Bug 1790298 - [ShiftStack 4.2 on OSP13] install-config.yaml is missing option for customized DNS server
Summary: [ShiftStack 4.2 on OSP13] install-config.yaml is missing option for customize...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 4.2.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 4.2.z
Assignee: Max Bridges
QA Contact: David Sanz
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-01-13 04:04 UTC by Robin Cernin
Modified: 2020-01-22 00:20 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Feature: Configuring custom DNS nameservers for the OpenShift nodes Reason: Some OpenStack deployments do not set a default nameserver for its servers. In such deployments, the OpenStack tenant is expected to configure their own resolvers on the Neutron subnet or Nova server. Running the OpenShift installer against such a deployment requires setting these servers in install-config.yaml. Otherwise, the deployment will fail when trying to pull the OpenShift images during bootstrapping phase. Result: If the OpenStack server does not configure default nameservers or if you want to change them, it is possible to set the `platform.openstack.externalDNS` field in install-config.yaml. This will add the specified DNS servers to the nodes Neutron subnet and the Nova servers created in the subnet will use them for DNS. For example: platform: openstack: externalDNS: - 203.0.113.23 - 203.0.113.42 This option has existed since the 4.2 release.
Clone Of:
Environment:
Last Closed: 2020-01-22 00:20:17 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Robin Cernin 2020-01-13 04:04:12 UTC 
Description of problem:

There is no way to specify the DNS server in install-config.yaml (before the nodes are provisioned) in OpenStack.

Failing to pull the images from Quay.io

[root@moonlight-mc84l-bootstrap ~]# podman pull quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d
Trying to pull quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d...ERRO[0000] Error pulling image ref //quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d: Error initializing source docker://quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d: pinging docker registry returned: Get https://quay.io/v2/: dial tcp: lookup quay.io on 10.0.0.12:53: server misbehaving 
Failed
Error: error pulling image "quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d": unable to pull quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d: unable to pull image: Error initializing source docker://quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d: pinging docker registry returned: Get https://quay.io/v2/: dial tcp: lookup quay.io on 10.0.0.12:53: server misbehaving

Workaround:

$ openstack subnet show 48dc31e4-8f7e-4add-8dfa-2e68ade24710
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| allocation_pools  | 10.0.0.10-10.0.62.128                |
| cidr              | 10.0.0.0/16                          |
| created_at        | 2020-01-09T01:10:51Z                 |
| description       |                                      |
| dns_nameservers   |                                      |
| enable_dhcp       | True                                 |
| gateway_ip        | 10.0.0.1                             |
| host_routes       |                                      |
| id                | 48dc31e4-8f7e-4add-8dfa-2e68ade24710 |
| ip_version        | 4                                    |
| ipv6_address_mode | None                                 |
| ipv6_ra_mode      | None                                 |
| name              | moonlight-xw88h-nodes                |
| network_id        | 996e5be1-665b-4a45-aaa6-49bd063f324f |
| prefix_length     | None                                 |
| project_id        | 26a767f33c644c0185838e366828b708     |
| revision_number   | 1                                    |
| segment_id        | None                                 |
| service_types     |                                      |
| subnetpool_id     | None                                 |
| tags              | openshiftClusterID=moonlight-xw88h   |
| updated_at        | 2020-01-09T01:10:57Z                 |
+-------------------+--------------------------------------+

$ openstack subnet set --dns-nameserver <DNS Server> 48dc31e4-8f7e-4add-8dfa-2e68ade24710

$ (bootstrap node) reboot

Version-Release number of the following components:
rpm -q openshift-ansible
openshift-ansible-3.11.157-1.git.0.10b76ed.el7.noarch

rpm -q ansible
ansible-2.6.20-1.el7ae.noarch

ansible --version
ansible 2.6.20
  config file = /home/cloud-user/ansible.cfg
  configured module search path = [u'/home/cloud-user/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Sep 26 2019, 13:23:47) [GCC 4.8.5 20150623 (Red Hat 4.8.5-39)]


How reproducible:

Follow https://access.redhat.com/documentation/en-us/openshift_container_platform/4.2/html-single/installing_on_openstack/index


Steps to Reproduce:
1. ./openshift-install create cluster --dir=moonlight --log-level=debug
2.
3.

Actual results:

[root@moonlight-mc84l-bootstrap ~]# podman pull quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d
Trying to pull quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d...ERRO[0000] Error pulling image ref //quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d: Error initializing source docker://quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d: pinging docker registry returned: Get https://quay.io/v2/: dial tcp: lookup quay.io on 10.0.0.12:53: server misbehaving 
Failed
Error: error pulling image "quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d": unable to pull quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d: unable to pull image: Error initializing source docker://quay.io/openshift-release-dev/ocp-release@sha256:782b41750f3284f3c8ee2c1f8cb896896da074e362cf8a472846356d1617752d: pinging docker registry returned: Get https://quay.io/v2/: dial tcp: lookup quay.io on 10.0.0.12:53: server misbehaving

Expected results:

Have the working DNS set, possibly thru a customized option in install-config.yaml

Additional info:

Since we are using installer on OpenStack, it creates its own network, subnet etc for the nodes including DNS setup. This fails as we have no way to provide the right DNS to the installer.

It works with applied workaround above.
Comment 1 Stephen Cuppett 2020-01-13 12:22:13 UTC 
Moving to the active development branch (4.4). For any needed fixes where backports are required/requested, BZ clones will be created targeting those specific z-stream releases.
Comment 2 Tomas Sedovic 2020-01-14 09:43:55 UTC 
Robin Cernin: this functionality exists since 4.2. You can add the DNS servers in the `platform.openstack.externalDNS` field in install-config.yaml:

platform:
  openstack:
    externalDNS:
    - 203.0.113.23
    - 203.0.113.42

They will be set on the subnet in the same way as `openstack subnet set --dns-nameserver` would do.  This is documented upstream in the Customization page:

https://github.com/openshift/installer/blob/master/docs/user/openstack/customization.md

But it looks like it's missing from the product documentation. This should be addressed by the docs team, I've filled out the Doc Text field.

Eric Duen: do you know how to tag in the docs folks? Should I assign this bug to Max Bridges?
Comment 3 Eric Duen 2020-01-14 16:56:29 UTC 
Assigned to Max.  Updating the target to 4.2z, since it is a defect in 4.2 docs.

Max,
I reassigned to you, please take a look and update the BZ accordingly (priority, target, etc.)
Comment 4 Max Bridges 2020-01-14 17:18:57 UTC 
Doesn't look like too hairy of an update to make, but we generally allow the DPM to set those fields. 

I'll make a first pass on this this week, though. :)
Comment 5 Max Bridges 2020-01-14 22:42:06 UTC 
How's this PR look, Tomas?
Comment 6 Max Bridges 2020-01-14 22:42:34 UTC 
https://github.com/openshift/openshift-docs/pull/19048
Comment 8 David Sanz 2020-01-16 08:58:29 UTC 
Verified PR
Comment 9 Max Bridges 2020-01-17 14:22:21 UTC 
https://docs.openshift.com/container-platform/4.2/installing/installing_openstack/installing-openstack-installer-custom.html#installation-configuration-parameters_installing-openstack-installer-custom

Waiting on update to portal.
Comment 11 Max Bridges 2020-01-22 00:20:17 UTC 
vigoyal confirms that this is live on the portal at the address in comment 1. Closing.
Note You need to log in before you can comment on or make changes to this bug.