Bug 1987845

Summary: OpenStack IPI on provider network enforces unnecessary quotas
Product: OpenShift Container Platform Reporter: Andrew Collins <ancollin>
Component: InstallerAssignee: Emilien Macchi <emacchi>
Installer sub component: OpenShift on OpenStack QA Contact: Udi Shkalim <ushkalim>
Status: CLOSED ERRATA Docs Contact:
Severity: high    
Priority: high CC: emacchi, imatza, m.andre, pprinett, ushkalim
Version: 4.8Keywords: Triaged
Target Milestone: ---   
Target Release: 4.9.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-10-18 17:43:21 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1987848, 1988464    
Attachments:
Description Flags
openshift_install.log none

Description Andrew Collins 2021-07-29 16:31:40 UTC 
Created attachment 1808418 [details]
openshift_install.log

Thanks for opening a bug report!
Before hitting the button, please fill in as much of the template below as you can.
If you leave out information, it's harder to help you.
Be ready for follow-up questions, and please respond in a timely manner.
If we can't reproduce a bug we might close your issue.
If we're wrong, PLEASE feel free to reopen it and explain why.

Version:

$ openshift-install version
openshift-install 4.8.2
built from commit a5ddd2dd6c72d8a5ea0a5f17acd8b964b6a3d1be
release image quay.io/openshift-release-dev/ocp-release@sha256:0e82d17ababc79b10c10c5186920232810aeccbccf2a74c691487090a2c98ebc

Platform:

openstack with provider network

Please specify:
* IPI

What happened?

When I run openshift-install, quota validation fails when routers, networks, subnet quota of `1` is not met, even though these are not required when running with provider networks.

I tried to bypass the checks using the environment variable.
Installer recognizes the variable and prints the warning, but does not actually bypass the quota check.

```
[16:17:41 root@idev-rtp-05-controller ~ kubeconfig]# export OPENSHIFT_INSTALL_SKIP_PREFLIGHT_VALIDATIONS=1
[16:17:57 root@idev-rtp-05-controller ~ kubeconfig]#  openshift-install --dir ose4 create cluster
WARNING OVERRIDE: pre-flight validation disabled.    
INFO Credentials loaded from file "/root/clouds.yaml" 
INFO Consuming Install Config from target directory 
INFO Obtaining RHCOS image file from 'https://rhcos-redirector.apps.art.xq1c.p1.openshiftapps.com/art/storage/releases/rhcos-4.8/48.84.202106091622-0/x86_64/rhcos-48.84.202106091622-0-openstack.x86_64.qcow2.gz?sha256=2efc7539f200ffea150272523a9526ba393a9a0b8312b40031b13bfdeda36fde' 
INFO The file was found in cache: /root/.cache/openshift-installer/image_cache/rhcos-48.84.202106091622-0-openstack.x86_64.qcow2. Reusing... 
FATAL failed to fetch Cluster: failed to fetch dependency of "Cluster": failed to generate asset "Platform Quota Check": error(MissingQuota): Router is not available because the required number of resources (1) is more than the limit of 0, Subnet is not available because the required number of resources (1) is more than the limit of 0, Network is not available because the required number of resources (1) is more than the limit of 0 
```

What did you expect to happen?

I expect the installer to not require quota for resources that aren't used in the case of provider networks.
I expect the bypass flag to actually work and allow me to get around not having the quota required.

How to reproduce it (as minimally and precisely as possible)?

Have an openstack project with 0 quota allocated for Subnet, Router, and Network.
Run:
$ export OPENSHIFT_INSTALL_SKIP_PREFLIGHT_VALIDATIONS=1
$ openshift-install --dir ose4 create cluster
Comment 2 Martin André 2021-08-03 07:13:21 UTC 
*** Bug 1989279 has been marked as a duplicate of this bug. ***
Comment 15 Itay Matza 2021-08-16 13:57:44 UTC 
Verified on openshift-install version:
openshift-install 4.9.0-0.nightly-2021-08-14-065522
built from commit c7d810f497d0c6c3ad22e5c14f873a70b0586231
release image registry.ci.openshift.org/ocp/release@sha256:7a464d200ac371e3a6b66474fe99aec72a10db26f46929b315431b34c69fd95b



>(shiftstack) [stack@undercloud-0 ~]$ grep type install-config.yaml
>  type: "Kuryr"
>(shiftstack) [stack@undercloud-0 ~]$ cp install-config.yaml ostest/
>(shiftstack) [stack@undercloud-0 ~]$ openstack port list
>+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------+--------+
>| ID                                   | Name | MAC Address       | Fixed IP Addresses                                                          | Status |
>+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------+--------+
>| d987c298-e577-48e1-8b8c-fe43266f8d09 |      | fa:16:3e:35:4b:6c | ip_address='10.46.43.160', subnet_id='d8ebee7b-5b7d-4bed-86e4-931114752f67' | DOWN   |
>+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------+--------+
>(shiftstack) [stack@undercloud-0 ~]$ openstack network list
>+--------------------------------------+-------------------+--------------------------------------+
>| ID                                   | Name              | Subnets                              |
>+--------------------------------------+-------------------+--------------------------------------+
>| d5a36010-f67c-4d7c-896f-d33c931381b6 | provider-net-flat | d8ebee7b-5b7d-4bed-86e4-931114752f67 |
>+--------------------------------------+-------------------+--------------------------------------+
>(shiftstack) [stack@undercloud-0 ~]$ openshift-install create cluster --dir ostest/
>INFO Credentials loaded from file "/home/stack/clouds.yaml"
>INFO Consuming Install Config from target directory
>INFO Obtaining RHCOS image file from 'https://releases-art-rhcos.svc.ci.openshift.org/art/storage/releases/rhcos-4.9/49.84.202107010027-0/x86_64/rhcos-49.84.202107010027-0-openstack.x86_64.qcow2.gz?>sha256=00cb56c8711686255744646394e22a8ca5f27e059016f6758f14388e5a0a14cb'
>INFO The file was found in cache: /home/stack/.cache/openshift-installer/image_cache/rhcos-49.84.202107010027-0-openstack.x86_64.qcow2. Reusing...
>WARNING Following quotas Network, SecurityGroup, SecurityGroupRule, RAM, Port, Subnet, Router are available but will be completely used pretty soon.
>INFO Creating infrastructure resources...
Comment 18 errata-xmlrpc 2021-10-18 17:43:21 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:3759