Description of problem: If "openshift_master_audit_config" is configured during first installation, the control plane is failed. Because policyFile can not be found due to not copying to the specified path. Look "policyFile" parameter, the policy file can configure only target path. ~~~ openshift_master_audit_config={"enabled": true, "auditFilePath": "/var/lib/origin/audit-ocp.log", "maximumFileRetentionDays": 14, "maximumFileSizeMegabytes": 500, "maximumRetainedFiles": 5, "policyFile": "/etc/origin/master/adv-audit.yaml", "logFormat":"json"} ~~~ Version-Release number of the following components: rpm -q openshift-ansible openshift-ansible-3.11.98-1.git.0.3cfa7c3.el7.noarch rpm -q ansible ansible-2.6.6-1.el7ae.noarch ansible --version ansible 2.6.6 config file = /etc/ansible/ansible.cfg configured module search path = [u'/root/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules'] ansible python module location = /usr/lib/python2.7/site-packages/ansible executable location = /usr/bin/ansible python version = 2.7.5 (default, May 31 2018, 09:41:32) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)] How reproducible: You can always reproduce it if you are configured "openshift_master_audit_config" with "policyFile". Actual results: The installer was failed with "Message: Control plane pods didn't come up". Expected results: The policy file of audit will be copied to right path and succeed the installation. Additional info: Advanced Audit: https://docs.openshift.com/container-platform/3.11/install_config/master_node_configuration.html#master-node-config-advanced-audit
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:1605