Description of problem: Restricting Resource Locations blocks Openshift installer progress in Google Cloud Platform due to restriction policies of instances based on the documentation. Steps to Reproduce: 1. Configure 'Restricting Resource Locations' https://cloud.google.com/resource-manager/docs/organization-policy/defining-locations#gcloud 2. Install Opensihft on Google Cloud Platform Actual results: ERROR ERROR Error: Error creating Image: googleapi: Error 412: Location us violates constraint constraints/gcp.resourceLocations on the resource projects/dbg-energy-poc/global/images/ocp-lkbh5-rhcos-image., conditionNotMet ERROR ERROR on ../../../../tmp/openshift-install-163350623/main.tf line 93, in resource "google_compute_image" "cluster": ERROR 93: resource "google_compute_image" "cluster" { ERROR ERROR ERROR ERROR Error: googleapi: Error 412: 'us' violates constraint 'constraints/gcp.resourceLocations', conditionNotMet ERROR ERROR on ../../../../tmp/openshift-install-163350623/bootstrap/main.tf line 1, in resource "google_storage_bucket" "ignition": ERROR 1: resource "google_storage_bucket" "ignition" { ERROR ERROR This is because 'US' is default in terraform values for 'location': https://www.terraform.io/docs/providers/google/r/storage_bucket.html#location Expected results: To be able to install Openshift without disabling the policies. Additional info: Will be uploading install-config and more logs.
David, could you please refer to below from our project admin on the specific settings your customer is using so that we can get ours set up properly: It seems that this feature must be configured by GCP Super Admins, and we don't have that permission. Please give details about how you want the permissions configured, and we can pass that to the GCP Super Admins to configure it. We probably want to create a new project just for this, so that the restrictions only apply to that project. Thanks.
Hi @tsze Sorry for the late reply, this is already confirmed to be working by the customer even with nightly builds after PR merged: https://github.com/openshift/installer/pull/4089 The configuration can be tested by selecting and configuring any restriction as per official Google Cloud docs: https://cloud.google.com/resource-manager/docs/organization-policy/defining-locations#gcloud
Thank you. David. I will close this one.
Thank you for the quick resolution.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4196