Description of problem: docker role is run against a standalone nfs host, docker is installed and configured on this nfs host. This is wasting installation time and easy to introduce some other bugs. Version-Release number of the following components: openshift-ansible-3.7.0-0.134.0.git.0.6f43fc3.el7.noarch How reproducible: Always Steps to Reproduce: 1. Prepare inventory host file, and define a nfs host which does not take any other role 2. Trigger installation 3. Actual results: docker is installed on the standalone nfs host. Expected results: docker roles should not run against a standalone nfs host. Additional info: <--snip--> TASK [docker : Install Docker] ************************************************* changed: [ec2-34-207-180-112.compute-1.amazonaws.com] => {"changed": true, "msg": "", "rc": 0, "results": ["Loaded plugins: amazon-id, search-disabled- <--snip--> TASK [docker : Ensure docker.service.d directory exists] *********************** Friday 29 September 2017 06:54:33 +0000 (0:00:59.372) 0:03:56.495 ****** changed: [ec2-34-207-180-112.compute-1.amazonaws.com] => {"changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/systemd/system/docker.service.d", "secontext": "unconfined_u:object_r:systemd_unit_file_t:s0", "size": 6, "state": "directory", "uid": 0} changed: [ec2-54-161-162-99.compute-1.amazonaws.com] => {"changed": true, "gid": 0, "group": "root", "mode": "0755", "owner": "root", "path": "/etc/systemd/system/docker.service.d", "secontext": "unconfined_u:object_r:systemd_unit_file_t:s0", "size": 6, "state": "directory", "uid": 0} <--snip--> TASK [docker : Configure Docker service unit file] ***************************** Friday 29 September 2017 06:54:33 +0000 (0:00:00.255) 0:03:56.750 ****** changed: [ec2-34-207-180-112.compute-1.amazonaws.com] => {"changed": true, "checksum": "826958f3ca5903648a9f3b494969dc6b8a99b90f", "dest": "/etc/systemd/system/docker.service.d/custom.conf", "gid": 0, "group": "root", "md5sum": "c94bda9104b9b567fde4c38670fee3f2", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:container_unit_file_t:s0", "size": 72, "src": "/root/.ansible/tmp/ansible-tmp-1506668073.76-220295548213436/source", "state": "file", "uid": 0} changed: [ec2-54-161-162-99.compute-1.amazonaws.com] => {"changed": true, "checksum": "826958f3ca5903648a9f3b494969dc6b8a99b90f", "dest": "/etc/systemd/system/docker.service.d/custom.conf", "gid": 0, "group": "root", "md5sum": "c94bda9104b9b567fde4c38670fee3f2", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:container_unit_file_t:s0", "size": 72, "src": "/root/.ansible/tmp/ansible-tmp-1506668073.77-243753878149968/source", "state": "file", "uid": 0} <--snip--> TASK [docker : Comment old registry params in /etc/sysconfig/docker] *********** Friday 29 September 2017 06:54:34 +0000 (0:00:00.413) 0:03:58.157 ****** changed: [ec2-34-207-180-112.compute-1.amazonaws.com] => (item={u'reg_conf_var': u'ADD_REGISTRY'}) => {"backup": "", "changed": true, "item": {"reg_conf_var": "ADD_REGISTRY"}, "msg": "line added"} changed: [ec2-54-161-162-99.compute-1.amazonaws.com] => (item={u'reg_conf_var': u'ADD_REGISTRY'}) => {"backup": "", "changed": true, "item": {"reg_conf_var": "ADD_REGISTRY"}, "msg": "line added"} changed: [ec2-34-207-180-112.compute-1.amazonaws.com] => (item={u'reg_conf_var': u'BLOCK_REGISTRY'}) => {"backup": "", "changed": true, "item": {"reg_conf_var": "BLOCK_REGISTRY"}, "msg": "line added"} changed: [ec2-54-161-162-99.compute-1.amazonaws.com] => (item={u'reg_conf_var': u'BLOCK_REGISTRY'}) => {"backup": "", "changed": true, "item": {"reg_conf_var": "BLOCK_REGISTRY"}, "msg": "line added"} changed: [ec2-34-207-180-112.compute-1.amazonaws.com] => (item={u'reg_conf_var': u'INSECURE_REGISTRY'}) => {"backup": "", "changed": true, "item": {"reg_conf_var": "INSECURE_REGISTRY"}, "msg": "line added"} changed: [ec2-54-161-162-99.compute-1.amazonaws.com] => (item={u'reg_conf_var': u'INSECURE_REGISTRY'}) => {"backup": "", "changed": true, "item": {"reg_conf_var": "INSECURE_REGISTRY"}, "msg": "line added"} TASK [docker : Place additional/blocked/insecure registies in /etc/containers/registries.conf] *** Friday 29 September 2017 06:54:35 +0000 (0:00:00.643) 0:03:58.801 ****** changed: [ec2-34-207-180-112.compute-1.amazonaws.com] => {"changed": true, "checksum": "9ad6d5e65626c9e9d28792e41309e708605ca852", "dest": "/etc/containers/registries.conf", "gid": 0, "group": "root", "md5sum": "0cc566203d1e4c618902e48e2c677723", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:etc_t:s0", "size": 1170, "src": "/root/.ansible/tmp/ansible-tmp-1506668075.83-171289893544156/source", "state": "file", "uid": 0} changed: [ec2-54-161-162-99.compute-1.amazonaws.com] => {"changed": true, "checksum": "9ad6d5e65626c9e9d28792e41309e708605ca852", "dest": "/etc/containers/registries.conf", "gid": 0, "group": "root", "md5sum": "0cc566203d1e4c618902e48e2c677723", "mode": "0644", "owner": "root", "secontext": "system_u:object_r:etc_t:s0", "size": 1170, "src": "/root/.ansible/tmp/ansible-tmp-1506668075.85-1656278671845/source", "state": "file", "uid": 0}
@jialiu Can you paste the full output of the run? That will make it easier to figure out what role/dependency path is triggering docker.
Created attachment 1332570 [details] installation log
PR Created: https://github.com/openshift/openshift-ansible/pull/5636
BTW this is not new, ref https://bugzilla.redhat.com/show_bug.cgi?id=1429371 for v3.4 For the health checks in https://bugzilla.redhat.com/show_bug.cgi?id=1496760 it would be nice if one of these roles could define whether to expect docker running on the host so the checks know whether to run or not.
PR merged.
Verified this bug with openshift-ansible-3.7.0-0.148.0.git.0.b35eb14.el7.noarch, and PASS.
The testing env is a containerized install with global containerized=true in my inventory including 1 master + 1 node + 1 nfs.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2017:3188