Bug 1702623
Summary: | Upgrade RHEL node failed due to incorrect nodename | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Weihua Meng <wmeng> |
Component: | Installer | Assignee: | Russell Teague <rteague> |
Installer sub component: | openshift-ansible | QA Contact: | Weihua Meng <wmeng> |
Status: | CLOSED ERRATA | Docs Contact: | |
Severity: | high | ||
Priority: | high | CC: | gpei, rteague |
Version: | 4.1.0 | ||
Target Milestone: | --- | ||
Target Release: | 4.1.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | No Doc Update | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-06-04 10:47:56 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Weihua Meng
2019-04-24 09:48:25 UTC
The Ansible inventory should be created with host names that the cluster knows about. Do not use public DNS host names for Ansible host names. if not public DNS host names, then ansible host may not connect to them. fatal: [ip-172-31-29-93.ap-northeast-1.compute.internal]: UNREACHABLE! => { "changed": false, "msg": "SSH Error: data could not be sent to remote host \"ip-172-31-29-93.ap-northeast-1.compute.internal\". Make sure this host can be reached over ssh", "unreachable": true Ensure hosts are resolvable/reachable from the Ansible control machine. One option to ensure access is to set up an ssh bastion host. An example can be found here, https://github.com/eparis/ssh-bastion. Ansible can be configured to use the ssh bastion host by setting this var in host_vars or group_vars --- ansible_ssh_common_args: "-o ProxyCommand=\"ssh -o IdentityFile='/path/to/libra.pem' -o StrictHostKeyChecking=no -W %h:%p -q <username>@<ssh_bastion_hostname>\"" The bastion works well for ansible-playbook in such case. With ansible_ssh_common_args set in ansible inventory file, playbooks/upgrade.yml finished successfully, the RHEL workers is working well after upgrade. ansible_ssh_common_args="-o ProxyCommand=\"ssh -o IdentityFile='/path/to/libra.pem' -o StrictHostKeyChecking=no -W %h:%p -q core@<bastion_hostname>\"" One more thing want to confirm is: When we want to upgrade a 4.1 cluster with RHEL76&RHCOS workers to a newer version manually, should we run the "playbooks/upgrade.yml" playbook against RHEL workers before or after the cluster upgrade(oc adm upgrade) ? Thanks. RHEL workers should be upgraded after the cluster is upgraded. The RHEL upgrade playbook installs the latest package version available for cri-o, openshift-clients and openshift-hyperkube but pulls images based on the cluster version. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0758 |