Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

when using the crio container runtime and enabling crio_registries ansible fails when the registry name contains paths #11029

Closed
pedro-peter opened this issue Mar 23, 2024 · 0 comments · Fixed by #11030
Closed

when using the crio container runtime and enabling crio_registries ansible fails when the registry name contains paths #11029

pedro-peter opened this issue Mar 23, 2024 · 0 comments · Fixed by #11030
Labels
kind/bug Categorizes issue or PR as related to a bug.

Comments

@pedro-peter
Copy link
Contributor

What happened?

when using the crio container runtime and enabling crio_registries:
https://github.com/kubernetes-sigs/kubespray/blob/master/docs/cri-o.md#allcrioyml

if the registry prefix or location variables contain paths (e.g. location: "my-registry/location/prod") the container-engine/cri-o : Cri-o | write registries configs task fails.

Example:

when setting these inventory vars:

vars:
  container_manager: crio
  # remap my-registry prod path -> testing
  crio_registries:
    - prefix: "my-registry/location/prod"
      insecure: false
      blocked: false
      location: "my-registry/location/testing"
      unqualified: false

ansible task:
https://github.com/kubernetes-sigs/kubespray/blob/master/roles/container-engine/cri-o/tasks/main.yaml#L158

will fail with error:

TASK [container-engine/cri-o : Cri-o | write registries configs] ***************************************************************************************************************************************************
failed: [myworker-001] (item={'prefix': 'my-registry/location/prod', 'insecure': False, 'blocked': False, 'location': 'my-registry/location/testing', 'unqualified': False}) => {
    "ansible_loop_var": "item",
    "changed": false,
    "checksum": "1c125198fd8d0acdda6097f3ad8d025fab774b5c",
    "item": {
        "blocked": false,
        "insecure": false,
        "location": "my-registry/location/testing",
        "prefix": "my-registry/location/prod",
        "unqualified": false
    }
}

because it's trying to write a file -> /etc/containers/registries.conf.d/10-my-registry/location/prod/config.conf and the sub directories (10-my-registry/location/prod/) do not exist.

What did you expect to happen?

the task should not fail when using paths in the registry name.

How can we reproduce it (as minimally and precisely as possible)?

create or upgrade a cluster using the crio-o container rutime and set crio_registries prefix or location with a path in the name.

example vars:

vars:
  container_manager: crio
  # remap my-registry prod path -> testing
  crio_registries:
    - prefix: "my-registry/location/prod"
      insecure: false
      blocked: false
      location: "my-registry/location/testing"
      unqualified: false

OS

NAME="Red Hat Enterprise Linux"
VERSION="8.9 (Ootpa)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="8.9"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Red Hat Enterprise Linux 8.9 (Ootpa)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:8::baseos"
HOME_URL="https://www.redhat.com/"
DOCUMENTATION_URL="https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8"
BUG_REPORT_URL="https://bugzilla.redhat.com/"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_BUGZILLA_PRODUCT_VERSION=8.9
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="8.9"

Version of Ansible

ansible [core 2.14.14]
config file = /kubespray/ansible.cfg
...
python version = 3.11.5 (main, Sep 7 2023, 00:00:00) [GCC 11.4.1 20230605 (Red Hat 11.4.1-2)] (/opt/venv/bin/python3.11)
jinja version = 3.1.3
libyaml = True

Version of Python

Python 3.11.5

Version of Kubespray (commit)

10679eb

Network plugin used

cilium

Full inventory with variables

vars:
  container_manager: crio
  # remap my-registry prod path -> testing
  crio_registries:
    - prefix: "my-registry/location/prod"
      insecure: false
      blocked: false
      location: "my-registry/location/testing"
      unqualified: false

Command used to invoke ansible

ansible-playbook -i my_inventory cluster.yml

Output of ansible run

....
TASK [container-engine/cri-o : Cri-o | write registries configs] ***************************************************************************************************************************************************
failed: [myworker-001] (item={'prefix': 'my-registry/location/prod', 'insecure': False, 'blocked': False, 'location': 'my-registry/location/testing', 'unqualified': False}) => {
    "ansible_loop_var": "item",
    "changed": false,
    "checksum": "1c125198fd8d0acdda6097f3ad8d025fab774b5c",
    "item": {
        "blocked": false,
        "insecure": false,
        "location": "my-registry/location/testing",
        "prefix": "my-registry/location/prod",
        "unqualified": false
    }
}
...

Anything else we need to know

No response
@pedro-peter pedro-peter added the kind/bug Categorizes issue or PR as related to a bug. label Mar 23, 2024
@pedro-peter pedro-peter mentioned this issue Mar 23, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

crio container runtime crio_registries path fix pedro-peter/kubespray
1 participant
@pedro-peter