Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-10065

Preprovisioned nodes fail to pull OVN container images after reboot

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • None
    • openstack-operator-dataplane
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • ?
    • ?
    • ?
    • ?
    • None
    • Moderate

      Preprovisioned nodes fail to pull OVN container images after reboot

      After node reboot, I get:

      TASK [osp.edpm.edpm_container_manage : Create containers managed by Podman for /var/lib/edpm-config/container-startup-config/ovn_controller] ***
changed: [edpm-compute-0]
[WARNING]: ERROR: Can't pull image registry.redhat.io/rhoso/openstack-ovn-
controller-
rhel9@sha256:5e8e082f30f876e67797ded5e9f34ac2c66e82149e3c4407f4f47e6affbcb217
stderr: Trying to pull registry.redhat.io/rhoso/openstack-ovn-controller-rhel9@
sha256:5e8e082f30f876e67797ded5e9f34ac2c66e82149e3c4407f4f47e6affbcb217...
Error: initializing source docker://registry.redhat.io/rhoso/openstack-ovn-
controller-
rhel9@sha256:5e8e082f30f876e67797ded5e9f34ac2c66e82149e3c4407f4f47e6affbcb217:
unable to retrieve auth token: invalid username/password: unauthorized: Please
login to the Red Hat Registry using your Customer Portal credentials. Further
instructions can be found here:
https://access.redhat.com/RegistryAuthentication
fatal: [edpm-compute-1]: FAILED! => {"changed": false, "msg": "Failed containers: ovn_controller"}

NO MORE HOSTS LEFT *************************************************************

NO MORE HOSTS LEFT *************************************************************

PLAY RECAP *********************************************************************
edpm-compute-0             : ok=51   changed=9    unreachable=0    failed=0    skipped=12   rescued=0    ignored=0   # <-- node was added during a previous run
edpm-compute-1             : ok=50   changed=8    unreachable=0    failed=1    skipped=12   rescued=0    ignored=0   # <-- new node

      And I have to manually log into the registry with the same credentials and then rerun.
      This happened 2x now, once for the first node in a previous run, and not again for the second node.

      The credentials inside secret redhat-registry are correct (tested with oc export secret and then I used the same login command). However, I am using a token (https://access.redhat.com/RegistryAuthentication). Was this tested? Is there a chance that jinja2 might replace some special chars?

      Is there a way to run the ansible playbooks with full verbosity?

              jslagle@redhat.com James Slagle
              akaris@redhat.com Andreas Karis
              rhos-dfg-df
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: