kolla-ansible genconfig unprivileged
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kolla |
Invalid
|
Wishlist
|
Unassigned |
Bug Description
I'm trying to run:
kolla-ansible genconfig
On my machine as a non root user to generate configs that then are consumed by kolla-kubernetes.
I'm running it as a different user as I want to ensure it is not making changes to the system, as it should only be generating config files. But it seems to be trying.
It stops part way through complaining about not being able to change the following for haproxy:
net.ipv4.
net.unix.
Manually setting them on the node, gets it further. but then fails at:
[nova : Setting sysctl values]
trying to set:
net.ipv4.
net.ipv4.
These in particular are worrying to me. Why is it trying to do this? There may be other things its trying to do too. Haven't gotten all the way to the end yet.
Changed in kolla: | |
status: | New → Triaged |
milestone: | none → newton-rc2 |
Changed in kolla: | |
status: | Triaged → Confirmed |
importance: | Undecided → Critical |
Changed in kolla: | |
milestone: | newton-rc2 → ocata-1 |
milestone: | ocata-1 → none |
diff --git a/ansible/ roles/neutron/ tasks/config. yml b/ansible/ roles/neutron/ tasks/config. yml roles/neutron/ tasks/config. yml roles/neutron/ tasks/config. yml ip_forward" , value: 1} conf.all. rp_filter" , value: 0} conf.default. rp_filter" , value: 0} conf.all. rp_filter" , value: 0} conf.default. rp_filter" , value: 0} 'neutron- l3-agent' ] roles/nova/ tasks/config. yml b/ansible/ roles/nova/ tasks/config. yml roles/nova/ tasks/config. yml roles/nova/ tasks/config. yml bridge- nf-call- iptables" , value: 1} bridge- nf-call- ip6tables" , value: 1} conf.all. rp_filter" , value: 0} conf.default. rp_filter" , value: 0} conf.all. rp_filter" , value: 0} conf.default. rp_filter" , value: 0}
index 9c285b5..10d5b5a 100644
--- a/ansible/
+++ b/ansible/
@@ -3,8 +3,8 @@
sysctl: name={{ item.name }} value={{ item.value }} sysctl_set=yes
with_items:
- { name: "net.ipv4.
- - { name: "net.ipv4.
- - { name: "net.ipv4.
+# - { name: "net.ipv4.
+# - { name: "net.ipv4.
when:
- set_sysctl | bool
- inventory_hostname in groups[
diff --git a/ansible/
index 8841635..7bd998e 100644
--- a/ansible/
+++ b/ansible/
@@ -4,8 +4,8 @@
with_items:
- { name: "net.bridge.
- { name: "net.bridge.
- - { name: "net.ipv4.
- - { name: "net.ipv4.
+# - { name: "net.ipv4.
+# - { name: "net.ipv4.
when:
- set_sysctl | bool
- inventory_hostname in groups['compute']
With this, and the other haproxy stuff, it seems to generate configs now.
These checks/sets need to be disabled for genconfig.