Bug 1576001 - Openshift-on-OpenStack playbook support for external_svc_net param in kuryr-config cm
Summary: Openshift-on-OpenStack playbook support for external_svc_net param in kuryr-c...
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 3.10.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 3.10.0
Assignee: Luis Tomas Bolivar
QA Contact: Jon Uriarte
Depends On:
TreeView+ depends on / blocked
Reported: 2018-05-08 14:01 UTC by Jon Uriarte
Modified: 2018-07-30 19:15 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: Public subnet ID is not by default accesible by OSP tenants Consequence: Retrieving this information may fail (unless enabled at policy.json) and thus kuryr.conf will miss information needed for creating services of LoadBalancer type Fix: Kuryr added support not to need public subnet ID but just public network ID, which is accesible by OSP tenants by default. It has been added support at openshift-ansible to pass this information instead of subnet ID. Result: Kuryr.conf is properly configured at kuryr-controller and services of LoadBalancer type can get floating ips from the public network to the OpenStack LoadBalancers VIPs
Clone Of:
Last Closed: 2018-07-30 19:14:54 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift openshift-ansible pull 8319 0 None closed Switch from public subnet id to network id at kuryr 2020-07-21 10:53:24 UTC
Red Hat Product Errata RHBA-2018:1816 0 None None None 2018-07-30 19:15:17 UTC

Description Jon Uriarte 2018-05-08 14:01:33 UTC
Description of problem:

After https://bugzilla.redhat.com/show_bug.cgi?id=1546106 has been fixed, support in Openshift-on-OpenStack playbook is required for setting external_svc_net param with the external network ID instead of external_svc_subnet param, in kuryr-config configmap.
The playbook is not failing, but it is setting external_svc_subnet instead of

Version-Release number of the following components:

rpm -q openshift-ansible

rpm -q ansible

ansible --version
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/cloud-user/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Feb  9 2018, 09:51:13) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]

How reproducible: Always

Steps to Reproduce:
1. Deploy openshift on openstack
2. Check kuryr-config cm
   oc -n openshift-infra edit cm kuryr-config

Actual results:
 external_svc_subnet = <external subnet ID>

Expected results:
 external_svc_net = <external network ID>

Comment 3 Jon Uriarte 2018-05-17 14:34:48 UTC
Verified in openshift-ansible-3.10.0-0.46.0.git.0.85c3afd.el7.noarch and openshift-ansible-playbooks-3.10.0-0.46.0.git.0.85c3afd.el7.noarch.

Verification steps:
1. Run Openshift-on-Openstack playbook setting the kuryr_openstack_public_net_id:
  kuryr_openstack_public_net_id: dbba197f-d28e-49be-9905-fde1fa67cd52

2. Check the parameter in kuryr-config:
[openshift@master-0 ~]$ oc -n openshift-infra get cm kuryr-config -o yaml | grep external                                                                                                                         
    external_svc_net = dbba197f-d28e-49be-9905-fde1fa67cd52

3. Check project/dc/service creation

4. Run Openshift-on-Openstack playbook setting the kuryr_openstack_public_subnet_id and kuryr_openstack_public_net_id:
  kuryr_openstack_public_subnet_id: cdbd1855-0b23-4ddc-8186-e10a963156b8
  kuryr_openstack_public_net_id: dbba197f-d28e-49be-9905-fde1fa67cd52

5. Check the parameters in kuryr-config:
[openshift@master-0 ~]$ oc -n openshift-infra get cm kuryr-config -o yaml | grep external
    external_svc_net = dbba197f-d28e-49be-9905-fde1fa67cd52
    external_svc_subnet = cdbd1855-0b23-4ddc-8186-e10a963156b8

6. Check project/dc/service creation

Comment 5 errata-xmlrpc 2018-07-30 19:14:54 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.