Bug 1954873
| Summary: | dns server may not be specified for clusters with more than 2 dns servers specified by openstack. | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Adolfo Duarte <adduarte> |
| Component: | Installer | Assignee: | Adolfo Duarte <adduarte> |
| Installer sub component: | OpenShift on OpenStack | QA Contact: | Jon Uriarte <juriarte> |
| Status: | CLOSED ERRATA | Docs Contact: | |
| Severity: | medium | ||
| Priority: | medium | CC: | egarcia |
| Version: | 4.5 | Keywords: | Triaged |
| Target Milestone: | --- | ||
| Target Release: | 4.8.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | No Doc Update | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-07-27 23:04:50 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
There is a flag in neutron which configures the number of dns servers to provide per network. dhcp_agents_per_network=1 needs to be added to the [DEFAULT] section in our neutron.conf file Tested and reproduce this on 4.5
To reproduce create an install-config.yaml with three or more dns servers:
platform:
openstack:
apiVIP: 10.0.0.5
cloud: openshift
computeFlavor: m1.xlarge
externalDNS:
- 10.10.160.2
- 10.5.30.160
- 10.11.5.19
externalNetwork: external
The resulting boostrap node will have the following on its /etc/resolv.conf
cat /etc/resolv.conf
# Generated by NetworkManager
search shiftstack
nameserver 127.0.0.1
nameserver 10.10.160.2
nameserver 10.5.30.160
# NOTE: the libc resolver may not support more than 3 nameservers.
# The nameservers listed below may not be recognized.
nameserver 10.11.5.19
Tested on 4.8 with the following:
platform:
openstack:
apiFloatingIP: 192.168.25.35
apiVIP: 10.0.0.5
cloud: openshift
defaultMachinePlatform:
type: m1.xlarge
externalDNS:
- 10.10.160.2
- 10.5.30.160
- 10.11.5.19
externalNetwork: external
The resulting nodes did not have a warning:
[core@oc48-gw68h-bootstrap ~]$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 127.0.0.1
search shiftstack
nameserver 10.10.160.2
nameserver 10.5.30.160
nameserver 10.11.5.19
which suggest the problem does not exists in 4.8 machines.
The root cause of the problem is that the version of libc for 4.5 does not support more than three dns nameservers in /etc/resolv.conf
So if namesevers need to be specified in the install-config.yaml, care must be taken to not provide more than three dns namesevers to the cluster nodes attached to the openstack tenant network.
There seems to be a couple of workarounds for this problem:
One: set up openstack so only one dns server is provided by OSP on its subnets: commet 1 above
Two: precreate the subnet and set the "--no-dns-namesever" flag on it: "openstack subnet set --no-dns-nameserver ...."
Then use the machinesSubnet configuration parameter to deploy, as described here [1] and here[2]
[1] https://docs.openshift.com/container-platform/4.5/installing/installing_openstack/installing-openstack-installer-custom.html#installation-configuration-parameters_installing-openstack-installer-custom
[2] https://github.com/openshift/installer/blob/master/docs/user/openstack/customization.md
The doc PR has been merged in the upstream installer repository. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2438 |
On an openstack deployment that is providing two or more dns servers per subnet, it is possible that a dns server specified by the "externalDNS" setting in install-config.yaml may not work correctly. For example, on a openstack infrastructure that is configured to provide three dns servers per subnet (.10, .11, and .12 for example), the following install-config.yaml entry: platform: openstack: cloud: openstack computeFlavor: aci_rhel_medium externalDNS: ["172.28.184.18"] Will produce the following /etc/resolv.conf on the cluster nodes: # Generated by NetworkManager search openstacklocal nameserver 127.0.0.1 nameserver 15.11.0.12 nameserver 15.11.0.11 # NOTE: the libc resolver may not support more than 3 nameservers. # The nameservers listed below may not be recognized. nameserver 15.11.0.10 nameserver 172.28.184.18 #See the troubleshooting documentation (https://github.com/openshift/installer/blob/master/docs/user/troubleshooting.md) for ideas about what information to collect. #For example, # If the installer fails to create resources (https://github.com/openshift/installer/blob/master/docs/user/troubleshooting.md#installer-fails-to-create-resources), attach the relevant portions of your `.openshift_install.log.` # If the installer fails to bootstrap the cluster (https://github.com/openshift/installer/blob/master/docs/user/troubleshootingbootstrap.md), attach the bootstrap log bundle. # If the installer fails to complete installation after bootstrapping completes (https://github.com/openshift/installer/blob/master/docs/user/troubleshooting.md#installer-fails-to-initialize-the-cluster), attach the must-gather log bundle using `oc adm must-gather` # Always at least include the `.openshift_install.log` What did you expect to happen? #Enter text here. How to reproduce it (as minimally and precisely as possible)? $ your-commands-here Anything else we need to know? #Enter text here.