Bug 1686266
Summary: | [3.9] Failed to mount iscsi on atomic host | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Liang Xia <lxia> |
Component: | Installer | Assignee: | Scott Dodson <sdodson> |
Status: | CLOSED ERRATA | QA Contact: | Johnny Liu <jialiu> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 3.9.0 | CC: | aos-bugs, aos-storage-staff, jokerman, jsafrane, mmccomas |
Target Milestone: | --- | ||
Target Release: | 3.9.z | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
The node system container did not properly mount /var/lib/iscsi rw, now it does avoiding problems mounting iscsi volumes.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-06-06 06:56:05 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1686336 | ||
Bug Blocks: |
Description
Liang Xia
2019-03-07 06:35:40 UTC
Related bug, https://bugzilla.redhat.com/show_bug.cgi?id=1598271 The issue exist on atomic host + system container, but does not exist on atomic host + docker container. I am not sure if it's installer or container runtime fault, please reassign as necessary. "/" is read-only in atomic-openshift-node container if it runs as system container (/usr/bin/runc --systemd-cgroup run 'atomic-openshift-node'). $ runc exec atomic-openshift-node sh (inside the container)$ mount /dev/mapper/rhel-root on / type xfs (ro,relatime,seclabel,attr2,inode64,noquota) (inside the container)$ touch /var/lib/iscsi/foo touch: cannot touch '/var/lib/iscsi/foo': Read-only file system iscsiadm requires at least /var/lib/iscsi to be writeable. When running atomic-openshift-node as docker container (=/usr/bin/docker run --name atomic-openshift-node ...), "/" is writeable there. This is just https://github.com/openshift/origin/pull/22289 needing to be back ported to 3.9, right? > This is just https://github.com/openshift/origin/pull/22289 needing to be back ported to 3.9, right?
Yes, that's it.
Verified the issue has been fixed. # oc version oc v3.9.77 kubernetes v1.9.1+a0ce1bc657 features: Basic-Auth GSSAPI Kerberos SPNEGO Server https://ip-172-18-10-24.ec2.internal:8443 openshift v3.9.77 kubernetes v1.9.1+a0ce1bc657 # oc describe pod iscsi-1-ultza -n ultza Name: iscsi-1-ultza Namespace: ultza Node: ip-172-18-4-22.ec2.internal/172.18.4.22 Start Time: Wed, 17 Apr 2019 03:42:38 -0400 Labels: <none> Annotations: openshift.io/scc=privileged Status: Running IP: 10.129.0.15 Containers: iscsi: Container ID: docker://f8b590498bd92e7a8ed8b158b06ab352061388ed110de12e6bb68289f1b98f57 Image: aosqe/hello-openshift Image ID: docker-pullable://docker.io/aosqe/hello-openshift@sha256:a2d509d3d5164f54a2406287405b2d114f952dca877cc465129f78afa858b31a Port: <none> State: Running Started: Wed, 17 Apr 2019 03:51:16 -0400 Ready: True Restart Count: 0 Environment: <none> Mounts: /mnt/iscsi from iscsi (rw) /var/run/secrets/kubernetes.io/serviceaccount from default-token-nqdzl (ro) Conditions: Type Status Initialized True Ready True PodScheduled True Volumes: iscsi: Type: ISCSI (an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod) TargetPortal: 172.30.235.169:3260 IQN: iqn.2016-04.test.com:storage.target00 Lun: 0 ISCSIInterface default FSType: ext4 ReadOnly: true Portals: [172.30.235.169:3260 172.30.87.244:3260] DiscoveryCHAPAuth: false SessionCHAPAuth: false SecretRef: <nil> InitiatorName: <none> default-token-nqdzl: Type: Secret (a volume populated by a Secret) SecretName: default-token-nqdzl Optional: false QoS Class: BestEffort Node-Selectors: node-role.kubernetes.io/compute=true Tolerations: <none> Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 9m default-scheduler Successfully assigned iscsi-1-ultza to ip-172-18-4-22.ec2.internal Normal SuccessfulMountVolume 9m kubelet, ip-172-18-4-22.ec2.internal MountVolume.SetUp succeeded for volume "default-token-nqdzl" Normal SuccessfulMountVolume 30s kubelet, ip-172-18-4-22.ec2.internal MountVolume.SetUp succeeded for volume "iscsi" Normal Pulling 27s kubelet, ip-172-18-4-22.ec2.internal pulling image "aosqe/hello-openshift" Normal Pulled 25s kubelet, ip-172-18-4-22.ec2.internal Successfully pulled image "aosqe/hello-openshift" Normal Created 25s kubelet, ip-172-18-4-22.ec2.internal Created container Normal Started 25s kubelet, ip-172-18-4-22.ec2.internal Started container Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0788 |