Bug 1563376
Summary: | [3.7] Updating etcd does not update the etcd config with new variables | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Russell Teague <rteague> |
Component: | Installer | Assignee: | Russell Teague <rteague> |
Status: | CLOSED ERRATA | QA Contact: | Gaoyun Pei <gpei> |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | 3.7.0 | CC: | aos-bugs, bleanhar, gsapienz, jialiu, jokerman, mmccomas, nnosenzo, openshift-bugs-escalate, rhowe |
Target Milestone: | --- | ||
Target Release: | 3.7.z | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
In certain cases, an existing etcd installation may not have updated configuration variables causing services to fail. This ensures the etcd.conf file is verified during upgrades to ensure all variables are set as expected.
|
Story Points: | --- |
Clone Of: | 1529575 | Environment: | |
Last Closed: | 2018-06-27 07:59:12 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1529575 | ||
Bug Blocks: | 1563375 |
Description
Russell Teague
2018-04-03 18:53:20 UTC
New release-3.7 PR: https://github.com/openshift/openshift-ansible/pull/7780 Commit is in build openshift-ansible-3.7.43-1.git.0.176ff8d.el7 Prepare an openshift v3.6.173.0.21 cluster with etcd-3.1.9-2 using openshift-ansible-3.6.173.0.21-2.git.0.44a4038.el7.noarch.rpm, which still has the deprecated etcd options: "ETCD_CA_FILE", "ETCD_PEER_CA_FILE" in etcd conf. Run 3.6 -> 3.7 upgrade using openshift-ansible-3.7.44-1.git.0.dbb912c.el7.noarch. ansible-playbook -i host/host /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_7/upgrade.yml After upgrade finished, check etcd status. [root@ip-172-18-3-39 ~]# ETCDCTL_API=3 etcdctl --cert /etc/etcd/peer.crt --key /etc/etcd/peer.key --cacert /etc/etcd/ca.crt --endpoints https://`hostname`:2379 -w table endpoint status +------------------------------------------+------------------+---------+---------+-----------+-----------+------------+ | ENDPOINT | ID | VERSION | DB SIZE | IS LEADER | RAFT TERM | RAFT INDEX | +------------------------------------------+------------------+---------+---------+-----------+-----------+------------+ | https://ip-172-18-3-39.ec2.internal:2379 | cd8fe9e886d1558e | 3.2.15 | 11 MB | true | 3 | 12152 | +------------------------------------------+------------------+---------+---------+-----------+-----------+------------+ [root@ip-172-18-3-39 ~]# rpm -q etcd etcd-3.2.15-2.el7.x86_64 2. Check etcd conf file, it's the same as fresh 3.7 install. The following values added: ETCD_QUOTA_BACKEND_BYTES=4294967296 ETCD_CLIENT_CERT_AUTH="true" ETCD_PEER_CLIENT_CERT_AUTH="true" ETCD_TRUSTED_CA_FILE=/etc/etcd/ca.crt ETCD_PEER_TRUSTED_CA_FILE=/etc/etcd/ca.crt The following removed: ETCD_CA_FILE ETCD_PEER_CA_FILE [root@ip-172-18-3-39 ~]# diff /etc/etcd/etcd.conf /etc/etcd/etcd.conf_back 27a28 > ETCD_CA_FILE=/etc/etcd/ca.crt 29a31 > ETCD_PEER_CA_FILE=/etc/etcd/ca.crt 34,38d35 < ETCD_QUOTA_BACKEND_BYTES=4294967296 < ETCD_CLIENT_CERT_AUTH="true" < ETCD_PEER_CLIENT_CERT_AUTH="true" < ETCD_TRUSTED_CA_FILE=/etc/etcd/ca.crt < ETCD_PEER_TRUSTED_CA_FILE=/etc/etcd/ca.crt 3. Create and delete project [root@ip-172-18-12-110 ~]# oc new-project test1 Now using project "test1" on server "https://ip-172-18-12-110.ec2.internal:8443". You can add applications to this project with the 'new-app' command. For example, try: oc new-app centos/ruby-22-centos7~https://github.com/openshift/ruby-ex.git to build a new example application in Ruby. [root@ip-172-18-12-110 ~]# oc delete project test1 project "test1" deleted Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:2009 |