Bug 974497
| Summary: | On fresh all-on-one OpenShift Origin installation, oo-diagnostics reports errors | |||
|---|---|---|---|---|
| Product: | OKD | Reporter: | Jan Pazdziora (Red Hat) <jpazdziora> | |
| Component: | Pod | Assignee: | Luke Meyer <lmeyer> | |
| Status: | CLOSED WONTFIX | QA Contact: | libra bugs <libra-bugs> | |
| Severity: | unspecified | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 2.x | CC: | jpazdziora, lmeyer, nmone, pruan | |
| Target Milestone: | --- | |||
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | Bug Fix | ||
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1007752 (view as bug list) | Environment: | ||
| Last Closed: | 2017-05-31 18:22:11 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1007752 | |||
|
Description
Jan Pazdziora (Red Hat)
2013-06-14 09:41:36 UTC
oo-diagnostics probably also needs some adjustment for Origin; I don't think it's been kept up to date. Some of these problems may be improved. I have a card in for working on this: https://trello.com/c/PQjvrZDN/8-oo-accept-and-oo-diagnostics-on-origin Note that while oo-diagnostics should run without ERROR/FAIL don't expect it to be totally without WARNINGs out of the box. There are some things the install won't do for you. Hi Luke,
Here's the output from the latest origin image from kraman.
[root@broker-ba8f ~]# oo-diagnostics
WARN: test_node_profiles_districts_from_broker
The following gear profile(s) are configured but not provided by node hosts:
medium
Attempts to create apps using these gear profiles will fail.
Please fix the settings in /etc/openshift/broker.conf or add node hosts accordingly.
WARN: test_node_profiles_districts_from_broker
No districts are defined. Districts should be used in any production installation.
Please consult the Administration Guide.
FAIL: run_script
oo-accept-broker had errors:
--BEGIN OUTPUT--
NOTICE: SELinux is Enforcing
NOTICE: SELinux is Enforcing
FAIL: SELinux boolean httpd_unified is disabled -- run setsebool -P httpd_unified=on
FAIL: service iptables not enabled;
FAIL: service iptables not running
FAIL: Datastore Password has been left configured as the default 'mooo'
-- please reconfigure and ensure the DB user's password matches.
FAIL: Datastore Password has been left configured as the default 'mooo'
-- please reconfigure and ensure the DB user's password matches.
NOTICE: unknown dns class: OpenShift::AvahiPlugin
5 ERRORS
--END oo-accept-broker OUTPUT--
FAIL: run_script
oo-accept-node had errors:
--BEGIN OUTPUT--
FAIL: selinux boolean allow_polyinstantiation should be on
FAIL: Could not get SELinux context for mcollective
FAIL: Could not get SELinux context for oddjobd
3 ERRORS
--END oo-accept-node OUTPUT--
WARN: test_vhost_servernames
The VirtualHost defined by default in /etc/httpd/conf.d/ssl.conf is not needed
and can cause spurious warnings. Please remove it by running this command:
sed -i '/VirtualHost/,/VirtualHost/ d' /etc/httpd/conf.d/ssl.conf
WARN: test_altered_package_owned_configs
RPM package owned configuration files have been altered:
/etc/yum.repos.d/jenkins.repo.rpmnew
Ensure any package-owned configuration files which have been
altered are accurate. This may require a manual merge of
your previous alterations. Once you are comfortable with the merge,
remove the reported .rpm* configuration file (or you will continue
to see this warning each time you run the diagnostic test).
FAIL: test_mcollective_context
Mcollectived is not running in the expected SELinux context, which
may result in node execution failures. Please check that the correct
context is set on /usr/sbin/mcollectived and that the correct SELinux
policies are loaded.
Expected: system_r:openshift_initrc_t:s0-s0:c0.c1023
Found: unconfined_r:unconfined_t:s0-s0:c0.c1023
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
ls: cannot access /var/www/openshift/console/httpd/conf.d/*auth*.conf: No such file or directory
WARN: rescue in test_broker_certificate
There was an error verifying the Broker SSL cert: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
5 WARNINGS
3 ERRORS
Today on Fedora 19, the oo-diagnostics reports:
oo-diagnostics is /usr/sbin/oo-diagnostics
INFO: loading list of installed packages
INFO: OpenShift broker installed.
INFO: OpenShift node installed.
/usr/share/gems/gems/psych-2.0.0/lib/psych.rb:98: warning: already initialized constant Psych::VERSION
/usr/share/ruby/vendor_ruby/psych.rb:98: warning: previous definition of VERSION was here
/usr/share/gems/gems/psych-2.0.0/lib/psych.rb:101: warning: already initialized constant Psych::LIBYAML_VERSION
/usr/share/ruby/vendor_ruby/psych.rb:101: warning: previous definition of LIBYAML_VERSION was here
INFO: running: prereq_dns_server_available
INFO: checking that the first server in /etc/resolv.conf responds
INFO: running: test_enterprise_rpms
INFO: skipping test_enterprise_rpms
INFO: running: test_selinux_policy_rpm
INFO: running: test_selinux_enabled
INFO: running: test_broker_cache_permissions
INFO: broker application cache permissions appear fine
INFO: running: test_node_profiles_districts_from_broker
INFO: checking node profiles via MCollective
INFO: profile for broker.example.com: small
[33mWARN: test_node_profiles_districts_from_broker
The following gear profile(s) are configured but not provided by node hosts:
medium
Attempts to create apps using these gear profiles will fail.
Please fix the settings in /etc/openshift/broker.conf or add node hosts accordingly.
[0m
[33mWARN: test_node_profiles_districts_from_broker
No districts are defined. Districts should be used in any production installation.
Please consult the Administration Guide.
[0m
INFO: skipping test_node_profiles_districts_from_broker
INFO: running: test_broker_accept_scripts
INFO: running oo-accept-broker
MARK-LWD-LOOP -- 2013-12-10 04:57:15 --
[31mFAIL: run_script
oo-accept-broker had errors:
--BEGIN OUTPUT--
NOTICE: SELinux is Enforcing
NOTICE: SELinux is Enforcing
FAIL: service iptables not running
1 ERRORS
--END oo-accept-broker OUTPUT--[0m
INFO: running oo-accept-systems -w 1.0
INFO: oo-accept-systems -w 1.0 ran without error:
--BEGIN OUTPUT--
PASS
--END oo-accept-systems -w 1.0 OUTPUT--
INFO: running: test_node_accept_scripts
INFO: running oo-accept-node
[31mFAIL: run_script
oo-accept-node had errors:
--BEGIN OUTPUT--
FAIL: service cgconfig not running
FAIL: Could not get SELinux context for mcollective
FAIL: Could not get SELinux context for oddjobd
3 ERRORS
--END oo-accept-node OUTPUT--[0m
INFO: running: test_broker_httpd_error_log
INFO: running: test_broker_passenger_ps
INFO: checking the broker application process tree
INFO: running: test_for_nonrpm_rubygems
INFO: skipping test_for_nonrpm_rubygems
INFO: running: test_for_multiple_gem_versions
INFO: checking for presence of gem-installed rubygems
INFO: running: test_node_httpd_error_log
INFO: running: test_node_containerization_plugin
INFO: running: test_node_mco_log
INFO: running: test_pam_openshift
INFO: running: test_services_enabled
INFO: checking that required services are running now
[31mFAIL: test_services_enabled
The following service(s) are not currently started:
network, openshift-iptables-port-proxy, cgconfig
These services are required for OpenShift functionality.
[0m
INFO: checking that required services are enabled at boot
[31mFAIL: test_services_enabled
The following service(s) are not started at boot time:
network, cgconfig, cgred
These services are required for OpenShift functionality.
Please ensure that they start at boot.
[0m
INFO: running: test_node_quota_bug
INFO: skipping test_node_quota_bug
INFO: running: test_vhost_servernames
INFO: checking for vhost interference problems
[33mWARN: test_vhost_servernames
The VirtualHost defined by default in /etc/httpd/conf.d/ssl.conf is not needed
and can cause spurious warnings. Please remove it by running this command:
sed -i '/VirtualHost/,/VirtualHost/ d' /etc/httpd/conf.d/ssl.conf
[0m
INFO: running: test_altered_package_owned_configs
[33mWARN: test_altered_package_owned_configs
The mlocate package is not installed. mlocate is not a required runtime package; however,
you may install mlocate to enable further diagnostics checking.
[0m
INFO: running: test_broken_httpd_version
INFO: running: test_usergroups_enabled
INFO: running: test_mcollective_context
INFO: running: test_mcollective_bad_facts
INFO: running: test_auth_conf_files
INFO: running: test_broker_certificate
[33mWARN: test_broker_certificate
Using a self-signed certificate for the broker[0m
grep: /etc/httpd/conf.d/openshift: Is a directory
[33mWARN: block (2 levels) in test_broker_certificate
/etc/httpd/conf.d/000002_openshift_origin_broker_servername.conf
defines ServerName as localhost. This does not match the certificate common name of
*.example.com.
This can cause errors when client tools try to connect to the broker.
[0m
INFO: running: test_abrt_addon_python
INFO: running: test_node_frontend_clash
INFO: running: test_yum_configuration
[33m6 WARNINGS[0m
[31m4 ERRORS[0m
We apologize, however, we do not plan to address this report at this time. The majority of our active development is for the v3 version of OpenShift. If you would like for Red Hat to reconsider this decision, please reach out to your support representative. We are very sorry for any inconvenience this may cause. |