Virtual media can not be mounted on:

iDRAC Firmware Version | 5.10.10.00

It works fine with this version:

iDRAC Firmware Version | 5.10.10.05

You can check idrac versions using racadm:

# sshpass -p "xxxxxx" ssh -o StrictHostKeyChecking=no [email protected] "racadm get iDRAC.Info"
[Key=iDRAC.Embedded.1#Info.1]
#Build=26
#CPLDVersion=1.0.7
#Description=This system component provides a complete set of remote management functions for Dell PowerEdge Servers
#HWRev=0.01
#IPMIVersion=2.0
#Name=iDRAC
#Product=Integrated Dell Remote Access Controller
#RollbackBuild=26
#RollbackVersion=5.10.10.00
#ServerGen=15G
#Type=15G Monolithic
#Version=5.10.10.00

Currently there is a race condition when waiting for nodes to be discovered vs when assigning roles to each node. We currently only wait until cluster count of nodes is equal to the expected amount of nodes. Infact we should also check if all nodes we expect are pending-for-input thus they wil be ready for assignment. The fix should be implemented here.

Better yet, lets start a document expanding any vendor specific boot order or bmc configuration requirements.

For jumbo clusters larger than 500 nodes, we need a configurable clusterNetwork cidr - https://github.com/redhat-performance/jetlag/blob/main/ansible/roles/hv-vm-manifests-jumbo/templates/manifest.yml.j2#L66

We need to add the tasks to create the vlan-ed interfaces for each remote worker node in the bastion setup playbook.

This is likely almost as easy as a cut and paste from the remote worker node deployment playbook.

Add an option to deploy performance-dashboards in the post deployment steps for a remote worker node and/or sno clusters.

Add a tips readme document to cover things such as:

• Change version of OCP deployed by assisted-installer (minor version, major versions, nightly/ci versions)
• Setting specific machines for ibmcloud (vars: bastion_hardware_id, controlplane_hardware_ids, worker_hardware_ids, and sno_hardware_ids)
• Increasing max-pods during deployment timeframe (vars: kubelet_config, kubelet_config_max_pods, and cluster_network_host_prefix)
• Deploying etcd on nvme storage
• Using localstorage for PVs
• Deploying a 2nd cluster using the same bastion maybe

Having kdump setup on day 1 will allow for quicker acquiring of data for any bugs found. We can enable kdump on day 1 through these instructions.

More people are using Jetlag and a typical tripping point is on how to install Ansible and which version of Ansible to use with Jetlag. We need to develop a clear understanding of what version of Ansible and how to install it (either rpm or pip+virtualenv) to get Jetlag setup on the bastion.

@mkarg75 Found an issue in that the resolution of idrac versions is actually incorrect. See #13 to see the lines which are not resolving correctly. Although the when statements is logically incorrect, the r640 machines actually boot correctly. However fc640 machines do not seem to boot correctly. We need to make sure the when statements are corrected but also make sure the iso booting via redfish for fc640s and r640s is setup correctly.

Using haproxy to pass traffic from laptop to bastion to cluster is easier than using sshuttle it seems, we should just have this enabled for ipv4 clusters too.

Synopsis: Assist Install's 'service' container exits within seconds after started when using podman version 3.4.2

Environment:
i used Jetlag to set up my SNO on a private lab, and therefore I had to hand crafted the inventory file and run Jetlag bastion setup as below:
$ ansible-playbook -i my-inventory-sno ansible/setup-bastion.yml

It is unlikely that the issue is unique my env.
Condition:
After the playbook ran successfully, about ten seconds later, 'podman ps -a' show the "assisted-service"container exited.

CONTAINER ID  IMAGE                                                       COMMAND               CREATED        STATUS                    PORTS       NAMES
9e046fbee711  k8s.gcr.io/pause:3.5                                                              3 minutes ago  Up 3 minutes ago                      5326b23064a5-infra
a52c71c6bc97  registry.centos.org/centos/httpd-24-centos7:latest          /usr/bin/run-http...  3 minutes ago  Up 3 minutes ago                      httpd
bb02daef013c  k8s.gcr.io/pause:3.5                                                              2 minutes ago  Up 2 minutes ago                      9ca9acdfc341-infra
1d4c1355f3a4  quay.io/edge-infrastructure/postgresql-12-centos7:latest    run-postgresql        2 minutes ago  Up 2 minutes ago                      db
7c6a0bdf714c  quay.io/edge-infrastructure/assisted-installer-ui:v2.0.7    /deploy/start.sh      2 minutes ago  Up 2 minutes ago                      gui
b184dd40183f  quay.io/edge-infrastructure/assisted-service:v2.0.10        /assisted-service     2 minutes ago  Exited (1) 2 minutes ago              service
864db440ac4c  quay.io/edge-infrastructure/assisted-image-service:v2.0.10  /assisted-image-s...  2 minutes ago  Up 2 minutes ago                      image-service
[root@perf176d jetlag]# 

Debug:
Step 1: 'service' could not reach "db" container port 5432

[root@perf176d jetlag]# podman logs b184dd40183f
false
time="2022-02-21T19:00:17Z" level=info msg="Setting log format: text" func=main.InitLogs file="/go/src/github.com/openshift/origin/cmd/main.go:161"
time="2022-02-21T19:00:17Z" level=info msg="Setting Log Level: info" func=main.InitLogs file="/go/src/github.com/openshift/origin/cmd/main.go:167"
time="2022-02-21T19:00:17Z" level=info msg="Starting bm service" func=main.main file="/go/src/github.com/openshift/origin/cmd/main.go:205"
time="2022-02-21T19:00:17Z" level=info msg="Started service with OS images [{\"openshift_version\": \"4.8\", \"cpu_architecture\": \"x86_64\", \"url\": \"http://perf176d.perf.lab.eng.bos.redhat.com:8081/4.8.32/rhcos-48.84.202109241901-0-live.x86_64.iso\", \"rootfs_url\": \"http://perf176d.perf.lab.eng.bos.redhat.com:8081/4.8.32/rhcos-48.84.202109241901-0-live-rootfs.x86_64.img\", \"version\": \"48.84.202109241901-0\"}], Release images [{\"openshift_version\": \"4.8\", \"cpu_architecture\": \"x86_64\", \"url\": \"quay.io/openshift-release-dev/ocp-release:4.8.32-x86_64\", \"version\": \"4.8.32\"}]" func=main.main file="/go/src/github.com/openshift/origin/cmd/main.go:225"
time="2022-02-21T19:00:17Z" level=info msg="Connecting to DB" func=main.setupDB file="/go/src/github.com/openshift/origin/cmd/main.go:627"
time="2022-02-21T19:00:17Z" level=info msg="Failed to connect to DB, retrying" func=main.setupDB.func1 file="/go/src/github.com/openshift/origin/cmd/main.go:634" error="failed to connect to `host=127.0.0.1 user=admin database=installer`: dial error (dial tcp 127.0.0.1:5432: connect: connection refused)"

Step 2: DB logs shows that it is listening on port 5432

root@perf176d jetlag]# podman logs 1d4c1355f3a4
pg_ctl: another server might be running; trying to start server anyway
waiting for server to start....2022-02-21 19:00:14.841 UTC [25] LOG:  starting PostgreSQL 12.1 on x86_64-redhat-linux-gnu, compiled by gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-39), 64-bit
2022-02-21 19:00:14.841 UTC [25] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2022-02-21 19:00:14.842 UTC [25] LOG:  listening on Unix socket "/tmp/.s.PGSQL.5432"
2022-02-21 19:00:14.846 UTC [25] LOG:  redirecting log output to logging collector process
2022-02-21 19:00:14.846 UTC [25] HINT:  Future log output will appear in directory "log".
 done
server started
/var/run/postgresql:5432 - accepting connections
=> sourcing /usr/share/container-scripts/postgresql/start/set_passwords.sh ...
ALTER ROLE
waiting for server to shut down.... done
server stopped
Starting server...
2022-02-21 19:00:15.055 UTC [1] LOG:  starting PostgreSQL 12.1 on x86_64-redhat-linux-gnu, compiled by gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-39), 64-bit
2022-02-21 19:00:15.056 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
2022-02-21 19:00:15.056 UTC [1] LOG:  listening on IPv6 address "::", port 5432
2022-02-21 19:00:15.056 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2022-02-21 19:00:15.056 UTC [1] LOG:  listening on Unix socket "/tmp/.s.PGSQL.5432"
2022-02-21 19:00:15.060 UTC [1] LOG:  redirecting log output to logging collector process
2022-02-21 19:00:15.060 UTC [1] HINT:  Future log output will appear in directory "log".

step 3: Netstat on the host shows no one listening on 5432

[root@perf176d jetlag]# netstat -a | grep 5432
[root@perf176d jetlag]# 

Workaround:
Reinstall an older podman version such as podman-3.2.3 fix the problem. Everything works fine.

Right now, jetlag is able to deploy SNO and remote worker node environments. It would be great to be able to drive regular cluster installs (not rwn) by getting rid of the remote worker node specific node stuff.

It seems the r750 nodes in the Alias lab ended up installing a cluster however the playbook timed out on max recursion. We should root cause why those machines took so long to boot into their post discovery install. Perhaps the machines have a really long boot cycle until they boot the disk we installed on?

We recently had a scalelab cloud expanded and the fact we always pick the first machine as the bastion and subsequent machines for control-plane and worker nodes means our inventory was essentially jumbled. We should think of other methods to picking machines for bastion/control-plane/worker that would handle that situation.

Newer versions of the assisted installer have a different api for static network applying under /clusters/{cluster_id}/downloads/image

We should not hard code this.

It seems the 4.10 builds lack the proper url to perform these tasks

Error:

TASK [bm-post-cluster-install : Determine metal3 provisioning URL] *********************************************************************************************************************************
Tuesday 22 February 2022  17:06:02 +0000 (0:00:00.032)       1:01:40.518 ******
changed: [f04-h17-b07-5039ms.rdu2.scalelab.redhat.com]

TASK [bm-post-cluster-install : Set download url] **************************************************************************************************************************************************
Tuesday 22 February 2022  17:06:02 +0000 (0:00:00.349)       1:01:40.867 ******
fatal: [f04-h17-b07-5039ms.rdu2.scalelab.redhat.com]: FAILED! => {"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'provisioningOSDownloadURL'\n\nThe error appears to be in '/root/acm-ztp/jetlag/ansible/roles/bm-post-cluster-install/tasks/main.yml': line 114, column 5, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n  - name: Set download url\n    ^ here\n"}

And the provisionings object:

# oc get provisionings provisioning-configuration -o yaml
apiVersion: metal3.io/v1alpha1
kind: Provisioning
metadata:
  creationTimestamp: "2022-02-22T16:19:28Z"
  finalizers:
  - provisioning.metal3.io
  generation: 2
  name: provisioning-configuration
  resourceVersion: "9759"
  uid: e5cb49a0-4514-4289-8653-ccc95225c001
spec:
  preProvisioningOSDownloadURLs: {}
  provisioningNetwork: Disabled
status:
  generations:
  - group: apps
    hash: ""
    lastGeneration: 1
    name: metal3
    namespace: openshift-machine-api
    resource: deployments
  - group: apps
    hash: ""
    lastGeneration: 1
    name: metal3-image-cache
    namespace: openshift-machine-api
    resource: daemonsets
  - group: admissionregistration.k8s.io
    hash: ""
    lastGeneration: 1
    name: baremetal-operator-validating-webhook-configuration
    namespace: ""
    resource: validatingwebhookconfigurations
  - group: apps
    hash: ""
    lastGeneration: 1
    name: metal3-image-customization
    namespace: openshift-machine-api
    resource: deployments
  observedGeneration: 2
  readyReplicas: 0

Basically just add this command:

# oc image mirror -a /opt/registry/sync/pull-secret-disconnected.acm_d.txt registry.redhat.io/rhel8/support-tools example.com:5000/rhel8/support-tools --keep-manifest-list --continue-on-error=true

Hi,

It is happened in ALIAS lab machines
e23-h19-740xd.alias.bos.scalelab.redhat.com
e23-h17-740xd.alias.bos.scalelab.redhat.com

TASK [hv-install : Install python packages] *********************************************************************************************************************************
Monday 06 February 2023 16:46:16 +0000 (0:01:01.714) 0:01:04.258 *******
failed: [e23-h19-740xd.alias.bos.scalelab.redhat.com] (item={'name': 'libvirt-python', 'version': '6.0.0'}) => {"ansible_loop_var": "item", "changed": false, "cmd": ["/usr/local/bin/pip3", "install", "libvirt-python==6.0.0"], "item": {"name": "libvirt-python", "version": "6.0.0"}, "msg": "stdout: Collecting libvirt-python==6.0.0\n Downloading libvirt-python-6.0.0.tar.gz (196 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nUsing legacy 'setup.py install' for libvirt-python, since package 'wheel' is not installed.\nInstalling collected packages: libvirt-python\n Attempting uninstall: libvirt-python\n Found existing installation: libvirt-python 8.0.0\n\n:stderr: ERROR: Cannot uninstall 'libvirt-python'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.\n"}
failed: [e23-h17-740xd.alias.bos.scalelab.redhat.com] (item={'name': 'libvirt-python', 'version': '6.0.0'}) => {"ansible_loop_var": "item", "changed": false, "cmd": ["/usr/local/bin/pip3", "install", "libvirt-python==6.0.0"], "item": {"name": "libvirt-python", "version": "6.0.0"}, "msg": "stdout: Collecting libvirt-python==6.0.0\n Downloading libvirt-python-6.0.0.tar.gz (196 kB)\n Preparing metadata (setup.py): started\n Preparing metadata (setup.py): finished with status 'done'\nUsing legacy 'setup.py install' for libvirt-python, since package 'wheel' is not installed.\nInstalling collected packages: libvirt-python\n Attempting uninstall: libvirt-python\n Found existing installation: libvirt-python 8.0.0\n\n:stderr: ERROR: Cannot uninstall 'libvirt-python'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.\n"}

PLAY RECAP ******************************************************************************************************************************************************************
e23-h17-740xd.alias.bos.scalelab.redhat.com : ok=2 changed=1 unreachable=0 failed=1 skipped=5 rescued=0 ignored=0
e23-h19-740xd.alias.bos.scalelab.redhat.com : ok=2 changed=1 unreachable=0 failed=1 skipped=5 rescued=0 ignored=0

Monday 06 February 2023 16:46:21 +0000 (0:00:04.878) 0:01:09.136 *******

hv-install : Install packages --------------------------------------------------------------------------------------------------------------------------------------- 61.71s
hv-install : Install python packages --------------------------------------------------------------------------------------------------------------------------------- 4.88s
Gathering Facts ------------------------------------------------------------------------------------------------------------------------------------------------------ 2.11s
install-tc : Wait for machine to be ready after reboot --------------------------------------------------------------------------------------------------------------- 0.11s
install-tc : Install packages ---------------------------------------------------------------------------------------------------------------------------------------- 0.09s
install-tc : Wait for machine rebooting ------------------------------------------------------------------------------------------------------------------------------ 0.07s
install-tc : Reboot hypervisor --------------------------------------------------------------------------------------------------------------------------------------- 0.07s
install-tc : Install kernel modules ---------------------------------------------------------------------------------------------------------------------------------- 0.06s

As workaround need replace in /root/jetlag/ansible/roles/hv-install/tasks/main.yml

• name: Install python packages
  pip:
  name: pip
  extra_args: --upgrade
  loop:

• name: Install python packages
  pip:
  name: "{{ item.name }}"
  loop:

  • name: libvirt-python
  • name: setuptools_rust
  • name: sushy-tools

It seems SNOs use the hostvar ip_address instead of ip as bm and rwn composed clusters. For consistency and ability to "cut and paste" hosts from different spots in the inventory this should help prevent any additional layers of vars being mix-ed up.

We attempted to deploy a large cluster today via Jetlag and ran into at least one issue in which the discovery image generation would take longer than 30s (The default timeout for the URI module in Ansible).

We should:

• Document in the troubleshooting and/or tips document limits to larger clusters (Seems that larger than 25 nodes will result in this timeout)
• Bump the timeout either by default to something much larger or bump only when above a specific threshold of nodes
• See issue #141 and see if the image generation service fixes this problem

If a host such as a dell node has a virtualmedia resource left from a previous run or a different bastion, then the virtualmedia will fail to eject and won't be able to be replaced by a new discovery iso. We should see if we can detect the virtualmedia and remove the specific virtualmedia or remove all virtualmedia regardless of where it came from.

If there is old virtualmedia, you will get an error resembling:

fatal: [example.rdu2.scalelab.redhat.com]: FAILED! => {"changed": false, "msg": "Unable to find an available VirtualMedia resource supporting ['CD', 'DVD']"}

This can help people over come the barrier of figuring out the hardware order process and help move more of our team to IBM cloud.

Goal would be to prevent attempting to boot an iso when you can not actually perform the unmount/mount commands to do so without the proper privileges.

[root@jetlag-bm0 ~]# SMCIPMITool xxxxxxxx root xxxxxxxxx user list
Maximum number of Users          : 10
Count of currently enabled Users : 8
 User ID | User Name       | Privilege Level    | Enable       
 ------- | -----------     | ---------------    | ------       
       3 | root            | Operator           | Yes          
[root@jetlag-bm0 ~]# SMCIPMITool xxxxxxxx root xxxxxxxxx user list
Maximum number of Users          : 10
Count of currently enabled Users : 8
 User ID | User Name       | Privilege Level    | Enable       
 ------- | -----------     | ---------------    | ------       
       2 | ADMIN           | Administrator      | Yes          
       3 | root            | Administrator      | Yes

Document the vendor and firmware versions of BMC that refuse to power on from redfish command and give no return error.

We can identify the hardware vendor by this hardwareChassis field for ibmcloud:

Example Supermicro:

$ ibmcloud sl hardware detail 960237 -p --output json | jq '.hardwareChassis'
{
  "id": 30,
  "name": "SMCH12"
}

Example Lenovo:

$ ibmcloud sl hardware detail 3145980 -p --output json | jq '.hardwareChassis'
{
  "id": 793,
  "name": "SR630"
}

As tested several times, it seems the Supermicro tasks do not always work as intended. Although BootSourceOverrideEnabled is set to once, the machines do not instantly boot to a virtual iso and instead follow the typical pattern of running through the entire boot order. I am unsure if this is an issue with the tasks, the hardware, redfish or the firmware. The only known workaround at the moment is to ensure cdrom is earlier in boot order than the hard disk and observe the status of the install and manually eject the virtual cdrom once the install completes writing to the disk.

We should be able to follow the same process as how a remote worker node cluster can place etcd on nvme via ignition override.

I'm thinking that we should at this point separate out the remote worker node/ node-density testing stuff from jetlag to keep it focused as a deployment tool. Thoughts?

New Feature Request:

1. Recognize hardware that fails or likely to fail during the install.
2. Continue to deploy on the healthy set of nodes skipping the failed hardware.
3. Report which nodes failed to deploy

Large scale cluster deployment get stuck due to some bad nodes (bad hardware or incorrect/unsupported configuration). The installation should be able to skip such nodes for installation.

Maybe this is not a common use case, but adding the request here. I'd like to do SNO installs on arbitrary hosts which are not in alias or scalelab, is there some way of supporting that? I could supply a file containing whatever info you normally automatically capture from alias/scalelab reservations.

Issue is here.

Example of issue:

$ ./rwn-workload.py --dry-run -B 100 -P 10 -L 100
2021-06-02 20:41:05,107 : INFO : ###############################################################################
2021-06-02 20:41:05,108 : INFO : RWN Workload
2021-06-02 20:41:05,108 : INFO : ###############################################################################
2021-06-02 20:41:05,108 : INFO : Indexing server is unset, disabling all indexing
2021-06-02 20:41:05,108 : INFO : Scenario Phases:
2021-06-02 20:41:05,108 : INFO : * Workload Phase - No measurement indexing
2021-06-02 20:41:05,108 : INFO :   * 12 Namespaces/Deployments/Pods
2021-06-02 20:41:05,108 : INFO :   * Guaranteed QOS Pods w/ 29 cores and 120 memory
2021-06-02 20:41:05,108 : INFO :   * 100 Shared Node-Selectors
2021-06-02 20:41:05,108 : INFO :   * 100 Unique Node-Selectors
2021-06-02 20:41:05,108 : INFO :   * RWN tolerations
2021-06-02 20:41:05,108 : INFO : * Impairment Phase - 30s Duration
2021-06-02 20:41:05,108 : INFO :   * Link Latency: 100ms
2021-06-02 20:41:05,108 : INFO :   * Packet Loss: 10%
2021-06-02 20:41:05,108 : INFO :   * Bandwidth Limit: 100kbits
2021-06-02 20:41:05,108 : INFO : * Cleanup Phase - No measurement indexing
2021-06-02 20:41:05,108 : INFO : ###############################################################################
2021-06-02 20:41:05,108 : INFO : Workload phase starting
2021-06-02 20:41:05,108 : INFO : ###############################################################################
2021-06-02 20:41:05,111 : INFO : Created /tmp/tmpwizgakxg
2021-06-02 20:41:05,111 : INFO : Created /tmp/tmpwizgakxg/rwn-create.yml
2021-06-02 20:41:05,111 : INFO : Created /tmp/tmpwizgakxg/rwn-deployment-selector.yml
2021-06-02 20:41:05,111 : INFO : Command: echo kube-burner init -c rwn-create.yml --uuid 84181276-82e3-44ed-b529-e0ad21d001ab
2021-06-02 20:41:05,112 : INFO : Output : kube-burner init -c rwn-create.yml --uuid 84181276-82e3-44ed-b529-e0ad21d001ab
2021-06-02 20:41:05,112 : INFO : Workload phase complete
2021-06-02 20:41:05,112 : INFO : ###############################################################################
2021-06-02 20:41:05,112 : INFO : Impairment phase starting
2021-06-02 20:41:05,112 : INFO : ###############################################################################
2021-06-02 20:41:05,112 : INFO : Impairment start: 1622666465.1, end: 1622666495.1, duration: 30
2021-06-02 20:41:05,112 : INFO : Applying latency, packet loss, bandwidth limit impairments
2021-06-02 20:41:05,112 : INFO : Command: echo tc qdisc add dev ens1f1.100 root netem delay 100ms loss 10% rate 100kbit
2021-06-02 20:41:05,113 : INFO : Output : tc qdisc add dev ens1f1.100 root netem delay 100ms loss 10% rate 100kbit
2021-06-02 20:41:05,113 : INFO : Command: echo tc qdisc add dev ens1f1.101 root netem delay 100ms loss 10% rate 100kbit
2021-06-02 20:41:05,114 : INFO : Output : tc qdisc add dev ens1f1.101 root netem delay 100ms loss 10% rate 100kbit
2021-06-02 20:41:05,114 : INFO : Command: echo tc qdisc add dev ens1f1.102 root netem delay 100ms loss 10% rate 100kbit
2021-06-02 20:41:05,115 : INFO : Output : tc qdisc add dev ens1f1.102 root netem delay 100ms loss 10% rate 100kbit
2021-06-02 20:41:05,115 : INFO : Command: echo tc qdisc add dev ens1f1.103 root netem delay 100ms loss 10% rate 100kbit
2021-06-02 20:41:05,116 : INFO : Output : tc qdisc add dev ens1f1.103 root netem delay 100ms loss 10% rate 100kbit
2021-06-02 20:41:05,116 : INFO : Command: echo tc qdisc add dev ens1f1.104 root netem delay 100ms loss 10% rate 100kbit
2021-06-02 20:41:05,117 : INFO : Output : tc qdisc add dev ens1f1.104 root netem delay 100ms loss 10% rate 100kbit
2021-06-02 20:41:05,117 : INFO : Command: echo tc qdisc add dev ens1f1.105 root netem delay 100ms loss 10% rate 100kbit
2021-06-02 20:41:05,118 : INFO : Output : tc qdisc add dev ens1f1.105 root netem delay 100ms loss 10% rate 100kbit
2021-06-02 20:41:15,162 : INFO : Remaining impairment duration: 20.1
2021-06-02 20:41:25,200 : INFO : Remaining impairment duration: 10.0
2021-06-02 20:41:35,129 : INFO : Removing bandwidth, latency, and packet loss impairments
2021-06-02 20:41:35,129 : INFO : Command: echo tc qdisc del dev ens1f1.100 root netem
2021-06-02 20:41:35,134 : INFO : Output : tc qdisc del dev ens1f1.100 root netem
2021-06-02 20:41:35,135 : INFO : Command: echo tc qdisc del dev ens1f1.101 root netem
2021-06-02 20:41:35,139 : INFO : Output : tc qdisc del dev ens1f1.101 root netem
2021-06-02 20:41:35,140 : INFO : Command: echo tc qdisc del dev ens1f1.102 root netem
2021-06-02 20:41:35,145 : INFO : Output : tc qdisc del dev ens1f1.102 root netem
2021-06-02 20:41:35,145 : INFO : Command: echo tc qdisc del dev ens1f1.103 root netem
2021-06-02 20:41:35,150 : INFO : Output : tc qdisc del dev ens1f1.103 root netem
2021-06-02 20:41:35,151 : INFO : Command: echo tc qdisc del dev ens1f1.104 root netem
2021-06-02 20:41:35,155 : INFO : Output : tc qdisc del dev ens1f1.104 root netem
2021-06-02 20:41:35,156 : INFO : Command: echo tc qdisc del dev ens1f1.105 root netem
2021-06-02 20:41:35,161 : INFO : Output : tc qdisc del dev ens1f1.105 root netem
2021-06-02 20:41:35,162 : INFO : Impairment phase complete
2021-06-02 20:41:35,162 : INFO : ###############################################################################
2021-06-02 20:41:35,162 : INFO : Post impairment pod eviction check
2021-06-02 20:41:35,162 : INFO : ###############################################################################
2021-06-02 20:41:35,163 : INFO : Command: echo oc get ev -A --field-selector reason=TaintManagerEviction -o json
Traceback (most recent call last):
  File "/home/akrzos/akrh/code/akrzos/jetlag/workload/./rwn-workload.py", line 739, in <module>
    sys.exit(main())
  File "/home/akrzos/akrh/code/akrzos/jetlag/workload/./rwn-workload.py", line 621, in main
    json_data = json.loads(output)
  File "/usr/lib64/python3.9/json/__init__.py", line 346, in loads
    return _default_decoder.decode(s)
  File "/usr/lib64/python3.9/json/decoder.py", line 337, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "/usr/lib64/python3.9/json/decoder.py", line 355, in raw_decode
    raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)

Move to the image hosting service for assisted service - review this

Similar to disconnected lab clusters, we should setup haproxy to enable communication to the clusters built on the private network in ibmcloud.

It seems that this vars may actually not really need configuration since we have had more than one machine vendor and had not needed to customize them. We need to investigate if they are required or if we can remove them.

SNO deploy failed due to unavailable http sevice on bastion node and httpd container logs complained about file permission,

# podman logs 610a32ce203d
sed: couldn't open temporary file /etc/httpd/conf/sedCDaZFQ: Permission denied

Found to be an issue with Enforced SELinux setting on the bastion node.
Setting the policy to permissive helps to get rid of this permission issue.

# setenforce 0 
# getenforce
Permissive

Ansible says netcommon is being deprecated and I suspect largely one of the major tripping points over Ansible versions with jetlag, we should move to the latest and ensuring we install and use filters from a virtualenv.

TASK [create-inventory : Place inventory file named cloud29.local into inventory directory] **************************************************************************************************
Tuesday 21 June 2022  12:05:50 +0000 (0:00:00.031)       0:00:06.610 ********** 
[DEPRECATION WARNING]: Use 'ansible.utils.nthhost' module instead. This feature will be removed from ansible.netcommon in a release after 2024-01-01. Deprecation warnings can be disabled by
 setting deprecation_warnings=False in ansible.cfg.

Can we have some releases tagged? I'm watching for new content via new releases, and this project does not have any.

For instance:

# pip3 freeze | grep ansible
ansible==4.10.0
ansible-core==2.11.9

Results:

# ansible -i 'localhost,' all -m shell -a "echo {{ 'fc00:1000::/64' | ansible.netcommon.nthhost(228) }}" 2>/dev/null
localhost | CHANGED | rc=0 >>
fc00:1000::e4
# ansible -i 'localhost,' all -m shell -a "echo {{ 'fc00:1000::/64' | next_nth_usable(228) }}" 2>/dev/null
localhost | FAILED | rc=-1 >>
template error while templating string: no filter named 'next_nth_usable'. String: echo {{ 'fc00:1000::/64' | next_nth_usable(228) }}

Vs

# pip3 freeze | grep ansible
ansible==4.10.0
ansible-core==2.11.7

Results in:

# ansible -i 'localhost,' all -m shell -a "echo {{ 'fc00:1000::/64' | ansible.netcommon.nthhost(228) }}" 2>/dev/null
localhost | CHANGED | rc=0 >>
fc00:1000::e4
# ansible -i 'localhost,' all -m shell -a "echo {{ 'fc00:1000::/64' | next_nth_usable(228) }}" 2>/dev/null
localhost | CHANGED | rc=0 >>
fc00:1000::e4

Looks like next_nth_usable is being deprecated.

Using the primary private subnet seems fine for SNOs while expanding and/or obtaining new hardware however if using the primary private subnet with multi-node clusters which have an api/ingress address vip ip, a 2nd subnet should be used.

Possible Production environment scenario

• An unclean bastion node, can use previous running services on port 53. Maybe check for the port is already in use, if so delete/re-assign other port for dnsmasq on bastion node.

• httpd services can be running, clean up the previously running services.

We need to replace these two tasks with something that does not depend on an external container image.

https://github.com/redhat-performance/jetlag/blob/main/ansible/roles/boot-iso/tasks/dell.yml#L5

https://github.com/redhat-performance/jetlag/blob/main/ansible/roles/boot-iso/tasks/dell.yml#L39

Research if we should bump discovery image neighbor arp table size from default:

[root@localhost ~]# sysctl net.ipv6.neigh.default.gc_thresh1
net.ipv6.neigh.default.gc_thresh1 = 128
[root@localhost ~]# sysctl net.ipv6.neigh.default.gc_thresh2
net.ipv6.neigh.default.gc_thresh2 = 512
[root@localhost ~]# sysctl net.ipv6.neigh.default.gc_thresh3
net.ipv6.neigh.default.gc_thresh3 = 1024
[root@localhost ~]# sysctl net.ipv4.neigh.default.gc_thresh1
net.ipv4.neigh.default.gc_thresh1 = 128
[root@localhost ~]# sysctl net.ipv4.neigh.default.gc_thresh2
net.ipv4.neigh.default.gc_thresh2 = 512
[root@localhost ~]# sysctl net.ipv4.neigh.default.gc_thresh3
net.ipv4.neigh.default.gc_thresh3 = 1024

To what OCP ships with via cluster-node-tuning-operator:

[root@e38-h06-000-r650 ~]# sysctl net.ipv6.neigh.default.gc_thresh1
net.ipv6.neigh.default.gc_thresh1 = 8192
[root@e38-h06-000-r650 ~]# sysctl net.ipv6.neigh.default.gc_thresh2
net.ipv6.neigh.default.gc_thresh2 = 32768
[root@e38-h06-000-r650 ~]# sysctl net.ipv6.neigh.default.gc_thresh3
net.ipv6.neigh.default.gc_thresh3 = 65536
[root@e38-h06-000-r650 ~]# sysctl net.ipv4.neigh.default.gc_thresh1
net.ipv4.neigh.default.gc_thresh1 = 8192
[root@e38-h06-000-r650 ~]# sysctl net.ipv4.neigh.default.gc_thresh2
net.ipv4.neigh.default.gc_thresh2 = 32768
[root@e38-h06-000-r650 ~]# sysctl net.ipv4.neigh.default.gc_thresh3
net.ipv4.neigh.default.gc_thresh3 = 65536

Create lenovo.yml under jetlag/ansible/roles/boot-iso/tasks with supported redfish server management and virtual media commands/modules

I believe SNOs can only be deployed with OVN Kubernetes network type thus we should remove the option to deploy OpenShiftSDN, change the var from an array into a string and simplify the tasks related to SNOs and the network type.

https://github.com/redhat-performance/jetlag/blob/main/ansible/roles/sno-install-cluster/tasks/main.yml#L4-L16

Currently the hypervisor impairments playbook only allows one "nic" (impaired_nic) to be set, this should be set per host (hostvars[inventory_hostname]['impaired_nic']) instead of a "global" var such that hypervisors will configure the correct nic to be impaired in a heterogeneous hypervisor environment.

The Supermicro provided tool called SMCIPMITool can mount/unmount virtual media and do many other things. We should automate using it with IBMCloud Supermicro hardware so we can have a more automated install process.

Example:

$ ./SMCIPMITool x.x.x.x root xxxxxxxxx wsiso umount
Done
$ ./SMCIPMITool x.x.x.x root xxxxxxxxx wsiso mount "http://x.x.x.x:8081" /iso/discovery.iso
mounting ISO file ...
Mount ISO successfully

It seems we also need to place the iso files into one level deep on the directory tree of the http server in order for it to behave as expected as well.