Bug 2050767

Summary: Vsphere upi tries to access vsphere during manifests generation phase
Product: OpenShift Container Platform Reporter: Yuri Obshansky <yobshans>
Component: InstallerAssignee: Nobody <nobody>
Installer sub component: openshift-installer QA Contact: jima
Status: CLOSED ERRATA Docs Contact:
Severity: medium    
Priority: medium CC: padillon, rbost, rfreiman
Version: 4.10   
Target Milestone: ---   
Target Release: 4.11.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: on vsphere validation was added to check for the existence of a network during creation of configuration files Consequence: upi or other installation methods which may provision infrastructure after config file generation received an error Fix: move validation to only be done when creating a cluster with IPI Result: UPI and other install methods can generate config files with networks that do not exist yet
 Story Points: ---
Clone Of: Environment:
Last Closed: 2022-08-10 10:47:24 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2050801    

Description Yuri Obshansky 2022-02-04 15:33:31 UTC 
Thanks for opening a bug report!
Before hitting the button, please fill in as much of the template below as you can.
If you leave out information, it's harder to help you.
Be ready for follow-up questions, and please respond in a timely manner.
If we can't reproduce a bug we might close your issue.
If we're wrong, PLEASE feel free to reopen it and explain why.

Version:

$ openshift-install version
4.10.0-rc.0

Platform:

#Please specify the platform type: aws, libvirt, openstack or baremetal etc.
VMware vSphere 

Please specify:
UPI (semi-manual installation on customized infrastructure)

What happened?
Cannot install Openshift cluster using Assisted Service cloud solution.
https://qaprodauth.cloud.redhat.com/openshift/assisted-installer/clusters

The procedure stacked on error "2/3/2022, 5:09:01 PM warning Failed to prepare the installation due to an unexpected error: failed generating install config for cluster d3feaa8a-d855-4ca8-a0c8-5b3127535210: error running openshift-install manifests, level=fatal msg=failed to fetch Master Machines: failed to load asset "Install Config": platform.vsphere: Internal error: unable to connect to vCenter vcenterplaceholder.: Post "https://vcenterplaceholder/sdk": dial tcp: lookup vcenterplaceholder on 10.120.0.10:53: no such host : exit status 1. Please retry later"

More details Jira ticket  https://issues.redhat.com/browse/MGMT-9170

# Always at least include the `.openshift_install.log`

What did you expect to happen?

#Enter text here.

How to reproduce it (as minimally and precisely as possible)?

$ your-commands-here

Anything else we need to know?

#Enter text here.
Comment 1 Yuri Obshansky 2022-02-04 15:39:27 UTC 
Works well with 4.9.* 

Probably it is related to 
https://github.com/openshift/installer/blob/release-4.10/pkg/asset/installconfig/vsphere/validation.go#L29-L32

Slack discussion 
https://coreos.slack.com/archives/CH06KMDRV/p1643926906572139
Comment 2 Yuri Obshansky 2022-02-04 15:40:38 UTC 
Validation behavior has been changed from 4.9 to 4.10
Comment 3 Matthew Staebler 2022-02-04 16:18:25 UTC 
I am lowering the severity of this. The installer does not support using an install-config.yaml with invalid values for the vCenter.
Comment 7 jima 2022-02-08 06:37:20 UTC 
Reproduced the issue on 4.10.0-0.nightly-2022-02-07-162517.
Set invalid vCenter in install-config.yaml, then run command:
$ ./openshift-install create manifests --dir upi            
FATAL failed to fetch Master Machines: failed to load asset "Install Config": platform.vsphere: Internal error: unable to connect to vCenter vcenter1.sddc.vmwarevmc.com.: Post "https://vcenter1.sddc.vmwarevmc.com/sdk": dial tcp: lookup vcenter1.sddc-44-236-21-251.vmwarevmc.com on 10.0.0.2:53: no such host


Verified on 4.11.0-0.nightly-2022-02-07-154612.
Set valid vCenter in install-config.yaml, then run command:
$ ./openshift-install create manifests --dir upi/               
INFO Consuming Install Config from target directory          
WARNING Making control-plane schedulable by setting MastersSchedulable to true for Scheduler cluster settings     
INFO Manifests created in: upi/manifests and upi/openshift 

$ ./openshift-install create ignition-configs --dir upi
INFO Consuming Master Machines from target directory 
INFO Consuming Worker Machines from target directory 
INFO Consuming Openshift Manifests from target directory 
INFO Consuming OpenShift Install (Manifests) from target directory 
INFO Consuming Common Manifests from target directory 
INFO Ignition-Configs created in: upi and upi/auth 

Also checked that invalid network checking still works well during provisioning infrastructure for IPI installation.
$ ./openshift-install create cluster --dir ipi
INFO Consuming Worker Ignition Config from target directory 
INFO Consuming Master Ignition Config from target directory 
INFO Consuming Bootstrap Ignition Config from target directory 
FATAL failed to fetch Terraform Variables: failed to fetch dependency of "Terraform Variables": failed to generate asset "Platform Provisioning Check": platform.vsphere.network: Invalid value: "qe-segment11": unable to find network provided
Comment 8 Yuri Obshansky 2022-03-01 15:17:02 UTC 
The issue successfully verified on 4.10.0-rc.6
The bug can be closed
Comment 15 errata-xmlrpc 2022-08-10 10:47:24 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:5069