1905115 – CI: dev-scripts fail on 02_configure_host: Failed to start network ostestbm

Bug 1905115 - CI: dev-scripts fail on 02_configure_host: Failed to start network ostestbm

Summary: CI: dev-scripts fail on 02_configure_host: Failed to start network ostestbm

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Installer
Sub Component:
Version:	4.7
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	---
Target Release:	4.7.0
Assignee:	Stephen Benjamin
QA Contact:	Amit Ugol
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-12-07 15:13 UTC by Dmitry Tantsur
Modified:	2021-02-24 15:40 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed:	2021-02-24 15:40:32 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift-metal3 dev-scripts pull 1170	0	None	closed	Bug 1905115: Restart libvirt to detect we are using firewalld	2021-02-03 14:07:06 UTC
Red Hat Product Errata	RHSA-2020:5633	0	None	None	None	2021-02-24 15:40:49 UTC

Description Dmitry Tantsur 2020-12-07 15:13:40 UTC

Started around 8am UTC on Monday, Dec 7th.

Example failure: https://prow.ci.openshift.org/view/gs/origin-ci-test/logs/periodic-ci-openshift-release-master-ocp-4.7-e2e-metal-ipi/1335944963518631936

 +(./02_configure_host.sh:169): main(): sudo virsh net-destroy ostestbm
Network ostestbm destroyed
+(./02_configure_host.sh:170): main(): sudo virsh net-start ostestbm
error: Failed to start network ostestbm
error: internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table filter --insert LIBVIRT_INP --in-interface ostestbm --protocol tcp --destination-port 67 --jump ACCEPT: iptables: No chain/target/match by that name. 


There are also a lot of deprecation warnings around this bit, not sure if they're related. Bug 1683174 suggests something may be messing with libvirt's iptables rules (or a bug in CentOS).

Comment 1 Dmitry Tantsur 2020-12-07 15:17:23 UTC

We suspect ordering problem between starting libvirt and firewalld.

Comment 2 Stephen Benjamin 2020-12-08 13:04:04 UTC

dev-scripts isn't hooked up to the OCP bugzilla automation so probably need to put this ON_QA ourselves.

QE: This should be able to be moved to verified, this was a CI-only bug that is now resolved.

Comment 5 errata-xmlrpc 2021-02-24 15:40:32 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5633

Note You need to log in before you can comment on or make changes to this bug.