Bug 1510706
| Summary: | Installing OCP with ASB failed with latest openshift-ansible, 3.7.0-0.197.0 | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Weihua Meng <wmeng> |
| Component: | Service Broker | Assignee: | Fabian von Feilitzsch <fabian> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Weihua Meng <wmeng> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 3.7.0 | CC: | aos-bugs, chezhang, jmatthew, pweil, shurley |
| Target Milestone: | --- | Keywords: | Reopened |
| Target Release: | 3.7.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-11-10 21:01:33 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Comment 1
Zhang Cheng
2017-11-08 04:10:55 UTC
Reopen it since for better bug track. I do not think duplicate is approciate. to fix this bug, this file need to be modified https://github.com/openshift/openshift-ansible/blob/master/roles/ansible_service_broker/tasks/generate_certs.yml I think all tasks are expected to be executed, but actually not. details info here: TASK [ansible_service_broker : Create ansible-service-broker cert directory] *** Wednesday 08 November 2017 01:17:00 +0000 (0:00:00.039) 0:14:20.753 **** changed: [host-8-241-56.host.centralci.eng.rdu2.redhat.com] => {"changed": true, "failed": false, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/origin/ansible-service-broker", "secontext": "unconfined_u:object_r:etc_t:s0", "size": 6, "state": "directory", "uid": 0} TASK [ansible_service_broker : set_fact] *************************************** Wednesday 08 November 2017 01:17:00 +0000 (0:00:00.280) 0:14:21.034 **** ok: [host-8-241-56.host.centralci.eng.rdu2.redhat.com] => {"ansible_facts": {"ansible_service_broker_certs_dir": "/etc/origin/ansible-service-broker"}, "changed": false, "failed": false} TASK [ansible_service_broker : Create self signing ca cert] ******************** Wednesday 08 November 2017 01:17:00 +0000 (0:00:00.070) 0:14:21.105 **** skipping: [host-8-241-56.host.centralci.eng.rdu2.redhat.com] => {"changed": false, "skip_reason": "Conditional result was False", "skipped": true} TASK [ansible_service_broker : Create self signed client cert] ***************** Wednesday 08 November 2017 01:17:00 +0000 (0:00:00.039) 0:14:21.144 **** skipping: [host-8-241-56.host.centralci.eng.rdu2.redhat.com] => (item={u'creates': u'/etc/origin/ansible-service-broker/client.key', u'cmd': u'openssl genrsa -out /etc/origin/ansible-service-broker/client.key 2048'}) => {"changed": false, "item": {"cmd": "openssl genrsa -out /etc/origin/ansible-service-broker/client.key 2048", "creates": "/etc/origin/ansible-service-broker/client.key"}, "skip_reason": "Conditional result was False", "skipped": true} skipping: [host-8-241-56.host.centralci.eng.rdu2.redhat.com] => (item={u'creates': u'/etc/origin/ansible-service-broker/client.csr', u'cmd': u'openssl req -new -key /etc/origin/ansible-service-broker/client.key -out /etc/origin/ansible-service-broker/client.csr -subj "/CN=client"'}) => {"changed": false, "item": {"cmd": "openssl req -new -key /etc/origin/ansible-service-broker/client.key -out /etc/origin/ansible-service-broker/client.csr -subj \"/CN=client\"", "creates": "/etc/origin/ansible-service-broker/client.csr"}, "skip_reason": "Conditional result was False", "skipped": true} skipping: [host-8-241-56.host.centralci.eng.rdu2.redhat.com] => (item={u'creates': u'/etc/origin/ansible-service-broker/client.pem', u'cmd': u'openssl x509 -req -in /etc/origin/ansible-service-broker/client.csr -CA /etc/origin/ansible-service-broker/cert.pem -CAkey /etc/origin/ansible-service-broker/key.pem -CAcreateserial -out /etc/origin/ansible-service-broker/client.pem -days 1024'}) => {"changed": false, "item": {"cmd": "openssl x509 -req -in /etc/origin/ansible-service-broker/client.csr -CA /etc/origin/ansible-service-broker/cert.pem -CAkey /etc/origin/ansible-service-broker/key.pem -CAcreateserial -out /etc/origin/ansible-service-broker/client.pem -days 1024", "creates": "/etc/origin/ansible-service-broker/client.pem"}, "skip_reason": "Conditional result was False", "skipped": true} TASK [ansible_service_broker : set_fact] *************************************** Wednesday 08 November 2017 01:17:00 +0000 (0:00:00.078) 0:14:21.223 **** [WARNING]: Unable to find '/etc/origin/ansible-service-broker/client.pem' in expected paths. fatal: [host-8-241-56.host.centralci.eng.rdu2.redhat.com]: FAILED! => {"failed": true, "msg": "An unhandled exception occurred while running the lookup plugin 'file'. Error was a <class 'ansible.errors.AnsibleError'>, original message: could not locate file in lookup: /etc/origin/ansible-service-broker/client.pem"} to retry, use: --limit @/home/slave2/workspace/Launch Environment Flexy/private-openshift-ansible/playbooks/byo/config.retry This should be fixed by these two PRs: https://github.com/openshift/openshift-ansible/pull/6044 https://github.com/openshift/openshift-ansible/pull/6048 Both were merged yesterday. However, the install will still not be totally successful pending https://github.com/openshift/openshift-ansible/pull/6052 Images are ready for test. Moving to ON_QA status. Retested and verified with openshift-ansible-3.7.4-1 svc-catalog and asb can be deployed succeed. |