wenkai Shi from comment #10)
> (In reply to Tim Bielawa from comment #8)
> > Merged
> 
> Could you please help to build a 3.1 errata puddle? Then I can verify this.
> Thank you!

I'm not certain how to do that but I'm pinging Scott again to see if maybe he can help.

Comment 13 Wenkai Shi 2017-03-22 02:31:47 UTC
(In reply to Tim Bielawa from comment #11)
> (In reply to Wenkai Shi from comment #10)
> > (In reply to Tim Bielawa from comment #8)
> > > Merged
> > 
> > Could you please help to build a 3.1 errata puddle? Then I can verify this.
> > Thank you!
> 
> I'm not certain how to do that but I'm pinging Scott again to see if maybe
> he can help.

I can not find a 3.1 errata puddle to verify this. Could you please help me to build a new puddle?

Comment 14 Wenkai Shi 2017-03-22 02:57:56 UTC
(In reply to Tim Bielawa from comment #11)
> (In reply to Wenkai Shi from comment #10)
> > (In reply to Tim Bielawa from comment #8)
> > > Merged
> > 
> > Could you please help to build a 3.1 errata puddle? Then I can verify this.
> > Thank you!
> 
> I'm not certain how to do that but I'm pinging Scott again to see if maybe
> he can help.

Sorry for last comment... change the status to modified, and will verify this when the status change to ON_QA.

Comment 17 Wenkai Shi 2017-03-31 06:27:24 UTC
Verified with version openshift-ansible-3.0.99-1.git.0.d5976c8.el7aos.noarch.

Setup an env, after installation, check the current IP forwarding status on node:
# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
# grep net.ipv4.ip_forward /etc/sysctl.conf
net.ipv4.ip_forward=1

Then reboot and check the IP forwarding status:
# systemctl reboot
# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1