ASB and service catalog worked as expected. Then I chose ephemeral storage plan to deploy kubevirt, then the deployment failed when executed "Allow ceph OSD traffic" task, the error was: Failed to find required executable iptables in paths: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin. Deploy storage-demo using kubevirt-ansible from CLI doesn't have the problem. The iptables was configured correctly. See kubevirt-ansible log: http://pastebin.test.redhat.com/581183
Here it the ansible log when deploy from web console:
[root@host-172-16-120-33 ~]# oc project rh-virtualization-prov-bfrfw
Now using project "rh-virtualization-prov-bfrfw" on server "https://172.16.120.33:8443".
[root@host-172-16-120-33 ~]# oc get all
NAME READY STATUS RESTARTS AGE
po/apb-ea08c82d-4c33-4595-b68c-4f06a3203083 0/1 Error 0 8m
[root@host-172-16-120-33 ~]# oc logs po/apb-ea08c82d-4c33-4595-b68c-4f06a3203083
+ [[ provision --extra-vars {"_apb_plan_id":"storage-demo","_apb_service_class_id":"60c8357b2a1cb091488d9c5586c4eb4b","_apb_service_instance_id":"49510c9c-c850-4f7c-b52f-32731422337a","admin_password":"redhat","admin_user":"qwang","cluster":"openshift","namespace":"qwang-storage-demo","storage_role":"storage-demo","version":"0.4.1-alpha.2"} == *\s\2\i\/\a\s\s\e\m\b\l\e* ]]
+ ACTION=provision
+ shift
+ apb_action_path=kubevirt-ansible/playbooks/kubevirt.yml
+ playbooks=/etc/ansible/roles/kubevirt-ansible/playbooks/kubevirt.yml
+ CREDS=/var/tmp/bind-creds
+ TEST_RESULT=/var/tmp/test-result
+ whoami
+ '[' -w /etc/passwd ']'
++ id -u
+ echo 'apb:x:1000140000:0:apb user:/opt/apb:/sbin/nologin'
+ set +x
+ [[ -e /etc/ansible/roles/kubevirt-ansible/playbooks/kubevirt.yml ]]
+ [[ ! -d /etc/ansible/roles/kubevirt-ansible/playbooks/kubevirt.yml ]]
+ ANSIBLE_ROLES_PATH=/etc/ansible/roles:/opt/ansible/roles
+ ansible-playbook /etc/ansible/roles/kubevirt-ansible/playbooks/kubevirt.yml -e action=provision --extra-vars '{"_apb_plan_id":"storage-demo","_apb_service_class_id":"60c8357b2a1cb091488d9c5586c4eb4b","_apb_service_instance_id":"49510c9c-c850-4f7c-b52f-32731422337a","admin_password":"redhat","admin_user":"qwang","cluster":"openshift","namespace":"qwang-storage-demo","storage_role":"storage-demo","version":"0.4.1-alpha.2"}'
[WARNING]: Found variable using reserved name: action
PLAY [localhost] ***************************************************************
TASK [kubevirt : include_tasks] ************************************************
included: /etc/ansible/roles/kubevirt-ansible/roles/kubevirt/tasks/provision.yml for localhost
TASK [kubevirt : Login As Super User] ******************************************
changed: [localhost]
TASK [kubevirt : Check if qwang-storage-demo exists] ***************************
changed: [localhost]
TASK [kubevirt : Create qwang-storage-demo namespace] **************************
skipping: [localhost]
TASK [kubevirt : Add Privileged Policy] ****************************************
changed: [localhost] => (item=kubevirt-privileged)
changed: [localhost] => (item=kubevirt-controller)
changed: [localhost] => (item=kubevirt-infra)
TASK [kubevirt : Add Hostmount-anyuid Policy] **********************************
changed: [localhost]
TASK [kubevirt : Check for kubevirt.yml template in /etc/ansible/roles/kubevirt-ansible/roles/kubevirt/templates] ***
ok: [localhost]
TASK [kubevirt : Download KubeVirt Template] ***********************************
changed: [localhost]
TASK [kubevirt : Render KubeVirt Yml] ******************************************
changed: [localhost]
TASK [kubevirt : Render BYO template] ******************************************
skipping: [localhost]
TASK [kubevirt : Create KubeVirt Resources] ************************************
changed: [localhost]
TASK [kubevirt : Download KubeVirt source] *************************************
changed: [localhost]
TASK [kubevirt : Extract /tmp/kubevirt.tar.gz into /tmp/kubevirt] **************
changed: [localhost]
TASK [kubevirt : Create default VM templates in OpenShift Namespace] ***********
changed: [localhost] => (item=vm-template-fedora)
changed: [localhost] => (item=vm-template-windows2012r2)
changed: [localhost] => (item=vm-template-rhel7)
PLAY [masters[0]] **************************************************************
TASK [Gathering Facts] *********************************************************
ok: [localhost]
TASK [storage-demo : include_tasks] ********************************************
included: /etc/ansible/roles/kubevirt-ansible/roles/storage-demo/tasks/provision.yml for localhost
TASK [storage-demo : Login As Super User] **************************************
changed: [localhost]
TASK [storage-demo : Check if namespace qwang-storage-demo exists] *************
changed: [localhost]
TASK [storage-demo : Create qwang-storage-demo namespace] **********************
skipping: [localhost]
TASK [storage-demo : Check for storage-demo serviceaccount] ********************
changed: [localhost]
TASK [storage-demo : Create storage-demo serviceaccount] ***********************
changed: [localhost]
TASK [storage-demo : Grant privileged access to storage-demo serviceaccount] ***
changed: [localhost]
TASK [storage-demo : Select a target node] *************************************
changed: [localhost]
TASK [storage-demo : Set the target node] **************************************
ok: [localhost]
TASK [storage-demo : Render storage-demo deployment yaml] **********************
changed: [localhost]
TASK [storage-demo : Create storage-demo Resources] ****************************
changed: [localhost]
TASK [cdi : include_tasks] *****************************************************
included: /etc/ansible/roles/kubevirt-ansible/roles/cdi/tasks/provision.yml for localhost
TASK [cdi : Determine Environment] *********************************************
changed: [localhost]
TASK [cdi : Check if namespace golden-images exists] ***************************
changed: [localhost]
TASK [cdi : Create golden-images namespace using kubectl] **********************
skipping: [localhost]
TASK [cdi : Create golden-images namespace using oc] ***************************
changed: [localhost]
TASK [cdi : Check if RBAC exists for CDI] **************************************
changed: [localhost]
TASK [cdi : Create RBAC for CDI] ***********************************************
changed: [localhost]
TASK [cdi : Render golden-images ResourceQuota deployment yaml] ****************
changed: [localhost]
TASK [cdi : Create golden-images ResourceQuota] ********************************
changed: [localhost]
TASK [cdi : Render CDI deployment yaml] ****************************************
changed: [localhost]
TASK [cdi : Create CDI deployment] *********************************************
changed: [localhost]
PLAY [masters nodes] ***********************************************************
[WARNING]: Could not match supplied host pattern, ignoring: nodes
TASK [storage-demo-nodeconfig : include_tasks] *********************************
included: /etc/ansible/roles/kubevirt-ansible/roles/storage-demo-nodeconfig/tasks/provision.yml for localhost
TASK [storage-demo-nodeconfig : Allow ceph OSD traffic] ************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to find required executable iptables in paths: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"}
to retry, use: --limit @/etc/ansible/roles/kubevirt-ansible/playbooks/kubevirt.retry
PLAY RECAP *********************************************************************
localhost : ok=34 changed=27 unreachable=0 failed=1
+ EXIT_CODE=2
+ set +ex
+ '[' -f /var/tmp/test-result ']'
+ exit 2
[root@host-172-16-120-33 ~]# oc get all
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
ds/virt-handler 3 3 2 3 2 <none> 16m
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
deploy/storage-demo 1 1 1 1 16m
deploy/virt-api 2 2 2 2 16m
deploy/virt-controller 2 2 2 1 16m
NAME DESIRED CURRENT READY AGE
rs/storage-demo-56cf75c588 1 1 1 16m
rs/virt-api-56c966985d 2 2 2 16m
rs/virt-controller-7559bf844b 2 2 1 16m
NAME READY STATUS RESTARTS AGE
po/storage-demo-56cf75c588-4dp5k 7/7 Running 1 16m
po/virt-api-56c966985d-w4d54 1/1 Running 0 16m
po/virt-api-56c966985d-xm46r 1/1 Running 0 16m
po/virt-controller-7559bf844b-rtc29 0/1 Running 0 16m
po/virt-controller-7559bf844b-wwtpd 1/1 Running 0 16m
po/virt-handler-nk747 0/1 Pending 0 1s
po/virt-handler-s46dc 1/1 Running 0 16m
po/virt-handler-s7h8z 1/1 Running 0 16m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
svc/virt-api ClusterIP 172.30.18.103 <none> 443/TCP 16m
[root@host-172-16-120-33 ~]# oc describe serviceinstance
Name: rh-virtualization-nfj55
Namespace: qwang-storage-demo
Labels: <none>
Annotations: <none>
API Version: servicecatalog.k8s.io/v1beta1
Kind: ServiceInstance
Metadata:
Creation Timestamp: 2018-04-23T16:55:11Z
Finalizers:
kubernetes-incubator/service-catalog
Generate Name: rh-virtualization-
Generation: 1
Resource Version: 58651
Self Link: /apis/servicecatalog.k8s.io/v1beta1/namespaces/qwang-storage-demo/serviceinstances/rh-virtualization-nfj55
UID: 16582cdc-4717-11e8-b609-0a580a820005
Spec:
Cluster Service Class External Name: rh-virtualization
Cluster Service Class Ref:
Name: 60c8357b2a1cb091488d9c5586c4eb4b
Cluster Service Plan External Name: storage-demo
Cluster Service Plan Ref:
Name: 546cf93c2d7615ef26ad81d1e369be9b
External ID: 49510c9c-c850-4f7c-b52f-32731422337a
Parameters From:
Secret Key Ref:
Key: parameters
Name: rh-virtualization-parametersu4zms
Update Requests: 0
User Info:
Extra:
Scopes . Authorization . Openshift . Io:
user:full
Groups:
system:authenticated:oauth
system:authenticated
UID:
Username: qwang
Status:
Async Op In Progress: false
Conditions:
Last Transition Time: 2018-04-23T16:55:12Z
Message: Provision call failed: Error occurred during provision. Please contact administrator if it persists.
Reason: ProvisionCallFailed
Status: False
Type: Ready
Last Transition Time: 2018-04-23T16:57:18Z
Message: Provision call failed: Error occurred during provision. Please contact administrator if it persists.
Reason: ProvisionCallFailed
Status: True
Type: Failed
Deprovision Status: Required
Orphan Mitigation In Progress: false
Reconciled Generation: 1
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning ErrorWithParameters 17m (x4 over 17m) service-catalog-controller-manager failed to prepare parameters nil: secrets "rh-virtualization-parametersu4zms" not found
Normal Provisioning 17m service-catalog-controller-manager The instance is being provisioned asynchronously
Warning ProvisionCallFailed 15m (x2 over 15m) service-catalog-controller-manager Provision call failed: Error occurred during provision. Please contact administrator if it persists.
Hi there,
ASB and service catalog worked as expected. Then I chose ephemeral storage plan to deploy kubevirt, then the deployment failed when executed "Allow ceph OSD traffic" task, the error was: Failed to find required executable iptables in paths: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin. Deploy storage-demo using kubevirt-ansible from CLI doesn't have the problem. The iptables was configured correctly. See kubevirt-ansible log: http://pastebin.test.redhat.com/581183
Here it the ansible log when deploy from web console: