Description of problem: Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. `./bin/deploy-metering install` 2. Wait for the metering-operator to get to the configure_network.yml task file 3. View the metering-operator ansible container logs Actual results: The metering-operator pod fails with the following message: TASK [meteringconfig : Check the IP version infrastructure provisioned] ******** task path: /opt/ansible/roles/meteringconfig/tasks/configure_networking.yml:4 Monday 27 January 2020 15:15:34 +0000 (0:00:00.071) 0:00:50.292 ******** fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File \"/tmp/.ansible-/tmp/ansible-tmp-1580138134.2-78272622169375/AnsiballZ_k8s_facts.py\", line 114, in <module>\n _ansiballz_main()\n File \"/tmp/.ansible-/tmp/ansible-tmp-1580138134.2-78272622169375/AnsiballZ_k8s_facts.py\", line 106, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/tmp/.ansible-/tmp/ansible-tmp-1580138134.2-78272622169375/AnsiballZ_k8s_facts.py\", line 49, in invoke_module\n imp.load_module('__main__', mod, module, MOD_DESC)\n File \"/tmp/ansible_k8s_facts_payload__dtYb7/__main__.py\", line 176, in <module>\n File \"/tmp/ansible_k8s_facts_payload__dtYb7/__main__.py\", line 172, in main\n File \"/tmp/ansible_k8s_facts_payload__dtYb7/__main__.py\", line 153, in execute_module\n File \"/tmp/ansible_k8s_facts_payload__dtYb7/ansible_k8s_facts_payload.zip/ansible/module_utils/k8s/common.py\", line 206, in kubernetes_facts\n File \"/usr/lib/python2.7/site-packages/openshift/dynamic/client.py\", line 94, in get\n return self.request('get', path, **kwargs)\n File \"/usr/lib/python2.7/site-packages/openshift/dynamic/client.py\", line 44, in inner\n raise api_exception(e)\nopenshift.dynamic.exceptions.ForbiddenError: 403\nReason: Forbidden\nHTTP response headers: HTTPHeaderDict({'Audit-Id': '9fed5396-a510-4a42-aed5-08637a921aa9', 'Content-Length': '404', 'X-Content-Type-Options': 'nosniff', 'Cache-Control': 'no-cache, private', 'Date': 'Mon, 27 Jan 2020 15:15:34 GMT', 'Content-Type': 'application/json'})\nHTTP response body: {\"kind\":\"Status\",\"apiVersion\":\"v1\",\"metadata\":{},\"status\":\"Failure\",\"message\":\"networks.config.openshift.io \\\"cluster\\\" is forbidden: User \\\"system:serviceaccount:openshift-metering:metering-operator\\\" cannot get resource \\\"networks\\\" in API group \\\"config.openshift.io\\\" at the cluster scope\",\"reason\":\"Forbidden\",\"details\":{\"An exception occurred during task execution. To see the full traceback, use -vvv. The error was: raise ApiException(http_resp=r) fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File \"/tmp/.ansible-/tmp/ansible-tmp-1580138134.2-78272622169375/AnsiballZ_k8s_facts.py\", line 114, in <module>\n _ansiballz_main()\n File \"/tmp/.ansible-/tmp/ansible-tmp-1580138134.2-78272622169375/AnsiballZ_k8s_facts.py\", line 106, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/tmp/.ansible-/tmp/ansible-tmp-1580138134.2-78272622169375/AnsiballZ_k8s_facts.py\", line 49, in invoke_module\n imp.load_module('__main__', mod, module, MOD_DESC)\n File \"/tmp/ansible_k8s_facts_payload__dtYb7/__main__.py\", line 176, in <module>\n File \"/tmp/ansible_k8s_facts_payload__dtYb7/__main__.py\", line 172, in main\n File \"/tmp/ansible_k8s_facts_payload__dtYb7/__main__.py\", line 153, in execute_module\n File \"/tmp/ansible_k8s_facts_payload__dtYb7/ansible_k8s_facts_payload.zip/ansible/module_utils/k8s/common.py\", line 206, in kubernetes_facts\n File \"/usr/lib/python2.7/site-packages/openshift/dynamic/client.py\", line 94, in get\n return self.request('get', path, **kwargs)\n File \"/usr/lib/python2.7/site-packages/openshift/dynamic/client.py\", line 44, in inner\n raise api_exception(e)\nopenshift.dynamic.exceptions.ForbiddenError: 403\nReason: Forbidden\nHTTP response headers: HTTPHeaderDict({'Audit-Id': '9fed5396-a510-4a42-aed5-08637a921aa9', 'Content-Length': '404', 'X-Content-Type-Options': 'nosniff', 'Cache-Control': 'no-cache, private', 'Date': 'Mon, 27 Jan 2020 15:15:34 GMT', 'Content-Type': 'application/json'})\nHTTP response body: {\"kind\":\"Status\",\"apiVersion\":\"v1\",\"metadata\":{},\"status\":\"Failure\",\"message\":\"networks.config.openshift.io \\\"cluster\\\" is forbidden: User \\\"system:serviceaccount:openshift-metering:metering-operator\\\" cannot get resource \\\"networks\\\" in API group \\\"config.openshift.io\\\" at the cluster scope\",\"reason\":\"Forbidden\",\"details\":{\"name\":\"cluster\",\"group\":\"config.openshift.io\",\"kind\":\"networks\"},\"code\":403}\n\nOriginal traceback: \n File \"/usr/lib/python2.7/site-packages/openshift/dynamic/client.py\", line 42, in inner\n resp = func(self, *args, **kwargs)\n\n File \"/usr/lib/python2.7/site-packages/openshift/dynamic/client.py\", line 245, in request\n _return_http_data_only=params.get('_return_http_data_only', True)\n\n File \"/usr/lib/python2.7/site-packages/kubernetes/client/api_client.py\", line 334, in call_api\n _return_http_data_only, collection_formats, _preload_content, _request_timeout)\n\n File \"/usr/lib/python2.7/site-packages/kubernetes/client/api_client.py\", line 168, in __call_api\n _request_timeout=_request_timeout)\n\n File \"/usr/lib/python2.7/site-packages/kubernetes/client/api_client.py\", line 355, in request\n headers=headers)\n\n File \"/usr/lib/python2.7/site-packages/kubernetes/client/rest.py\", line 231, in GET\n query_params=query_params)\n\n File \"/usr/lib/python2.7/site-packages/kubernetes/client/rest.py\", line 222, in request\n raise ApiException(http_resp=r)\n\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1} Expected results: The metering-operator successfully provisions metering-related resources Additional info:
verified by looking at the ansible pod output... no errors detected. TASK [meteringconfig : Check the IP version infrastructure provisioned] ******** [1;30mtask path: /opt/ansible/roles/meteringconfig/tasks/configure_networking.yml:4[0m Thursday 12 March 2020 22:48:18 +0000 (0:00:00.057) 0:00:07.885 ******** [0;32mok: [localhost] => {"changed": false, "resources": [{"apiVersion": "config.openshift.io/v1", "kind": "Network", "metadata": {"creationTimestamp": "2020-03-11T22:58:03Z", "generation": 2, "name": "cluster", "resourceVersion": "2327", "selfLink": "/apis/config.openshift.io/v1/networks/cluster", "uid": "cf42d03b-9a58-4ba7-b168-5d45cf326a3e"}, "spec": {"clusterNetwork": [{"cidr": "10.128.0.0/14", "hostPrefix": 23}], "externalIP": {"policy": {}}, "networkType": "OpenShiftSDN", "serviceNetwork": ["172.30.0.0/16"]}, "status": {"clusterNetwork": [{"cidr": "10.128.0.0/14", "hostPrefix": 23}], "clusterNetworkMTU": 8951, "networkType": "OpenShiftSDN", "serviceNetwork": ["172.30.0.0/16"]}}]}[0m
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:0581