Bug 1434679

Summary: [3.5] openshift-ansible should do nothing to existed excluders when set "enable_excluders=false"
Product: OpenShift Container Platform Reporter: liujia <jiajliu>
Component: Cluster Version OperatorAssignee: Scott Dodson <sdodson>
Status: CLOSED ERRATA QA Contact: liujia <jiajliu>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.5.0CC: aos-bugs, bleanhar, jchaloup, jiajliu, jokerman, mmccomas, wmeng
Target Milestone: ---   
Target Release: 3.5.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Previously, if enable_excluders=false the playbooks would still install and upgrade the excluders during the config playbook even if the excluders were never previously installed. Now, if the excluders were not previously installed, the playbooks will avoid installing them.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2017-05-17 17:38:50 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description liujia 2017-03-22 06:34:09 UTC 
Description of problem:
Upgrade ocp3.4 to ocp3.5 when set "enable_excluders=false" or "enable_openshift_excluder=false" in inventory file, openshift-ansible should do nothing to existed excluders and upgrade should stop/exit for openshift-excluder enabled, rather than disable it and continue upgrade. It will result that new version's openshift cluster work with unexpected version's excluders.  

[before install]:
atomic-openshift-docker-excluder-3.4.1.10-1.git.0.c96aed3.el7.noarch
atomic-openshift-excluder-3.4.1.10-1.git.0.c96aed3.el7.noarch

exclude= docker*1.20*  docker*1.19*  docker*1.18*  docker*1.17*  docker*1.16*  docker*1.15*  docker*1.14*  docker*1.13*  tuned-profiles-atomic-openshift-node  atomic-openshift-tests  atomic-openshift-sdn-ovs  atomic-openshift-recycle  atomic-openshift-pod  atomic-openshift-node  atomic-openshift-master  atomic-openshift-dockerregistry  atomic-openshift-clients-redistributable  atomic-openshift-clients  atomic-openshift 

[after install]:
atomic-openshift-docker-excluder-3.4.1.10-1.git.0.c96aed3.el7.noarch
atomic-openshift-excluder-3.4.1.10-1.git.0.c96aed3.el7.noarch

exclude= docker*1.20*  docker*1.19*  docker*1.18*  docker*1.17*  docker*1.16*  docker*1.15*  docker*1.14*  docker*1.13*


Version-Release number of selected component (if applicable):
atomic-openshift-utils-3.5.39-1.git.0.cb12cdb.el7.noarch

How reproducible:
always

Steps to Reproduce:
1. install ocp3.4
2. install docker-excluder and openshift-excluder on the hosts
3. preprae new repos and inventory file to add following variable
enable_excluders=false
4. run upgrade playbook

Actual results:
Upgrade finished with openshift-excluder diabled and docker-excluder enabled.

Expected results:
Upgrade will stop and exit for atomic-openshift-excluder was enabled.

Additional info:
It hit the same issue when set "enable_openshift_excluder=false".
Comment 4 Jan Chaloupka 2017-03-28 13:55:49 UTC 
This PR [1] makes the OCP version detection independent of excluders so we don't have to disable atomic-openshift-excluder if it is installed (even if enable_openshift_excluder is set to false)

[1] https://github.com/openshift/openshift-ansible/pull/3781
Comment 10 liujia 2017-05-02 10:02:33 UTC 
Version:
atomic-openshift-utils-3.5.60-1.git.0.b6f77a6.el7.noarch

Step:
1. install ocp3.4
2. install docker-excluder and openshift-excluder on the hosts
3. preprae new repos and inventory file to add following variable
enable_excluders=false
4. run upgrade playbook

Result:
For rpm env, upgrade will stop and exit and both excluders will keep original version.
For container env, upgrade succeed with no excluders updated.

Jan
I have been waiting it coming to ON_QA for verification since it has been verified based PR[1]. However, I just verified it on latest 3.5 build. Change the status to verify.
Comment 12 errata-xmlrpc 2017-05-17 17:38:50 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:1244