Thanks for opening a bug report! Before hitting the button, please fill in as much of the template below as you can. If you leave out information, it's harder to help you. Be ready for follow-up questions, and please respond in a timely manner. If we can't reproduce a bug we might close your issue. If we're wrong, PLEASE feel free to reopen it and explain why. Version: 4.11 (found) will need to be back-ported Platform: AWS What happened? Testing the ValidateForProvisioning functionality revealed that the validateZoneRecords function always receives an empty string for zoneName and zonePath. The two variables are declared at the top of the function, but they are locally set in the if/else below so they go out of scope before making it to the validateZoneRecords function.
Provides False negative when searching for DNS Records. Empty String will always appear.
Hello, I found this issue while working on a Jira Card that involved testing a function called ValidateForProvisioning for AWS. The install config was using this value. There was not currently a test for this functionality, but the way that you could hit this code was through a platform provisioning check for AWS. The zone name was always blank when trying to validate the zones. Is this enough to go off of?
Hello Brent, I tried following tests: install-config: <--SNIP--> baseDomain: qe.devcluster.openshift.com metadata: creationTimestamp: null name: yunjiang-aaaccc platform: aws: region: us-east-2 subnets: - subnet-034f5beb385a151c3 - subnet-0f1f876a97ae76fd2 - subnet-0219becdbf9d5519f - subnet-0979c17619fc8387e hostedZone: Z07770582ZWZBOWLV6AQJ <- private hosed zone: yunjiang-050953a.qe.devcluster.openshift.com publish: External <--SNIP--> before applied fix (4.10): FATAL failed to fetch Terraform Variables: failed to fetch dependency of "Terraform Variables": failed to generate asset "Platform Provisioning Check": aws.hostedZone: Invalid value: "Z07770582ZWZBOWLV6AQJ": hosted zone domain "yunjiang-050953a.qe.devcluster.openshift.com." is not a parent of the cluster domain "yunjiang-aaaccc.qe.devcluster.openshift.com." after applied fix (4.11.0-0.nightly-2022-05-08-193101): FATAL failed to fetch Terraform Variables: failed to fetch dependency of "Terraform Variables": failed to generate asset "Platform Provisioning Check": aws.hostedZone: Internal error: could not list record sets for domain "Z07770582ZWZBOWLV6AQJ": hosted zone domain "yunjiang-050953a.qe.devcluster.openshift.com." is not a parent of the cluster domain "yunjiang-aaaccc.qe.devcluster.openshift.com." it looks like the installer of 4.11 went into code [1], but 4.10 did not [2] [1] https://github.com/openshift/installer/blob/release-4.11/pkg/asset/installconfig/aws/validation.go#L395 [2] https://github.com/openshift/installer/blob/release-4.10/pkg/asset/installconfig/aws/validation.go#L398 I have some questions: 1. per 4.11 log message, the zoneName is Z07770582ZWZBOWLV6AQJ, is the expected? 2. error message `could not list record sets` was not shown in 4.10, is it ,is this related to the current modifications?
1. per 4.11 log message, the zoneName is Z07770582ZWZBOWLV6AQJ, is the expected? >>> yes, I believe that is the expected zoneName 2. error message `could not list record sets` was not shown in 4.10, is it ,is this related to the current modifications? >>> That message would only appear on an error from getSubDomainDNSRecords. The "error" or indication of false data appears when an error occurs in getSubDomainDNSRecords because the zoneName was not set correctly when passed to validateZoneRecords
Ok, I was able to produce the error with an install-config. apiVersion: v1 baseDomain: bbarbach-public-zone.com compute: - architecture: amd64 hyperthreading: Enabled name: worker platform: {} replicas: 3 controlPlane: architecture: amd64 hyperthreading: Enabled name: master platform: {} replicas: 3 metadata: creationTimestamp: null name: bbarbach-zone-test networking: clusterNetwork: - cidr: 10.128.0.0/14 hostPrefix: 23 machineNetwork: - cidr: 10.0.0.0/16 networkType: OpenShiftSDN serviceNetwork: - 172.30.0.0/16 platform: aws: region: us-east-1 subnets: - subnet-0412605e3e4a5e892 - subnet-088e713b919753182 hostedZone: Z0909126N1BWS293HVRS publish: External The hosted zone and subnets are ones that I created. When running this install-config with create cluster I get the following results: FATAL failed to fetch Terraform Variables: failed to fetch dependency of "Terraform Variables": failed to generate asset "Platform Provisioning Check": <nil>: Internal error: could not list record sets for domain "": hosted zone domain "bbarbach-pvc.com." is not a parent of the cluster domain "bbarbach-zone-test.bbarbach-public-zone.com." The error message: Internal error: could not list record sets for domain "" should be filled with the correct hostedZone not an empty string. No matter what hostedZone name is there it would produce this result as it was not set when passed to the function.
(In reply to Brent Barbachem from comment #8) > Ok, I was able to produce the error with an install-config. > > apiVersion: v1 > baseDomain: bbarbach-public-zone.com > compute: > - architecture: amd64 > hyperthreading: Enabled > name: worker > platform: {} > replicas: 3 > controlPlane: > architecture: amd64 > hyperthreading: Enabled > name: master > platform: {} > replicas: 3 > metadata: > creationTimestamp: null > name: bbarbach-zone-test > networking: > clusterNetwork: > - cidr: 10.128.0.0/14 > hostPrefix: 23 > machineNetwork: > - cidr: 10.0.0.0/16 > networkType: OpenShiftSDN > serviceNetwork: > - 172.30.0.0/16 > platform: > aws: > region: us-east-1 > subnets: > - subnet-0412605e3e4a5e892 > - subnet-088e713b919753182 > hostedZone: Z0909126N1BWS293HVRS > publish: External > > > The hosted zone and subnets are ones that I created. When running this > install-config with create cluster I get the following results: > > FATAL failed to fetch Terraform Variables: failed to fetch dependency of > "Terraform Variables": failed to generate asset "Platform Provisioning > Check": <nil>: Internal error: could not list record sets for domain "": > hosted zone domain "bbarbach-pvc.com." is not a parent of the cluster domain > "bbarbach-zone-test.bbarbach-public-zone.com." > > The error message: > Internal error: could not list record sets for domain "" > > should be filled with the correct hostedZone not an empty string. No matter > what hostedZone name is there it would produce this result as it was not set > when passed to the function. This was tested against version 4.10 as 4.11 has the issue solved I believe.
Thanks Brent, I can hit the issue while setting "hosted zone domain is not a parent of the cluster domain". > OCP 4.11.0-0.nightly-2022-05-20-213928 FATAL failed to fetch Terraform Variables: failed to fetch dependency of "Terraform Variables": failed to generate asset "Platform Provisioning Check": aws.hostedZone: Internal error: could not list record sets for domain "Z0832957144NMU2JF1TBH": hosted zone domain "yunjiang-0525r1.qe.devcluster.openshift.com." is not a parent of the cluster domain "yunjiang-0525rb.qe1.devcluster.openshift.com." > OCP 4.10.12 FATAL failed to fetch Terraform Variables: failed to fetch dependency of "Terraform Variables": failed to generate asset "Platform Provisioning Check": <nil>: Internal error: could not list record sets for domain "": hosted zone domain "yunjiang-0525r1.qe.devcluster.openshift.com." is not a parent of the cluster domain "yunjiang-0525r2.qe1.devcluster.openshift.com."
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:5069