Bug 1695856

Summary: Task failure restart docker while running redeploy-certificates
Product: OpenShift Container Platform Reporter: Joseph Callen <jcallen>
Component: InstallerAssignee: Joseph Callen <jcallen>
Installer sub component: openshift-ansible QA Contact: Gaoyun Pei <gpei>
Status: CLOSED ERRATA Docs Contact:
Severity: medium    
Priority: medium CC: gpei
Version: 3.11.0   
Target Milestone: ---   
Target Release: 3.11.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openshift-ansible-3.11.104-1.git.0.379a011.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1696413 (view as bug list) Environment:
Last Closed: 2019-06-06 02:00:29 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1696413    
Attachments:
Description Flags
ansible.log none

Description Joseph Callen 2019-04-03 19:45:38 UTC 
Created attachment 1551523 [details]
ansible.log

Description of problem:

When using cri-o on infra and compute nodes running `playbooks/redeploy-certificates.yml` fails while trying to restart docker when it is not installed on the node.

Version-Release number of the following components:



$ ansible --version
ansible 2.7.9

openshift-ansible - dc63ae8a3b1c018568720d7fe66324ecce2a7b91

How reproducible:

Steps to Reproduce:
1.
2.
3.

Actual results:
TASK [Restart docker] *************************************************************************************************************************************
task path: /var/home/jlcallen/Development/oa-testing/aws-c2/openshift-ansible/playbooks/openshift-node/private/restart.yml:11
Using module file /usr/lib/python3.7/site-packages/ansible/modules/system/systemd.py
<ec2-54-80-147-83.compute-1.amazonaws.com> ESTABLISH SSH CONNECTION FOR USER: ec2-user
<ec2-54-80-147-83.compute-1.amazonaws.com> SSH: EXEC ssh -o ControlMaster=auto -o ControlPersist=600s -o StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=ec2-user -o ConnectTimeout=30 -o
ControlPath=/var/home/jlcallen/.ansible/cp/%h-%r ec2-54-80-147-83.compute-1.amazonaws.com '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-ajwqxzmkclwksuuyupbtydpezevsatqt; /usr/bin/python'"'"'"'"'"'"'"'"' && sleep 0'"'"''
Escalation succeeded
<ec2-54-80-147-83.compute-1.amazonaws.com> (1, b'\n{"msg": "Could not find the requested service docker: host", "failed": true, "invocation": {"module_args": {"no_block": false, "force": null, "name": "docker", "enabled": null, "daemon_reload": false, "state": "restarted", "masked": null, "scope": null, "user":
 null}}}\n', b'')
<ec2-54-80-147-83.compute-1.amazonaws.com> Failed to connect to the host via ssh:
fatal: [ec2-54-80-147-83.compute-1.amazonaws.com]: FAILED! => {
    "attempts": 3,
    "changed": false,
    "invocation": {
        "module_args": {
            "daemon_reload": false,
            "enabled": null,
            "force": null,
            "masked": null,
            "name": "docker",
            "no_block": false,
            "scope": null,
            "state": "restarted",
            "user": null
        }
    },
    "msg": "Could not find the requested service docker: host"
}



Expected results:
The docker service is not restarted on nodes with it not installed.


Additional info:
Please attach logs from ansible-playbook with the -vvv flag
Comment 1 Joseph Callen 2019-04-03 20:20:55 UTC 
PR: https://github.com/openshift/openshift-ansible/pull/11456
Comment 3 Gaoyun Pei 2019-04-11 10:32:59 UTC 
Could reproduce this issue with openshift-ansible-3.11.102-1, when node installed as openshift_use_crio_only=true, no docker service provided.

Verified with openshift-ansible-3.11.104-1.git.0.379a011.el7, the issue was fixed.

PLAY [Restart nodes] **********************************************************************************************************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************************************************************************************************************
ok: [ec2-3-81-131-49.compute-1.amazonaws.com]

TASK [Restart docker] *********************************************************************************************************************************************************************************************
skipping: [ec2-3-81-131-49.compute-1.amazonaws.com] => {"changed": false, "skip_reason": "Conditional result was False"}
Comment 5 errata-xmlrpc 2019-06-06 02:00:29 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0794