Hide Forgot
Description of problem: The container image openshift-ose-ansible-operator:v4.5.0 is using python2-openshift-0.8.11, which produces this error: --- Failed to import the required Python library (openshift >= 0.9.2) on kubevirt-ssp-operator-69c7fdb484-s97hc's Python /usr/bin/python2. This is required for apply. Please read module documentation and install in the appropriate location. If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter --- when using the 'apply' option of the k8s module (https://docs.ansible.com/ansible/latest/modules/k8s_module.html): --- - k8s: state: present namespace: "{{ namespace }}" definition: "{{ definition }}" apply: yes --- Version-Release number of selected component (if applicable): openshift-ose-ansible-operator:v4.5.0 How reproducible: 100% Steps to Reproduce: 1. Write a playbook that utilizes the k8s module with the 'apply' option 2. Build a container image based on openshift-ose-ansible-operator:v4.5.0 3. Deploy the operator on an openshift cluster and read the logs Actual results: The above error occures Expected results: The container image openshift-ose-ansible-operator:v4.5.0 should provide all dependencies of the k8s module Additional info: A workaround I found was to use the 'merge_type' option instead of 'apply'
I can reproduce this issue by using the module "community.kubernetes.k8s" and base image: "registry-proxy.engineering.redhat.com/rh-osbs/openshift-ose-ansible-operator:v4.5.0", details as follows: 1, Create an Ansible project, and write a playbook that utilizes the k8s module with the 'apply' option: [root@preserve-olm-env foo-operator]# cat roles/foo/tasks/main.yml --- # tasks file for foo - name: set test namespace to "{{ state }}" community.kubernetes.k8s: api_version: v1 kind: Namespace state: "{{ state }}" name: test apply: yes 2, Build a container image based on openshift-ose-ansible-operator:v4.5.0 [root@preserve-olm-env foo-operator]# cat build/Dockerfile FROM registry-proxy.engineering.redhat.com/rh-osbs/openshift-ose-ansible-operator:v4.5.0 COPY requirements.yml ${HOME}/requirements.yml RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \ && chmod -R ug+rwx ${HOME}/.ansible COPY watches.yaml ${HOME}/watches.yaml COPY roles/ ${HOME}/roles/ [root@preserve-olm-env foo-operator]# operator-sdk build quay.io/olmqe/foo-operator:bug-ansible --verbose DEBU[0000] Debug logging is set INFO[0000] Building OCI image quay.io/olmqe/foo-operator:bug-ansible DEBU[0000] Running []string{"docker", "build", "-f", "build/Dockerfile", "-t", "quay.io/olmqe/foo-operator:bug-ansible", "."} Sending build context to Docker daemon 52.74kB Step 1/5 : FROM registry-proxy.engineering.redhat.com/rh-osbs/openshift-ose-ansible-operator:v4.5.0 ---> c53cfde428cd Step 2/5 : COPY requirements.yml ${HOME}/requirements.yml ---> 281ae0c325ff ... Successfully tagged quay.io/olmqe/foo-operator:bug-ansible INFO[0003] Operator build complete. [root@preserve-olm-env foo-operator]# docker push quay.io/olmqe/foo-operator:bug-ansible The push refers to repository [quay.io/olmqe/foo-operator] c6c55aa6e3c6: Pushed ... bug-ansible: digest: sha256:8d3de5992ee22827b711076f9e6bdea59aa5be2957a2c1839f511636f916efee size: 2202 3, Deploy the operator on an openshift cluster [root@preserve-olm-env foo-operator]# oc project default Now using project "default" on server "https://api.zzhao46n.qe.devcluster.openshift.com:6443". [root@preserve-olm-env foo-operator]# oc create -f deploy/crds/foo.example.com_foos_crd.yaml customresourcedefinition.apiextensions.k8s.io/foos.foo.example.com created [root@preserve-olm-env foo-operator]# oc create -f deploy/service_account.yaml serviceaccount/foo-operator created [root@preserve-olm-env foo-operator]# oc create -f deploy/role.yaml role.rbac.authorization.k8s.io/foo-operator created [root@preserve-olm-env foo-operator]# oc create -f deploy/role_binding.yaml rolebinding.rbac.authorization.k8s.io/foo-operator created [root@preserve-olm-env foo-operator]# oc create -f deploy/operator.yaml deployment.apps/foo-operator created [root@preserve-olm-env foo-operator]# oc get pods NAME READY STATUS RESTARTS AGE foo-operator-6d8db94b8d-mb9xz 0/1 ContainerCreating 0 5s [root@preserve-olm-env foo-operator]# oc get pods NAME READY STATUS RESTARTS AGE foo-operator-6d8db94b8d-mb9xz 1/1 Running 0 58s 4, Deploy the CR. And, check the operator logs. [root@preserve-olm-env foo-operator]# oc create -f deploy/crds/foo.example.com_v1alpha1_foo_cr.yaml foo.foo.example.com/example-foo created [root@preserve-olm-env foo-operator]# oc get foo NAME AGE example-foo 18s [root@preserve-olm-env foo-operator]# oc logs foo-operator-6d8db94b8d-mb9xz ... --------------------------- Ansible Task StdOut ------------------------------- TASK [set test namespace to "present"] ******************************** fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to import the required Python library (openshift >= 0.9.2) on foo-operator-6d8db94b8d-mb9xz's Python /usr/bin/python2. This is required for apply. Please read module documentation and install in the appropriate location. If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter"} [root@preserve-olm-env example-inc]# operator-sdk version operator-sdk version: "v0.17.2", commit: "0258db0119e8e18e15d035532427c329fce1e871", kubernetes version: "unknown", go version: "go1.13.10 linux/amd64"
Version: [root@preserve-olm-env foo-operator]# operator-sdk version operator-sdk version: "v0.17.2", commit: "0258db0119e8e18e15d035532427c329fce1e871", kubernetes version: "unknown", go version: "go1.13.10 linux/amd64" [root@preserve-olm-env foo-operator]# oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.5.0-0.nightly-2020-08-22-015330 True False 44m Cluster version is 4.5.0-0.nightly-2020-08-22-015330 Steps to test: 1, Create an Ansible project. [root@preserve-olm-env 0.17.2]# operator-sdk new foo-operator --type=ansible --api-version=foo.example.com/v1alpha1 --kind=Foo INFO[0000] Creating new Ansible operator 'foo-operator'. INFO[0000] Created deploy/service_account.yaml INFO[0000] Created deploy/role.yaml ... 2, Write a playbook that utilizes the k8s module with the 'apply' option: [root@preserve-olm-env foo-operator]# cat roles/foo/tasks/main.yml --- # tasks file for foo - name: set test namespace to "{{ state }}" community.kubernetes.k8s: api_version: v1 kind: Namespace state: "{{ state }}" name: test apply: yes 3, Build a container image based on openshift-ose-ansible-operator:v4.5.0 [root@preserve-olm-env foo-operator]# cat build/Dockerfile FROM registry-proxy.engineering.redhat.com/rh-osbs/openshift-ose-ansible-operator:v4.5.0 COPY requirements.yml ${HOME}/requirements.yml RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \ && chmod -R ug+rwx ${HOME}/.ansible COPY watches.yaml ${HOME}/watches.yaml COPY roles/ ${HOME}/roles/ [root@preserve-olm-env foo-operator]# operator-sdk build quay.io/yuhui12/foo-operator:bug-ansible --verbose DEBU[0000] Debug logging is set INFO[0000] Building OCI image quay.io/yuhui12/foo-operator:bug-ansible DEBU[0000] Running []string{"docker", "build", "-f", "build/Dockerfile", "-t", "quay.io/yuhui12/foo-operator:bug-ansible", "."} Sending build context to Docker daemon 51.71kB Step 1/5 : FROM registry-proxy.engineering.redhat.com/rh-osbs/openshift-ose-ansible-operator:v4.5.0 ---> d6513b64f5f5 ... Successfully built 1f52fe1015b3 Successfully tagged quay.io/yuhui12/foo-operator:bug-ansible INFO[0001] Operator build complete. [root@preserve-olm-env foo-operator]# docker push quay.io/yuhui12/foo-operator:bug-ansible The push refers to repository [quay.io/yuhui12/foo-operator] ... 2acea37b6b28: Pushed bug-ansible: digest: sha256:26a9380ddbe1e573039eb880183c35d14db5fb4be0a4bbbab71356b1b36784d2 size: 2202 4, Deploy the operator on an openshift cluster [root@preserve-olm-env foo-operator]# oc project default Now using project "default" on server "https://api.ci-ln-n856w2t-d5d6b.origin-ci-int-aws.dev.rhcloud.com:6443". [root@preserve-olm-env foo-operator]# oc create -f deploy/crds/foo.example.com_foos_crd.yaml customresourcedefinition.apiextensions.k8s.io/foos.foo.example.com created [root@preserve-olm-env foo-operator]# oc create -f deploy/service_account.yaml serviceaccount/foo-operator created [root@preserve-olm-env foo-operator]# oc create -f deploy/role.yaml role.rbac.authorization.k8s.io/foo-operator created [root@preserve-olm-env foo-operator]# oc create -f deploy/role_binding.yaml rolebinding.rbac.authorization.k8s.io/foo-operator created [root@preserve-olm-env foo-operator]# oc create -f deploy/operator.yaml deployment.apps/foo-operator created [root@preserve-olm-env foo-operator]# oc get pods NAME READY STATUS RESTARTS AGE foo-operator-5f7c86b49f-zdmmz 1/1 Running 0 17m 5, Deploy the CR. And, check the operator logs. [root@preserve-olm-env foo-operator]# oc create -f deploy/crds/foo.example.com_v1alpha1_foo_cr.yaml foo.foo.example.com/example-foo created [root@preserve-olm-env foo-operator]# oc get foo NAME AGE example-foo 17m [root@preserve-olm-env foo-operator]# oc logs foo-operator-5f7c86b49f-zdmmz |grep import [root@preserve-olm-env foo-operator]# No such errors like "Failed to import the required Python library (openshift >= 0.9.2) on foo-operator-6d8db94b8d-mb9xz's Python /usr/bin/python2. This is required for apply. Please read module documentation and install in the appropriate location. If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter".
Verify the bug using 4.5.0 ansible operator image. [root@preserve-olm-env ~]# docker run -it --entrypoint=/bin/bash registry-proxy.engineering.redhat.com/rh-osbs/openshift-ose-ansible-operator:v4.5.0 bash-4.2$ rpm -qa | grep kubernetes python2-kubernetes-11.0.0-1.el7.noarch bash-4.2$ rpm -qa | grep openshift python2-openshift-0.11.2-1.el7.noarch
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4196