Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 1564499 - ASB configuration for default openshift-ansible installation setting improper values
Summary: ASB configuration for default openshift-ansible installation setting improper...
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 3.9.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 3.9.z
Assignee: Dylan Murray
QA Contact: Zhang Cheng
Depends On:
TreeView+ depends on / blocked
Reported: 2018-04-06 13:12 UTC by Dylan Murray
Modified: 2018-09-06 18:13 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Last Closed: 2018-09-06 18:13:14 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description Dylan Murray 2018-04-06 13:12:44 UTC
Description of problem:
Running a default installation of OpenShift Ansible Broker will bring up a deployment of the broker with a configmap that has two problems:
1. openshift.namespace is not being set
2. Default imagePullPolicy of APB sandbox is "ifNotPresent"

Problem 1 causes the broker filter secrets work to fail. openshift.namespace should be set to `openshift-ansible-service-broker`. Problem 2 causes the APB development cycle to use stale images when working on a multi-tenant environment. This is because nodes may have an older version of the image when a newer one is pushed to the internal registry.

Version-Release number of the following components:
rpm -q openshift-ansible: master branch
rpm -q ansible: ansible-
ansible --version:
  config file = /git/openshift-ansible/ansible.cfg
  configured module search path = [u'/home/dymurray/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.14 (default, Mar 14 2018, 13:36:31) [GCC 7.3.1 20180303 (Red Hat 7.3.1-5)]

How reproducible:

Steps to Reproduce:
1. Add a valid secret to the broker configmap and redeploy the broker
2. Observe an error in the logs showing the broker looking in namespace "" for the secret.
3. Use `apb push` on a multi-tenant environment and observe APB deployments of stale images

Actual results:
`apb push` doesn't work as intended and broker secret filter functionality is broken after install.

Expected results:
These functions work properly.

Comment 2 openshift-github-bot 2018-04-06 21:12:06 UTC
Commit pushed to master at https://github.com/openshift/openshift-ansible

Merge pull request #7807 from dymurray/brokename

Bug 1564499 - ASB usability improvements

Comment 4 Zhang Cheng 2018-06-14 03:20:32 UTC
No relate code changes both in 3.9.31 and latest 3.9.32

PR https://github.com/openshift/openshift-ansible/pull/7807 is for OCP3.10

Furthermore, I set up a ocp cluster with openshift-ansible 3.9.31.

Actual Test results:
1. openshift.namespace is being set "openshift-ansible-service-broker" by default.
      host: ""
      ca_file: ""
      bearer_token_file: ""
      namespace: openshift-ansible-service-broker

2. Default imagePullPolicy of APB sandbox still is "ifNotPresent".

Comment 7 Scott Dodson 2018-08-16 14:44:16 UTC
The PR referenced in comment #5 has merged and was included in openshift-ansible-3.9.40-1 which is the latest errata for 3.9.

We should verify that this bug is fixed and once verified move it to CLOSED ERRATA.

Comment 8 Zhang Cheng 2018-08-17 06:17:11 UTC
Verified and Passed with openshift-ansible-3.9.40-1

# oc get po -o yaml | grep imagePullPolicy -n rh-mediawiki-apb-prov-zzk25
      imagePullPolicy: Always

Note You need to log in before you can comment on or make changes to this bug.