Bug 1667618
| Summary: | Running example other certificate expiration playbooks are failed due to missing "openshift_is_atomic" | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Daein Park <dapark> |
| Component: | Installer | Assignee: | Scott Dodson <sdodson> |
| Installer sub component: | openshift-ansible | QA Contact: | Gaoyun Pei <gpei> |
| Status: | CLOSED ERRATA | Docs Contact: | |
| Severity: | medium | ||
| Priority: | unspecified | ||
| Version: | 3.11.0 | ||
| Target Milestone: | --- | ||
| Target Release: | 3.11.z | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
Certain certificate expiry check playbooks did not call properly initialization functions resulting in an error. Those playbooks have been updated to avoid this problem.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-02-20 14:11:02 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Verify this bug with openshift-ansible-3.11.82-1.git.0.f29227a.el7.noarch.rpm Verified the following playbooks under playbooks/openshift-checks/certificate_expiry/ all work well now default.yaml easy-mode.yaml longer_warning_period.yaml html_and_json_default_paths.yaml longer-warning-period-json-results.yaml Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0326 |
Description of problem: All the example other certificate expiration playbooks[0] are failed due to missing "openshift_is_atomic" fact as follows. - related error messages ~~~ fatal: [master1.example.com]: FAILED! => {"msg": "The conditional check 'not openshift_is_atomic | bool' failed. The error was: error while evaluating conditional (not openshift_is_atomic | bool): 'openshift_is_atomic' is undefined\n\nThe error appears to have been in '/usr/share/ansible/openshift-ansible/roles/openshift_certificate_expiry/tasks/main.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: Ensure python dateutil library is present\n ^ here\n"} ~~~ - Related Bugzilla: Certificate expiry checks fail when `openshift_is_atomic` is undefined [https://bugzilla.redhat.com/show_bug.cgi?id=1655183] [0] OTHER EXAMPLE PLAYBOOKS [https://docs.openshift.com/container-platform/3.11/install_config/redeploying_certificates.html#install-config-cert-expiry-running-playbooks] ~~~ - default.yaml Produces the default behavior of the openshift_certificate_expiry role. - html_and_json_default_paths.yaml Generates HTML and JSON artifacts in their default paths. - longer_warning_period.yaml Changes the expiration warning window to 1500 days. - longer-warning-period-json-results.yaml Changes the expiration warning window to 1500 days and saves the results as a JSON file. ~~~ Version-Release number of the following components: rpm -q openshift-ansible openshift-ansible-3.11.59-1.git.0.ba8e948.el7.noarch rpm -q ansible ansible-2.6.5-1.el7ae.noarch ansible --version ansible 2.6.5 config file = /usr/share/ansible/openshift-ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, May 31 2018, 09:41:32) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)] How reproducible: You can always reproduce to run the all following playbooks. # ansible-playbook -i init_inventory playbooks/openshift-checks/certificate_expiry/default.yaml # ansible-playbook -i init_inventory playbooks/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml # ansible-playbook -i init_inventory playbooks/openshift-checks/certificate_expiry/longer_warning_period.yaml # ansible-playbook -i init_inventory playbooks/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml Steps to Reproduce: 1. 2. 3. Actual results: Please include the entire output from the last TASK line through the end of output if an error is generated * default.yaml ~~~ root@master # ansible-playbook -i init_inventory playbooks/openshift-checks/certificate_expiry/default.yaml PLAY [Check cert expirys] *********************************************************************************************************************** TASK [Gathering Facts] ************************************************************************************************************************** Saturday 19 January 2019 10:47:36 +0900 (0:00:00.179) 0:00:00.179 ****** ok: [master1.example.com] TASK [openshift_certificate_expiry : Ensure python dateutil library is present] ***************************************************************** Saturday 19 January 2019 10:47:39 +0900 (0:00:03.534) 0:00:03.714 ****** fatal: [master1.example.com]: FAILED! => {"msg": "The conditional check 'not openshift_is_atomic | bool' failed. The error was: error while evaluating conditional (not openshift_is_atomic | bool): 'openshift_is_atomic' is undefined\n\nThe error appears to have been in '/usr/share/ansible/openshift-ansible/roles/openshift_certificate_expiry/tasks/main.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: Ensure python dateutil library is present\n ^ here\n"} PLAY RECAP ************************************************************************************************************************************** master1.example.com : ok=1 changed=0 unreachable=0 failed=1 Saturday 19 January 2019 10:47:39 +0900 (0:00:00.050) 0:00:03.764 ****** =============================================================================== Gathering Facts -------------------------------------------------------------------------------------------------------------------------- 3.54s openshift_certificate_expiry : Ensure python dateutil library is present ----------------------------------------------------------------- 0.05s ~~~ * html_and_json_default_paths.yaml ~~~ root@master # ansible-playbook -i init_inventory playbooks/openshift-checks/certificate_expiry/html_and_json_default_paths.yaml PLAY [Check cert expirys] *********************************************************************************************************************** TASK [openshift_certificate_expiry : Ensure python dateutil library is present] ***************************************************************** Saturday 19 January 2019 10:48:18 +0900 (0:00:00.301) 0:00:00.301 ****** fatal: [master1.example.com]: FAILED! => {"msg": "The conditional check 'not openshift_is_atomic | bool' failed. The error was: error while evaluating conditional (not openshift_is_atomic | bool): 'openshift_is_atomic' is undefined\n\nThe error appears to have been in '/usr/share/ansible/openshift-ansible/roles/openshift_certificate_expiry/tasks/main.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: Ensure python dateutil library is present\n ^ here\n"} PLAY RECAP ************************************************************************************************************************************** master1.example.com : ok=0 changed=0 unreachable=0 failed=1 Saturday 19 January 2019 10:48:18 +0900 (0:00:00.043) 0:00:00.345 ****** =============================================================================== openshift_certificate_expiry : Ensure python dateutil library is present ----------------------------------------------------------------- 0.04s ~~~ * longer_warning_period.yaml ~~~ root@master # ansible-playbook -i init_inventory playbooks/openshift-checks/certificate_expiry/longer_warning_period.yaml PLAY [Check cert expirys] *********************************************************************************************************************** TASK [openshift_certificate_expiry : Ensure python dateutil library is present] ***************************************************************** Saturday 19 January 2019 10:49:24 +0900 (0:00:00.250) 0:00:00.250 ****** fatal: [master1.example.com]: FAILED! => {"msg": "The conditional check 'not openshift_is_atomic | bool' failed. The error was: error while evaluating conditional (not openshift_is_atomic | bool): 'openshift_is_atomic' is undefined\n\nThe error appears to have been in '/usr/share/ansible/openshift-ansible/roles/openshift_certificate_expiry/tasks/main.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: Ensure python dateutil library is present\n ^ here\n"} PLAY RECAP ************************************************************************************************************************************** master1.example.com : ok=0 changed=0 unreachable=0 failed=1 Saturday 19 January 2019 10:49:24 +0900 (0:00:00.047) 0:00:00.297 ****** =============================================================================== openshift_certificate_expiry : Ensure python dateutil library is present ----------------------------------------------------------------- 0.05s ~~~ * longer-warning-period-json-results.yaml ~~~ root@master # ansible-playbook -i init_inventory playbooks/openshift-checks/certificate_expiry/longer-warning-period-json-results.yaml PLAY [Check cert expirys] *********************************************************************************************************************** TASK [openshift_certificate_expiry : Ensure python dateutil library is present] ***************************************************************** Saturday 19 January 2019 10:49:46 +0900 (0:00:00.250) 0:00:00.250 ****** fatal: [master1.example.com]: FAILED! => {"msg": "The conditional check 'not openshift_is_atomic | bool' failed. The error was: error while evaluating conditional (not openshift_is_atomic | bool): 'openshift_is_atomic' is undefined\n\nThe error appears to have been in '/usr/share/ansible/openshift-ansible/roles/openshift_certificate_expiry/tasks/main.yml': line 2, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n---\n- name: Ensure python dateutil library is present\n ^ here\n"} PLAY RECAP ************************************************************************************************************************************** master1.example.com : ok=0 changed=0 unreachable=0 failed=1 Saturday 19 January 2019 10:49:46 +0900 (0:00:00.042) 0:00:00.292 ****** =============================================================================== openshift_certificate_expiry : Ensure python dateutil library is present ----------------------------------------------------------------- 0.04s ~~~ Expected results: Generating all the reports successfully after running the related playbools. Additional info: Please attach logs from ansible-playbook with the -vvv flag