Bug 1570517

Summary: [3.9.z] Install failed when firewalld used
Product: OpenShift Container Platform Reporter: Weihua Meng <wmeng>
Component: InstallerAssignee: Jeremiah Stuever <jstuever>
Status: CLOSED ERRATA QA Contact: Weihua Meng <wmeng>
Severity: high Docs Contact:
Priority: high    
Version: 3.9.0CC: aos-bugs, jokerman, jstuever, mmccomas, szobair, vrutkovs
Target Milestone: ---Keywords: Regression
Target Release: 3.9.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-12-13 19:26:59 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Weihua Meng 2018-04-23 06:54:10 UTC 
Description of problem:
[3.9.z] Install failed when firewalld used
the released v3.9.14 does not have such issue.

Version-Release number of the following components:
openshift-ansible-3.9.24-1.git.0.d0289ea.el7

How reproducible:
Always

Steps to Reproduce:
1. Install OCP 3.9 with firewalld enabled
os_firewall_use_firewalld=true

Actual results:
Job failed
TASK [openshift_node : Add firewalld allow rules] ******************************
Monday 23 April 2018  00:44:11 -0400 (0:00:00.055)       0:09:05.986 ********** 
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: AttributeError: 'AnsibleModule' object has no attribute 'fail'
failed: [wmengrpm39fw-master-etcd-1.0423-2kn.qe.rhcloud.com] (item={u'port': u'10250/tcp', u'service': u'Kubernetes kubelet'}) => {"changed": false, "failed": true, "item": {"port": "10250/tcp", "service": "Kubernetes kubelet"}, "module_stderr": "Traceback (most recent call last):\n  File \"/tmp/ansible_A0odsd/ansible_module_firewalld.py\", line 936, in <module>\n    main()\n  File \"/tmp/ansible_A0odsd/ansible_module_firewalld.py\", line 788, in main\n    module.fail(msg='firewall is not currently running, unable to perform immediate actions without a running firewall daemon')\nAttributeError: 'AnsibleModule' object has no attribute 'fail'\n", "module_stdout": "", "msg": "MODULE FAILURE", "rc": 1}

Expected results:
Install succeeds
Comment 2 Jeremiah Stuever 2018-11-14 18:27:10 UTC 
PR https://github.com/openshift/openshift-ansible/pull/8160

Available in openshift-ansible-3.9.27-1
Comment 3 Weihua Meng 2018-11-19 03:05:33 UTC 
Fixed.

openshift-ansible-3.9.53-1.git.0.c8db613.el7.noarch

Kernel Version: 3.10.0-957.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.6 (Maipo)
Comment 6 errata-xmlrpc 2018-12-13 19:26:59 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:3748