Bug 1576349 - OCP installer pulls various RPM dependencies unnecessarily.
Summary: OCP installer pulls various RPM dependencies unnecessarily.
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 3.10.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 3.11.z
Assignee: Russell Teague
QA Contact: Johnny Liu
Whiteboard: aos-scalability-310
: 1580282 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2018-05-09 09:07 UTC by Jiří Mencák
Modified: 2019-09-06 13:15 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2019-09-05 20:32:23 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description Jiří Mencák 2018-05-09 09:07:15 UTC
Description of problem:

OCP installer pulls various RPM packages unnecessarily.  This may cause problems in large scale deployments, when multiple OCP nodes are trying to pull RPM packages from the same repository at the same time and often unnecessarily.

Version-Release number of the following components:
$ oc version
oc v3.10.0-0.37.0
kubernetes v1.10.0+b81c8f8
features: Basic-Auth GSSAPI Kerberos SPNEGO

openshift v3.10.0-0.37.0
kubernetes v1.10.0+b81c8f8

$ git describe

How reproducible:

Steps to Reproduce:
1. Install OCP 3.10 and with "os_firewall_use_firewalld=false" with no firewalld package installed on soon-to-become OCP nodes.
2. Watch firewalld rpm package being installed by the installer even though it was "os_firewall_use_firewalld=false"

Actual results:
$ rpm -q firewalld         

Expected results:
$ rpm -q firewalld
package firewalld is not installed

Additional info:
It is not only firewalld, but haproxy on non-LB nodes and other packages which are not strictly needed.  See: https://github.com/openshift/openshift-ansible/blob/master/roles/openshift_node/defaults/main.yml#L120

Comment 1 Scott Dodson 2018-05-09 12:45:54 UTC
Moving to 3.10.z unless there's signs that this actually breaks anything. I agree that we need to clean this up.

Comment 2 Scott Dodson 2018-08-02 20:17:51 UTC
This happens because we've moved all node associated packages into a static list that doesn't take into consideration a lot of optional components.

Thinking more about this, if you've setup a mirror infrastructure that cannot handle the load of your nodes installing 20 something packages I feel like that's a problem that should be addressed. The majority of the packages are actually mandatory so I'm not sure shaving off a handful of them makes a meaningful difference.

For 4.0, we should make sure to pare everything down to a minimal set. There's at least a few packages in the list that are planned to be deprecated in 4.0.

at least


Comment 3 Scott Dodson 2018-08-02 20:18:30 UTC
*** Bug 1580282 has been marked as a duplicate of this bug. ***

Comment 4 Russell Teague 2018-11-19 20:51:57 UTC
There appear to be no active cases related to this bug. As such we're closing this bug in order to focus on bugs that are still tied to active customer cases. Please re-open this bug if you feel it was closed in error or a new active case is attached.

Note You need to log in before you can comment on or make changes to this bug.