Bug 1721546 - Openshift-on-OpenStack Add protection from a docker/K8s bug
Summary: Openshift-on-OpenStack Add protection from a docker/K8s bug
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 3.11.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 3.11.z
Assignee: Michał Dulko
QA Contact: Jon Uriarte
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-06-18 14:07 UTC by Jon Uriarte
Modified: 2019-09-03 15:56 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-09-03 15:56:02 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift openshift-ansible pull 11701 0 None None None 2019-07-02 06:36:43 UTC
Github openshift openshift-ansible pull 11734 0 None None None 2019-07-02 06:36:43 UTC
Red Hat Product Errata RHBA-2019:2580 0 None None None 2019-09-03 15:56:21 UTC

Description Jon Uriarte 2019-06-18 14:07:53 UTC 
Description of problem:

kury-cni pod crashes if the kuryr-config ConfigMap is manually edited due to a bug in docker/K8s [1].
A protection can be added in the playbooks.

Version-Release number of the following components:

$ rpm -q openshift-ansible
openshift-ansible-3.11.117-1.git.0.add13ff.el7.noarch

$ rpm -q ansible
ansible-2.5.15-1.el7ae.noarch

$ ansible --version
ansible 2.5.15
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/cloud-user/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Sep 12 2018, 05:31:16) [GCC 4.8.5 20150623 (Red Hat 4.8.5-36)]

How reproducible: always

Steps to Reproduce:
1. Install OSP 13 or 14 with Octavia (in a hybrid environment)
2. Deploy the ansible-host and DNS server on the overcloud
3. Enable kuryr (inventory/group_vars/all.yml)
4. Run installation playbooks
5. Edit kuryr-config ConfigMap (i.e debug = true):
   $ oc -n kuryr edit cm kuryr-config
6. Restart kuryr-cni container
   - sudo docker restart <kuryr-cni>

Actual results:

[openshift@master-0 ~]$ ock logs -f kuryr-cni-ds-4zplv -c kuryr-cni                                 
+ cleanup                                                                                           
+ rm -f /etc/cni/net.d/10-kuryr.conf                                                                
+ rm -f /opt/cni/bin/kuryr-cni                                                                      
+ deploy                                                                                            
+ POD_NAMESPACE=kuryr                                                                               
+ cat                                                                                               
+ cp /kuryr-cni /opt/cni/bin/kuryr-cni                                                              
+ chmod +x /opt/cni/bin/kuryr-cni                                                                   
+ cp /etc/kuryr-cni/10-kuryr.conf /etc/cni/net.d                                                    
+ exec kuryr-daemon --config-file /etc/kuryr/kuryr.conf                                             
Traceback (most recent call last):                                                                  
  File "/usr/bin/kuryr-daemon", line 10, in <module>                                                
    sys.exit(start())                                                                               
  File "/usr/lib/python2.7/site-packages/kuryr_kubernetes/cni/daemon/service.py", line 299, in start
    config.init(sys.argv[1:])                                                                       
  File "/usr/lib/python2.7/site-packages/kuryr_kubernetes/config.py", line 299, in init             
    CONF(args=args, project='kuryr-k8s', version=version_k8s, **kwargs)                             
  File "/usr/lib/python2.7/site-packages/oslo_config/cfg.py", line 2577, in __call__                
    raise ConfigFilesNotFoundError(self._namespace._files_not_found)                                
oslo_config.cfg.ConfigFilesNotFoundError: Failed to find some config files: /etc/kuryr/kuryr.conf 


Expected results: no crash


[1] https://github.com/kubernetes/kubernetes/issues/68211
Comment 1 Jon Uriarte 2019-06-18 14:14:49 UTC 
Adding correct logs when the issue is reproduced:

 $ oc -n kuryr logs -f kuryr-cni-ds-s65sh -c kuryr-cni
container_linux.go:247: starting container process caused "process_linux.go:364: container init caused \"rootfs_linux.go:54: mounting \\\"/var/lib/origin/openshift.local.volumes/pods/0b1d0cd7-8ec1-11e9-a55c-fa163ee3d6f8/volume-subpaths/config-volume/kuryr-cni/2\\\" to rootfs \\\"/var/lib/docker/overlay2/400ab2b1ad7563404e51d04959ce6dfb2ce51df0a3d4c168eb42822ef52ff862/merged\\\" at \\\"/var/lib/docker/overlay2/400ab2b1ad7563404e51d04959ce6dfb2ce51df0a3d4c168eb42822ef52ff862/merged/etc/kuryr/kuryr.conf\\\" caused \\\"no such file or directory\\\"\""
Comment 2 Michał Dulko 2019-06-18 14:23:34 UTC 
I switched this to medium as this only happens when Kuryr's ConfigMap gets edited.
Comment 3 Michał Dulko 2019-07-10 11:25:35 UTC 
This is now fixed, so I guess ON_QA is the correct status.
Comment 4 Itzik Brown 2019-08-07 14:40:25 UTC 
Verified with:
openshift v3.11.136
Comment 6 errata-xmlrpc 2019-09-03 15:56:02 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:2580
Note You need to log in before you can comment on or make changes to this bug.