Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1369573

Summary: Router deployment failing
Product: OpenShift Container Platform Reporter: Vikas Laad <vlaad>
Component: NetworkingAssignee: Ben Bennett <bbennett>
Networking sub component: router QA Contact: zhaozhanqi <zzhao>
Status: CLOSED DUPLICATE Docs Contact:
Severity: high    
Priority: unspecified CC: aos-bugs, eparis, pcameron
Version: 3.3.0   
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-08-23 21:55:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Vikas Laad 2016-08-23 19:44:25 UTC 
Description of problem:
Creating a new env using latest build fails router deployment with following error

  51s		51s		1	{kubelet ip-172-31-30-79.us-west-2.compute.internal}			Warning		FailedSync	Error syncing pod, skipping: timeout expired waiting for volumes to attach/mount for pod "router-2-byrgc"/"default". list of unattached/unmounted volumes=[server-certificate]


Version-Release number of selected component (if applicable):
openshift v3.3.0.24-dirty
kubernetes v1.3.0+507d3a7
etcd 2.3.0+git


How reproducible:
Always

Actual results:
Router deployment fails

Expected results:
Should show running router pod

Additional info:
root@ip-172-31-42-192: ~ # oc describe pod router-2-byrgc
Name:			router-2-byrgc
Namespace:		default
Security Policy:	hostnetwork
Node:			ip-172-31-30-79.us-west-2.compute.internal/172.31.30.79
Start Time:		Tue, 23 Aug 2016 14:59:43 -0400
Labels:			deployment=router-2
			deploymentconfig=router
			router=router
Status:			Pending
IP:			172.31.30.79
Controllers:		ReplicationController/router-2
Containers:
  router:
    Container ID:	
    Image:		registry.ops.openshift.com/openshift3/ose-haproxy-router:v3.3.0.24
    Image ID:		
    Ports:		80/TCP, 443/TCP, 1936/TCP
    Requests:
      cpu:		100m
      memory:		256Mi
    State:		Waiting
      Reason:		ContainerCreating
    Ready:		False
    Restart Count:	0
    Liveness:		http-get http://localhost:1936/healthz delay=10s timeout=1s period=10s #success=1 #failure=3
    Readiness:		http-get http://localhost:1936/healthz delay=10s timeout=1s period=10s #success=1 #failure=3
    Volume Mounts:
      /etc/pki/tls/private from server-certificate (ro)
      /var/run/secrets/kubernetes.io/serviceaccount from router-token-93w7h (ro)
    Environment Variables:
      DEFAULT_CERTIFICATE_DIR:			/etc/pki/tls/private
      ROUTER_EXTERNAL_HOST_HOSTNAME:		
      ROUTER_EXTERNAL_HOST_HTTPS_VSERVER:	
      ROUTER_EXTERNAL_HOST_HTTP_VSERVER:	
      ROUTER_EXTERNAL_HOST_INSECURE:		false
      ROUTER_EXTERNAL_HOST_PARTITION_PATH:	
      ROUTER_EXTERNAL_HOST_PASSWORD:		
      ROUTER_EXTERNAL_HOST_PRIVKEY:		/etc/secret-volume/router.pem
      ROUTER_EXTERNAL_HOST_USERNAME:		
      ROUTER_SERVICE_HTTPS_PORT:		443
      ROUTER_SERVICE_HTTP_PORT:			80
      ROUTER_SERVICE_NAME:			router
      ROUTER_SERVICE_NAMESPACE:			default
      ROUTER_SUBDOMAIN:				
      STATS_PASSWORD:				65oHy794Oh
      STATS_PORT:				1936
      STATS_USERNAME:				admin
Conditions:
  Type		Status
  Initialized 	True 
  Ready 	False 
  PodScheduled 	True 
Volumes:
  server-certificate:
    Type:	Secret (a volume populated by a Secret)
    SecretName:	router-certs
  router-token-93w7h:
    Type:	Secret (a volume populated by a Secret)
    SecretName:	router-token-93w7h
QoS Tier:	Burstable
Events:
  FirstSeen	LastSeen	Count	From							SubobjectPath	Type		Reason		Message
  ---------	--------	-----	----							-------------	--------	------		-------
  2m		2m		1	{default-scheduler }							Normal		Scheduled	Successfully assigned router-2-byrgc to ip-172-31-30-79.us-west-2.compute.internal
  51s		51s		1	{kubelet ip-172-31-30-79.us-west-2.compute.internal}			Warning		FailedMount	Unable to mount volumes for pod "router-2-byrgc_default(c06ea8e2-6963-11e6-b6b7-022f4946b0b5)": timeout expired waiting for volumes to attach/mount for pod "router-2-byrgc"/"default". list of unattached/unmounted volumes=[server-certificate]
  51s		51s		1	{kubelet ip-172-31-30-79.us-west-2.compute.internal}			Warning		FailedSync	Error syncing pod, skipping: timeout expired waiting for volumes to attach/mount for pod "router-2-byrgc"/"default". list of unattached/unmounted volumes=[server-certificate]
Comment 1 Vikas Laad 2016-08-23 19:50:16 UTC 
Raising the priority as its blocking the env creation completely.
Comment 2 Eric Paris 2016-08-23 20:13:16 UTC 
see https://bugzilla.redhat.com/show_bug.cgi?id=1349144#c19 for 'by hand' workaround. ansible issue for 'real fix'
Comment 3 Phil Cameron 2016-08-23 20:29:05 UTC 
That is assigned to abutcher (issue 2345)
Comment 4 Phil Cameron 2016-08-23 20:42:35 UTC 
As part of setting this up the stanza needs to added to master-config.yaml and to get the service annotation secrets to work the server-signer.{crt,key} needs to be created first. The user should be able to supply this crt/key.
Comment 5 Ben Bennett 2016-08-23 21:55:20 UTC 

*** This bug has been marked as a duplicate of bug 1349144 ***