Bug 1496707

Summary: atomic-openshift-node unit file should configure container-engine dependence instead of docker while enabling node and docker system container
Product: OpenShift Container Platform Reporter: Gan Huang <ghuang>
Component: InstallerAssignee: Steve Milner <smilner>
Status: CLOSED ERRATA QA Contact: Gan Huang <ghuang>
Severity: high Docs Contact:
Priority: high    
Version: 3.7.0CC: aos-bugs, gpei, gscrivan, jokerman, mmccomas
Target Milestone: ---Keywords: TestBlocker
Target Release: 3.7.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: The node unit file was fetched from node image which was hard coded to configure docker as the dependency. Consequence: If container-engine was used the node unit would fail or misbehave. Fix: The system container now takes in the container runtime service name. Result: The system container node and container engine work as expected when used together.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2017-11-28 22:13:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Gan Huang 2017-09-28 07:48:43 UTC 
Description of problem:
atomic-openshift-node service failed to start while enabling node and docker system container. The root cause is that the node unit file was fetched from node image which hard coded to configure docker as the dependence. Instead it should require container-engine while enabling docker system container.

Version-Release number of the following components:
openshift-ansible-3.7.0-0.128.0.git.0.89dcad2.el7.noarch.rpm

How reproducible:
always

Steps to Reproduce:
1. cat inventory_file:
<--snip-->
containerized=true
openshift_use_system_containers=true
system_images_registry=registry.xxx.openshift.com
openshift_docker_use_system_container=true
<--snip-->
2.
3.

Actual results:
# systemctl cat atomic-openshift-node
# /etc/systemd/system/atomic-openshift-node.service
[Unit]
After=docker.service
After=openvswitch.service
Wants=docker.service
After=atomic-openshift-node-dep.service
After=atomic-openshift-master.service
Requires=dnsmasq.service
After=dnsmasq.service

[Service]
Type=notify
EnvironmentFile=/etc/sysconfig/atomic-openshift-node
EnvironmentFile=/etc/sysconfig/atomic-openshift-node-dep

ExecStartPre=/usr/bin/cp /etc/origin/node/node-dnsmasq.conf /etc/dnsmasq.d/
ExecStartPre=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:/in-addr.arpa/127.0.0.1,
ExecStopPost=/usr/bin/rm /etc/dnsmasq.d/node-dnsmasq.conf
ExecStopPost=/usr/bin/dbus-send --system --dest=uk.org.thekelleys.dnsmasq /uk/org/thekelleys/dnsmasq uk.org.thekelleys.SetDomainServers array:string:

ExecStartPre=/bin/bash -c 'export -p > /run/atomic-openshift-node-env'
ExecStart=/bin/runc --systemd-cgroup run 'atomic-openshift-node'
ExecStop=/bin/runc --systemd-cgroup kill 'atomic-openshift-node'
SyslogIdentifier=atomic-openshift-node
Restart=always
RestartSec=5s
WorkingDirectory=/var/lib/containers/atomic/atomic-openshift-node.0
RuntimeDirectory=atomic-openshift-node

[Install]
WantedBy=docker.service

Expected results:

Additional info:
node system container maybe work with rpm docker service or container-engine service, we need take the two situations into consideration when fxing this bug
Comment 2 Steve Milner 2017-09-29 16:26:57 UTC 
The issue was the service information was not being passed into the atomic install command.

PR: https://github.com/openshift/openshift-ansible/pull/5599
Comment 3 Steve Milner 2017-10-01 18:32:30 UTC 
Merged
Comment 4 Gan Huang 2017-10-09 09:57:53 UTC 
Verified with openshift-ansible-3.7.0-0.143.1.git.0.89248df.el7.noarch.rpm
Comment 8 errata-xmlrpc 2017-11-28 22:13:20 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:3188