Bug 1576349 - OCP installer pulls various RPM dependencies unnecessarily.
Summary: OCP installer pulls various RPM dependencies unnecessarily.
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 3.10.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 3.11.z
Assignee: Russell Teague
QA Contact: Johnny Liu
URL:
Whiteboard: aos-scalability-310
: 1580282 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-05-09 09:07 UTC by jmencak
Modified: 2019-09-06 13:15 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-09-05 20:32:23 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description jmencak 2018-05-09 09:07:15 UTC
Description of problem:

OCP installer pulls various RPM packages unnecessarily.  This may cause problems in large scale deployments, when multiple OCP nodes are trying to pull RPM packages from the same repository at the same time and often unnecessarily.

Version-Release number of the following components:
$ oc version
oc v3.10.0-0.37.0
kubernetes v1.10.0+b81c8f8
features: Basic-Auth GSSAPI Kerberos SPNEGO

Server https://172.16.113.4:8443
openshift v3.10.0-0.37.0
kubernetes v1.10.0+b81c8f8

$ git describe
openshift-ansible-3.10.0-0.37.0-14-g1be050a

How reproducible:
Always

Steps to Reproduce:
1. Install OCP 3.10 and with "os_firewall_use_firewalld=false" with no firewalld package installed on soon-to-become OCP nodes.
2. Watch firewalld rpm package being installed by the installer even though it was "os_firewall_use_firewalld=false"

Actual results:
$ rpm -q firewalld         
firewalld-0.4.4.4-14.el7.noarch

Expected results:
$ rpm -q firewalld
package firewalld is not installed

Additional info:
It is not only firewalld, but haproxy on non-LB nodes and other packages which are not strictly needed.  See: https://github.com/openshift/openshift-ansible/blob/master/roles/openshift_node/defaults/main.yml#L120

Comment 1 Scott Dodson 2018-05-09 12:45:54 UTC
Moving to 3.10.z unless there's signs that this actually breaks anything. I agree that we need to clean this up.

Comment 2 Scott Dodson 2018-08-02 20:17:51 UTC
This happens because we've moved all node associated packages into a static list that doesn't take into consideration a lot of optional components.

Thinking more about this, if you've setup a mirror infrastructure that cannot handle the load of your nodes installing 20 something packages I feel like that's a problem that should be addressed. The majority of the packages are actually mandatory so I'm not sure shaving off a handful of them makes a meaningful difference.

For 4.0, we should make sure to pare everything down to a minimal set. There's at least a few packages in the list that are planned to be deprecated in 4.0.

at least


dnsmasq
httpd-tools
cockpit-*

Comment 3 Scott Dodson 2018-08-02 20:18:30 UTC
*** Bug 1580282 has been marked as a duplicate of this bug. ***

Comment 4 Russell Teague 2018-11-19 20:51:57 UTC
There appear to be no active cases related to this bug. As such we're closing this bug in order to focus on bugs that are still tied to active customer cases. Please re-open this bug if you feel it was closed in error or a new active case is attached.


Note You need to log in before you can comment on or make changes to this bug.