Bug 1468424

Summary: NO_PROXY should not be set if they're not specified
Product: OpenShift Container Platform Reporter: Gan Huang <ghuang>
Component: InstallerAssignee: Tim Bielawa <tbielawa>
Status: CLOSED ERRATA QA Contact: Gan Huang <ghuang>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.6.0CC: aos-bugs, jokerman, mmccomas, myllynen
Target Milestone: ---Keywords: Regression
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: NO_PROXY setting logic was incorrectly indented in the openshift-ansible facts module Consequence: NO_PROXY settings were ALWAYS generated and added to service config files Fix: The logic indentation was moved into the correct conditional Result: The NO_PROXY parameter is only generated if a user defines the openshift_no_proxy inventory variable now
 Story Points: ---
Clone Of: Environment:
Last Closed: 2017-08-10 05:29:50 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Gan Huang 2017-07-07 04:07:08 UTC 
Description of problem:
Trigger 3.6 OCP cluster, it resulted in that NO_PROXY was set mistakenly in /etc/sysconfig/docker, actually we didn't set proxy related variables in inventory hosts file.

Version-Release number of the following components:
openshift-ansible-3.6.136-1.git.0.ac6bb62.el7.noarch.rpm"

How reproducible:
always

Steps to Reproduce:
1.Trigger 3.6 installation without proxy variables set


Actual results:
# egrep '^HTTP_PROXY|^HTTPS_PROXY|^NO_PROXY' /etc/sysconfig/docker /etc/sysconfig/atomic-openshift-node

/etc/sysconfig/docker:NO_PROXY='.cluster.local,.svc,qe-cl-auto-dgwp-node-zone1-primary-1'

Expected results:
We shouldn't set the no_proxy if we don't set it in inventory host file.

Additional info:
<--snip-->
TASK [openshift_facts : Gather Cluster facts and set is_containerized if needed] ***
Thursday 06 July 2017  15:39:49 +0000 (0:00:00.835)       0:00:29.254 ********* 
changed: [qe-cl-auto-dgwp-master-etcd-zone2-1.0706-5vc.qe.rhcloud.com] => {
    "ansible_facts": {
        "openshift": {
            "common": {
                "admin_binary": "oadm", 
                "all_hostnames": [
                    "35.184.199.63", 
                    "qe-cl-auto-dgwp-master-etcd-zone2-1", 
                    "10.240.0.8", 
                    "qe-cl-auto-dgwp-master-etcd-zone2-1.0706-5vc.qe.rhcloud.com"
                ], 
                "cli_image": "openshift3/ose", 
                "client_binary": "oc", 
                "cluster_id": "default", 
                "config_base": "/etc/origin", 
                "data_dir": "/var/lib/origin", 
                "debug_level": "2", 
                "deployer_image": "openshift3/ose-deployer", 
                "deployment_subtype": "basic", 
                "deployment_type": "openshift-enterprise", 
                "dns_domain": "cluster.local", 
                "etcd_runtime": "host", 
                "examples_content_version": "v3.6", 
                "generate_no_proxy_hosts": true, 
                "hostname": "qe-cl-auto-dgwp-master-etcd-zone2-1", 
                "install_examples": true, 
                "installed_variant_rpms": [], 
                "internal_hostnames": [
                    "qe-cl-auto-dgwp-master-etcd-zone2-1", 
                    "10.240.0.8"
                ], 
                "ip": "10.240.0.8", 
                "is_atomic": false, 
                "is_containerized": false, 
                "is_etcd_system_container": false, 
                "is_master_system_container": false, 
                "is_node_system_container": false, 
                "is_openvswitch_system_container": false, 
                "kube_svc_ip": "172.31.0.1", 
                "no_proxy": ".cluster.local,.svc,qe-cl-auto-dgwp-master-etcd-zone2-1", 

<--snip-->
Comment 1 Scott Dodson 2017-07-07 12:53:34 UTC 
Under the assumption that this actually causes problems installing we'll treat this as a blocker.
Comment 3 Gan Huang 2017-07-11 09:19:33 UTC 
Tested with openshift-ansible-3.6.140-1.git.0.4a02427.el7.noarch.rpm

Master sysconfig still had the no proxy settings:

#cat inventory_hosts
<--snip-->
osm_cluster_network_cidr=11.0.0.0/16
osm_host_subnet_length=8
openshift_master_portal_net=172.31.0.0/16
<--snip-->

[root@qe-cl-auto-jyej-master-etcd-zone2-1 ~]# egrep '^HTTP_PROXY|^HTTPS_PROXY|^NO_PROXY' /etc/sysconfig/docker /etc/sysconfig/atomic-openshift-master
/etc/sysconfig/atomic-openshift-master:NO_PROXY=,172.31.0.0/16,11.0.0.0/16

[root@qe-cl-auto-jyej-master-etcd-zone2-1 ~]# egrep '^HTTP_PROXY|^HTTPS_PROXY|^NO_PROXY' /etc/sysconfig/docker /etc/sysconfig/atomic-openshift-master-api 
/etc/sysconfig/atomic-openshift-master-api:NO_PROXY=,172.31.0.0/16,11.0.0.0/16

[root@qe-cl-auto-jyej-master-etcd-zone2-1 ~]# egrep '^HTTP_PROXY|^HTTPS_PROXY|^NO_PROXY' /etc/sysconfig/docker /etc/sysconfig/atomic-openshift-master-controllers
/etc/sysconfig/atomic-openshift-master-controllers:NO_PROXY=,172.31.0.0/16,11.0.0.0/16
Comment 4 Tim Bielawa 2017-07-17 14:43:09 UTC 
Working on this again in https://github.com/openshift/openshift-ansible/pull/4762
Comment 5 Scott Dodson 2017-07-20 13:45:32 UTC 
https://github.com/openshift/openshift-ansible/pull/4794
Comment 6 Scott Dodson 2017-07-21 13:56:34 UTC 
More changes merged.
Comment 7 Gan Huang 2017-07-24 09:33:12 UTC 
Verified with openshift-ansible-3.6.165-1.git.0.fd7125e.el7.noarch.rpm
Comment 9 errata-xmlrpc 2017-08-10 05:29:50 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1716