search

openshift / installer

Install an OpenShift 4.x cluster
https://try.openshift.com
Apache License 2.0
1.44k stars 1.39k forks source link

Ignition script does not seem to configure proxy settings on master nodes #6744

Closed remiblondel closed 1 year ago

remiblondel commented 1 year ago

Version

$ openshift-install version
./openshift-install 4.11.18
built from commit 050fa95f79d92161df16578870ecd2764ab7a38e
release image quay.io/openshift-release-dev/ocp-release@sha256:22e149142517dfccb47be828f012659b1ccf71d26620e6f62468c264a7ce7863
release architecture amd64

Platform:

aws

IPI

Initial configuration

Proxy section in my install-config.yaml file looks like this:

proxy:
  httpProxy: http://myproxy.domain.name:3128
  httpsProxy: http://myproxy.domain.name:3128
  noProxy: .some.other.domain

The problem

Proxy configuration was nowhere to be found on master nodes even though I see it on the bootstrap node when I do: env | grep proxy

This leads the master nodes to fail pulling images on quay.io:

sh[2260]: Error: initializing source docker://quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:9a00c3ca18cd9ce1a840fafb8657cea215a7bcb2ebc2078e23add75213779e3e: pinging container registry quay.io: Get "https://quay.io/v2/": dial tcp 44.206.77.171:443: i/o timeout

Additional Info

  1. Flow from the master nodes to the proxy is open:

    curl https://quay.io/v2/ -x http://myproxy.domain.name:3128

    -> Returns "True"

  2. Proxy configuration was nowhere to be found on master nodes even though I see it on the bootstrap node when I do: env | grep proxy

  3. Also, I can see those lines in the bootstrap node logs but not in the master nodes:

    ignition[1138]: INFO     : files: createFilesystemsFiles: createFiles: op(5): [started]  writing file "/sysroot/etc/profile.d/proxy.sh"
ignition[1138]: INFO     : files: createFilesystemsFiles: createFiles: op(5): [finished] writing file "/sysroot/etc/profile.d/proxy.sh"

    (proxy.sh file exports the proxy settings I put in the install-config.yaml file).

Followed documentation

https://docs.openshift.com/container-platform/4.11/installing/installing_aws/installing-restricted-networks-aws-installer-provisioned.html#installation-configure-proxy_installing-restricted-networks-aws-installer-provisioned

remiblondel commented 1 year ago

After some additional troubleshooting, I found out that proxy settings on master nodes are not set through the ignition script (which creates a proxy.sh file) like for the bootstrap node.

Proxy configuration on master nodes directly depends on the cluster-proxy-01-config.yaml file generated after launching openshift-install create manifests command.

This file was accidentaly overwritten at some point (the proxy settings were deleted), leading the proxy configuration not to be applied.