Bug 1486956

Summary: Add conntrack-tools as a dependency during OpenShift installation
Product: OpenShift Container Platform Reporter: Bryan Yount <byount>
Component: NetworkingAssignee: Dan Winship <danw>
Status: CLOSED DUPLICATE QA Contact: Meng Bo <bmeng>
Severity: high Docs Contact:
Priority: unspecified    
Version: 3.4.1CC: aos-bugs, bbennett, bperkins, byount, danw, jokerman, mmccomas, rhowe, sdodson
Target Milestone: ---   
Target Release: 3.7.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-10-05 18:12:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Bryan Yount 2017-08-30 21:37:59 UTC 
Description of problem:
We need conntrack-tools for the OpenShift node proxy. This needs to be checked or installed during the OpenShift Ansible install. The node fails to flush the conntrack table if this is not installed.

https://github.com/openshift/openshift-ansible/tree/master/roles/openshift_node

How reproducible:
Very

Actual results:
Installed OpenShift. Conntrack-tools package was not installed.

Expected results:
conntrack-tools package should be installed during an OpenShift install.

Additional info:
This was discovered by Dan Winship on a call with the customer.
Comment 1 Scott Dodson 2017-08-30 21:51:30 UTC 
We already do https://github.com/openshift/openshift-ansible/blob/release-1.4/roles/openshift_node/tasks/main.yml#L63-L67

This code has been there since openshift-ansible-3.4.64-1

What's the history of the cluster and which version of openshift-ansible was used to install the cluster?
Comment 2 Bryan Yount 2017-08-30 22:21:57 UTC 
(In reply to Scott Dodson from comment #1)
> This code has been there since openshift-ansible-3.4.64-1
> 
> What's the history of the cluster and which version of openshift-ansible was
> used to install the cluster?

Customer reports "the nodes were upgraded from 3.3 to 3.4, then to 3.5." So, shouldn't the 3.5 installer have caught this?
Comment 3 Ryan Howe 2017-08-30 22:35:54 UTC 
Since this is now added in 3.4+ installs clusters that installed 3.3 and upgraded need to be checked for this package. 

We should add this in the upgrade playbooks.
Comment 5 Dan Winship 2017-09-13 14:08:44 UTC 
It seems like we should also make the node RPM have "Requires: conntrack-tools". Right?
Comment 6 Scott Dodson 2017-09-13 20:30:29 UTC 
(In reply to Dan Winship from comment #5)
> It seems like we should also make the node RPM have "Requires:
> conntrack-tools". Right?

Yeah I agree.
Comment 7 Scott Dodson 2017-09-13 20:32:18 UTC 
Actually, that's a more appropriate original fix for the problem. That would ensure that it's installed when upgrading (assuming it's backported to 3.4). Should I move this to networking and you can facilitate that in origin repo?
Comment 8 Dan Winship 2017-09-13 22:21:45 UTC 
Done
Comment 9 Dan Winship 2017-09-16 14:38:26 UTC 
included in https://github.com/openshift/origin/pull/16328
Comment 10 Ben Bennett 2017-10-05 18:12:08 UTC 

*** This bug has been marked as a duplicate of bug 1487438 ***