Bug 1710723
| Summary: | If Advanced Audit is configured during initial installation, Control plane pods didn't come up | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Daein Park <dapark> |
| Component: | Installer | Assignee: | Joseph Callen <jcallen> |
| Installer sub component: | openshift-ansible | QA Contact: | Gaoyun Pei <gpei> |
| Status: | CLOSED ERRATA | Docs Contact: | |
| Severity: | medium | ||
| Priority: | unspecified | CC: | bleanhar |
| Version: | 3.11.0 | ||
| Target Milestone: | --- | ||
| Target Release: | 3.11.z | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-06-26 09:08:11 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:1605 |
Description of problem: If "openshift_master_audit_config" is configured during first installation, the control plane is failed. Because policyFile can not be found due to not copying to the specified path. Look "policyFile" parameter, the policy file can configure only target path. ~~~ openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/lib/origin/audit-ocp.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5, "policyFile": "/etc/origin/master/adv-audit.yaml", "logFormat":"json"} ~~~ Version-Release number of the following components: rpm -q openshift-ansible openshift-ansible-3.11.98-1.git.0.3cfa7c3.el7.noarch rpm -q ansible ansible-2.6.6-1.el7ae.noarch ansible --version ansible 2.6.6 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, May 31 2018, 09:41:32) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)] How reproducible: You can always reproduce it if you are configured "openshift_master_audit_config" with "policyFile". Actual results: The installer was failed with "Message: Control plane pods didn't come up". Expected results: The policy file of audit will be copied to right path and succeed the installation. Additional info: Advanced Audit: https://docs.openshift.com/container-platform/3.11/install_config/master_node_configuration.html#master-node-config-advanced-audit