Hide Forgot
Description of problem: My customer needs cisco ACI integrated in the installer. This is merged in upstream: * 19f401159 (tag: openshift-ansible-3.11.112-1) Automatic commit of package [openshift-ansible] release [3.11.112-1]. [...] * | f444e84f0 Merge pull request #11568 from noironetworks/aci-release-3.11 |\ \ | * | 4340af6a3 Fix typo in Cisco ACI roles [...] * | c8656b0f4 Merge pull request #11507 from noironetworks/release-3.11 So the request is: 1- Create an RHBA for openshift-ansible 3.11.112-1 or newer so that we can track this from support 2- If possible, an ETA Version-Release number of the following components: openshift-ansible-3.11.112-1 How reproducible: N/A Steps to Reproduce: N/A Actual results: N/A Expected results: Additional info: The customer also requested the same for 3.10: https://bugzilla.redhat.com/show_bug.cgi?id=1708197 Curently their upgrade is blocked.
This feature is already merged but needs testing. openshift-ansible-3.11.112-1 and newer
this bug need the 'aci_deployment_yaml_file' when installing the cisco network cni. which need to use the 'acc-provision' tool to generate that.When I was trying to download the tool from cisco.com. it need 'Contract Number' or 'Product Serial Number'. So I do not have a way to download it. Assign this bug to reporter Juan Luis de Sousa-Valadas could you help verified this bug?
No, I can't because I don't have access either. I just got the requirement from a customer throguh the customer portal saying they need this. I'll assign it to Marc Curry to see if he can help. My understanding the partner, cisco, should do this. Copying the same messae for the 3.11 branch
No problem, I can send you the aci deployment file. Do you have ACI or are you using it without ACI. I was also told you need acc_provision utility, you can use pip to install it. We can get on a call if you need more clarification.
I dont thin you guys have access to an ACI cluster. The acc_provision will not help, acc_provision utility is the one that generates the deployment file it is not available on CCO. I am attaching the generated deployment file, but without ACI the CNI will not come up which means you will not be able to verify the deployment completely. We can also get on a webex where I can let you test it on our ACI cluster, we have everything ready to go in that case.
Created attachment 1581871 [details] Requested deployment file I dont thin you guys have access to an ACI cluster. The acc_provision will not help, acc_provision utility is the one that generates the deployment file it is not available on CCO. I am attaching the generated deployment file, but without ACI the CNI will not come up which means you will not be able to verify the deployment completely. We can also get on a webex where I can let you test it on our ACI cluster, we have everything ready to go in that case.
hi Mike: I'm not sure what's make above happen since I'm not familiar the Cisco CNI. but seems it's not related this bug according to the fixed PR #https://github.com/openshift/openshift-ansible/pull/11507. From the ansible logs: TASK [aci : Annotate namespace created] **************************************** task path: /home/slave3/workspace/Run-Ansible-Playbooks-Nextge/private-openshift-ansible/roles/aci/tasks/main.yml:25 Using module file /usr/lib/python2.7/site-packages/ansible/modules/commands/command.py <vm-10-0-76-240.hosted.upshift.rdu2.redhat.com> ESTABLISH SSH CONNECTION FOR USER: root <vm-10-0-76-240.hosted.upshift.rdu2.redhat.com> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/home/slave3/workspace/Run-Ansible-Playbooks-Nextge/private/config/keys/libra.pem"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 -o ControlPath=/home/slave3/.ansible/cp/%C vm-10-0-76-240.hosted.upshift.rdu2.redhat.com '/bin/sh -c '"'"'/usr/bin/python && sleep 0'"'"'' Using module file /usr/lib/python2.7/site-packages/ansible/modules/commands/command.py <vm-10-0-76-240.hosted.upshift.rdu2.redhat.com> ESTABLISH SSH CONNECTION FOR USER: root <vm-10-0-76-240.hosted.upshift.rdu2.redhat.com> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/home/slave3/workspace/Run-Ansible-Playbooks-Nextge/private/config/keys/libra.pem"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 -o ControlPath=/home/slave3/.ansible/cp/%C vm-10-0-76-240.hosted.upshift.rdu2.redhat.com '/bin/sh -c '"'"'/usr/bin/python && sleep 0'"'"'' Using module file /usr/lib/python2.7/site-packages/ansible/modules/commands/command.py <vm-10-0-76-240.hosted.upshift.rdu2.redhat.com> ESTABLISH SSH CONNECTION FOR USER: root <vm-10-0-76-240.hosted.upshift.rdu2.redhat.com> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o 'IdentityFile="/home/slave3/workspace/Run-Ansible-Playbooks-Nextge/private/config/keys/libra.pem"' -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=root -o ConnectTimeout=10 -o ControlPath=/home/slave3/.ansible/cp/%C vm-10-0-76-240.hosted.upshift.rdu2.redhat.com '/bin/sh -c '"'"'/usr/bin/python && sleep 0'"'"'' <vm-10-0-76-240.hosted.upshift.rdu2.redhat.com> (0, '\n{"changed": true, "end": "2019-06-19 05:10:43.302137", "stdout": "namespace \\"openshift-console\\" annotated", "cmd": ["oc", "annotate", "namespace", "openshift-console", "opflex.cisco.com/endpoint-group={\\"policy-space\\":\\"nested_oshift_domain\\", \\"name\\": \\"kubernetes|kube-system\\"}", "--overwrite=True"], "rc": 0, "start": "2019-06-19 05:10:43.097130", "stderr": "", "delta": "0:00:00.205007", "invocation": {"module_args": {"warn": true, "executable": null, "_uses_shell": false, "_raw_params": "oc annotate namespace openshift-console opflex.cisco.com/endpoint-group=\'{\\"policy-space\\":\\"nested_oshift_domain\\", \\"name\\": \\"kubernetes|kube-system\\"}\' --overwrite=True", "removes": null, "creates": null, "chdir": null, "stdin": null}}}\n', '') changed: [vm-10-0-77-6.hosted.upshift.rdu2.redhat.com -> vm-10-0-76-240.hosted.upshift.rdu2.redhat.com] => (item=openshift-console) => { "changed": true, "cmd": [ "oc", "annotate", "namespace", "openshift-console", "opflex.cisco.com/endpoint-group={\"policy-space\":\"nested_oshift_domain\", \"name\": \"kubernetes|kube-system\"}", "--overwrite=True" ], "delta": "0:00:00.205007", "end": "2019-06-19 05:10:43.302137", "failed": false, "invocation": { "module_args": { "_raw_params": "oc annotate namespace openshift-console opflex.cisco.com/endpoint-group='{\"policy-space\":\"nested_oshift_domain\", \"name\": \"kubernetes|kube-system\"}' --overwrite=True", "_uses_shell": false, "chdir": null, "creates": null, "executable": null, "removes": null, "stdin": null, "warn": true } }, "item": "openshift-console", "rc": 0, "start": "2019-06-19 05:10:43.097130", "stderr": "", "stderr_lines": [], "stdout": "namespace \"openshift-console\" annotated", "stdout_lines": [ "namespace \"openshift-console\" annotated" ] } the fixed PR is working well. So this bug should be fixed. if so, I will verify this bug. Please correct me if I'm wrong.
You are correct. You can mark it as verified.
Verified this bug according to above comment.
Hello Juan Luis, Per the RH Case, it was mentioned that both 3.10 and 3.11 fixes will be available today, June 25th Can we confirm if this will be available today and what is the delivery model to share with Cisco ACI? Any feedback would be appreciated.. -Antonios
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:1605