[BM-IPI] Installation fails when the bootstrapExternalStaticGateway IP is not a DNS server

Solution Verified - Updated -

Environment

  • Red Hat OpenShift Container Platform [RHOCP]
    • 4.11+

Issue

  • The release-image pull fails on bootstrap node due to lookup failures:
$ journalctl -b -f -u release-image.service -u bootkube.service
-- Logs begin at Fri 2022-10-28 07:17:32 UTC. --
Oct 28 07:18:25 localhost.localdomain systemd[1]: Starting Download the OpenShift Release Image...
Oct 28 07:18:25 localhost.localdomain release-image-download.sh[1770]: Pulling quay.io/openshift-release-dev/ocp-release@sha256:94b611f00f51c9acc44ca3f4634e46bd79d7d28b46047c7e3389d250698f0c99...
Oct 28 07:19:06 localhost.localdomain release-image-download.sh[1849]: Error: initializing source docker://quay.io/openshift-release-dev/ocp-release@sha256:94b611f00f51c9acc44ca3f4634e46bd79d7d28b46047c7e3389d250698f0c99: pinging container registry quay.io: Get "https://quay.io/v2/": proxyconnect tcp: dial tcp: lookup proxy-example.com on <bootstrapExternalStaticGateway>:53: read udp x.x.x.x:51457-><bootstrapExternalStaticGateway>:53: i/o timeout
  • The IP assigned to bootstrapExternalStaticGateway is treated as a nameserver during baremetal installer-provisioned installation.

Resolution

  • Red Hat is aware of this behavior and is being tracked through OCPBUGS-3542.

Root Cause

  • As per the current structure of nmconnection template, the value assigned to bootstrapExternalStaticGateway parameter in the install-config is used as the gateway as well as the dns.

  • Scenarios where the gateway is implemented as router and could not be configured as DNS proxy, the installation would fail. Hence, the team is discussing on the possibility of including a separate parameter for bootstrapExternalStaticDNS.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments