1476320 – Docker configured and checked on non-Docker hosts when containerized=true

Bug 1476320 - Docker configured and checked on non-Docker hosts when containerized=true

Summary: Docker configured and checked on non-Docker hosts when containerized=true

Keywords:
Status:	CLOSED DUPLICATE of bug 1429371
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Installer
Sub Component:
Version:	3.6.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	3.7.0
Assignee:	Scott Dodson
QA Contact:	Johnny Liu
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-07-28 15:38 UTC by Luke Meyer
Modified:	2017-08-10 13:35 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-08-10 13:35:47 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Luke Meyer 2017-07-28 15:38:11 UTC

Description of problem:
When a user sets "containerized=true" globally in their inventory it is applied even to host types for which we have no containerized components or any business installing Docker on via this installer: nfs / glusterfs / lb hosts. Docker is installed and the Docker checks run and report problems.

Version-Release number of the following components:
openshift3/ose-ansible:v3.6 installer image

Steps to Reproduce:
1. Create an inventory with containerized=true and some nfs/lb/glusterfs hosts.
2. Run the pre-install checks e.g.
docker run -u `id -u`
-v $HOME/.ssh/id_rsa:/opt/app-root/src/.ssh/id_rsa:Z,ro
-v /etc/ansible/hosts:/tmp/inventory:ro
-e INVENTORY_FILE=/tmp/inventory
-e PLAYBOOK_FILE=playbooks/byo/openshift-checks/pre-install.yml
openshift3/ose-ansible:v3.6
3. See output and rpm -q docker on the hosts

Actual results:
Failure summary:

1. Host: <nfs host>
Play: Verify Requirements
Task: openshift_health_check
Message: One or more checks failed
Details: check "docker_storage":
Use of loopback devices with the Docker devicemapper storage driver
(the default storage configuration) is unsupported in production.
Please use docker-storage-setup to configure a backing storage volume.
See http://red.ht/2rNperO for further information.
# rpm -q docker
docker-1.12.6-...

Expected results:
Should not have anything to do or say about Docker on these hosts, even though they are marked containerized.

Additional info:
The obvious workaround is to update the inventory so these hosts are not set to containerized. If "containerized=true" is set globally in the [OSEv3:vars] section it can easily be overridden with an entry per-host.

Logic at https://github.com/openshift/openshift-ansible/blob/167117dc280e4448b76ac95868ca33f527383d20/roles/openshift_version/meta/main.yml#L17-L18 could be refined to include the docker role only on hosts we know could actually need Docker, regardless of what containerized says. Alternately, the logic for setting openshift.common.is_containerized could be modified. Or the docker role could exempt itself when not invoked on whitelisted host groups.

Health check logic at https://github.com/openshift/openshift-ansible/blob/167117dc280e4448b76ac95868ca33f527383d20/roles/openshift_health_checker/openshift_checks/mixins.py#L28-L30 could be similarly modified.

Note You need to log in before you can comment on or make changes to this bug.