Bug 1709608
| Summary: | OCP 3.11 on OpenStack 13 does not populate /etc/resolv.conf properly with Neutron internal DNS enabled | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | jliberma <jliberma> |
| Component: | Networking | Assignee: | Dan Mace <dmace> |
| Networking sub component: | DNS | QA Contact: | Hongan Li <hongli> |
| Status: | CLOSED WONTFIX | Docs Contact: | |
| Severity: | unspecified | ||
| Priority: | unspecified | CC: | aos-bugs |
| Version: | 3.11.0 | ||
| Target Milestone: | --- | ||
| Target Release: | 3.11.z | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-10-11 01:47:24 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Description of problem: The "search" field in the resolv.conf is not populated properly when Neutron internal DNS is enabled. Version-Release number of selected component (if applicable): openshift-ansible-3.11.98-1.git.0.3cfa7c3.el7.noarch How reproducible: Every time Steps to Reproduce: 1.Deploy OSP 13 with: parameter_defaults: NeutronDnsDomain: "example.local." NeutronPluginExtensions: "qos,port_security,dns_domain_ports" NeutronDhcpAgentDnsmasqDnsServers: 192.168.122.252 ControllerExtraConfig: neutron::agents::dhcp::dhcp_domain: "example.local" nova::network::neutron::dhcp_domain: "example.local" 2.Deploy OCP 3.11 with: all.yml: openshift_openstack_clusterid: "openshift" openshift_openstack_public_dns_domain: "example.io" openshift_openstack_fqdn_nodes: false openshift_openstack_dns_nameservers: [] ... openshift_openstack_external_nsupdate_keys: public: key_secret: "CbcFgFrlT2u5XGer+8Qaq+LuHTqVs6heBLBZR6iSbXU=" key_name: "public-openshift.example.io" key_algorithm: "HMAC-SHA256" server: "192.168.122.252" 3. Install fails with CSR errors Actual results: 2019-05-13 18:26:18,806 p=14844 u=cloud-user | Failure summary: 1. Hosts: master-1 Play: Approve any pending CSR requests from inventory nodes Task: Approve node certificates when bootstrapping Message: Could not find csr for nodes: master-0, master-2 Expected results: Install completes successfully Additional info: The search field in resolv.conf no longer includes the openstack DNS domain name after install.yml is run. No DNS queries work except local hostname. If you add the original domain back to the search field on resolv.conf all queries work. I believe this causes the remote CSRs to fail approval.