quay/mirror-registry

Installing airgapped fails when setting --quayRoot to non-default

pdfruth opened this issue · 5 comments

pdfruth commented

I have downloaded offline tarball for release 1.0.0-RC2 from;
https://github.com/quay/openshift-mirror-registry/releases/download/1.0.0-RC2/openshift-mirror-registry-offline.tar.gz

Installation to a non-default --quayRoot location fails as follows;

sudo ./openshift-mirror-registry install --initPassword=passw0rd --targetHostname=installer.internal.net --ssh-key=/root/.ssh/id_rsa --quayRoot=/opt/registry/quay-install --sslCert=/home/ibmdemo/setup-quay-mirror-registry/mirror-registry.crt --sslKey=/home/ibmdemo/setup-quay-mirror-registry/mirror-registry.key --verbose

   __   __
  /  \ /  \     ______   _    _     __   __   __
 / /\ / /\ \   /  __  \ | |  | |   /  \  \ \ / /
/ /  / /  \ \  | |  | | | |  | |  / /\ \  \   /
\ \  \ \  / /  | |__| | | |__| | / ____ \  | |
 \ \/ \ \/ /   \_  ___/  \____/ /_/    \_\ |_|
  \__/ \__/      \ \__
                  \___\ by Red Hat
 Build, Store, and Distribute your Containers
	
INFO[2022-01-01 23:49:42] Install has begun                            
DEBU[2022-01-01 23:49:42] Ansible Execution Environment Image: quay.io/quay/openshift-mirror-registry-ee:latest 
DEBU[2022-01-01 23:49:42] Redis Image: registry.access.redhat.com/ubi8/pause:latest 
DEBU[2022-01-01 23:49:42] Quay Image: registry.redhat.io/quay/quay-rhel8:v3.6.1 
DEBU[2022-01-01 23:49:42] Redis Image: registry.redhat.io/rhel8/redis-6:1-25 
DEBU[2022-01-01 23:49:42] Postgres Image: registry.redhat.io/rhel8/postgresql-10:1-161 
INFO[2022-01-01 23:49:42] Found execution environment at /home/ibmdemo/setup-quay-mirror-registry/execution-environment.tar 
INFO[2022-01-01 23:49:42] Loading execution environment from execution-environment.tar 
DEBU[2022-01-01 23:49:42] Importing execution enviornment with command: /bin/bash -c sudo /usr/bin/podman image import \
					--change 'ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' \
					--change 'ENV HOME=/home/runner' \
					--change 'ENV container=oci' \
					--change 'ENTRYPOINT=["entrypoint"]' \
					--change 'WORKDIR=/runner' \
					--change 'EXPOSE=6379' \
					--change 'VOLUME=/runner' \
					--change 'CMD ["ansible-runner", "run", "/runner"]' \
					- quay.io/quay/openshift-mirror-registry-ee:latest < /home/ibmdemo/setup-quay-mirror-registry/execution-environment.tar 
Getting image source signatures
Copying blob 0ae606e5d5d2 skipped: already exists  
Copying config c852b7f2d0 done  
Writing manifest to image destination
Storing signatures
sha256:c852b7f2d05f6c3743b03363aab7f69653ba12fde2fa66f7dca9b01710f794d7
INFO[2022-01-01 23:49:45] Loading SSL certificate file /home/ibmdemo/setup-quay-mirror-registry/mirror-registry.crt 
INFO[2022-01-01 23:49:45] Loading SSL key file /home/ibmdemo/setup-quay-mirror-registry/mirror-registry.key 
INFO[2022-01-01 23:49:45] SSL certificate check succeeded              
INFO[2022-01-01 23:49:45] Attempting to set SELinux rules on /home/ibmdemo/setup-quay-mirror-registry/mirror-registry.crt 
chcon: can't apply partial context to unlabeled file '/home/ibmdemo/setup-quay-mirror-registry/mirror-registry.crt'
WARN[2022-01-01 23:49:45] Could not set SELinux rule. If your system does not have SELinux enabled, you may ignore this. 
INFO[2022-01-01 23:49:45] Attempting to set SELinux rules on /home/ibmdemo/setup-quay-mirror-registry/mirror-registry.key 
chcon: can't apply partial context to unlabeled file '/home/ibmdemo/setup-quay-mirror-registry/mirror-registry.key'
WARN[2022-01-01 23:49:45] Could not set SELinux rule. If your system does not have SELinux enabled, you may ignore this. 
INFO[2022-01-01 23:49:45] Found SSH key at /root/.ssh/id_rsa           
INFO[2022-01-01 23:49:45] Attempting to set SELinux rules on /root/.ssh/id_rsa 
chcon: can't apply partial context to unlabeled file '/root/.ssh/id_rsa'
WARN[2022-01-01 23:49:45] Could not set SELinux rule. If your system does not have SELinux enabled, you may ignore this. 
INFO[2022-01-01 23:49:45] Found image archive at /home/ibmdemo/setup-quay-mirror-registry/image-archive.tar 
INFO[2022-01-01 23:49:45] Attempting to set SELinux rules on image archive 
chcon: can't apply partial context to unlabeled file '/home/ibmdemo/setup-quay-mirror-registry/image-archive.tar'
WARN[2022-01-01 23:49:45] Could not set SELinux rule. If your system does not have SELinux enabled, you may ignore this. 
INFO[2022-01-01 23:49:45] Running install playbook. This may take some time. To see playbook output run the installer with -v (verbose) flag. 
DEBU[2022-01-01 23:49:45] Running command: sudo podman run --rm --interactive --tty --workdir /runner/project --net host -v /home/ibmdemo/setup-quay-mirror-registry/image-archive.tar:/runner/image-archive.tar -v /home/ibmdemo/setup-quay-mirror-registry/mirror-registry.crt:/runner/certs/quay.cert:Z -v /home/ibmdemo/setup-quay-mirror-registry/mirror-registry.key:/runner/certs/quay.key:Z -v /root/.ssh/id_rsa:/runner/env/ssh_key -e RUNNER_OMIT_EVENTS=False -e RUNNER_ONLY_FAILED_EVENTS=False -e ANSIBLE_HOST_KEY_CHECKING=False -e ANSIBLE_CONFIG=/runner/project/ansible.cfg --quiet --name ansible_runner_instance quay.io/quay/openshift-mirror-registry-ee ansible-playbook -i root@installer.internal.net, --private-key /runner/env/ssh_key -e "init_password=passw0rd quay_image=registry.redhat.io/quay/quay-rhel8:v3.6.1 redis_image=registry.redhat.io/rhel8/redis-6:1-25 postgres_image=registry.redhat.io/rhel8/postgresql-10:1-161 quay_hostname=installer.internal.net:8443 local_install=false quay_root=/opt/registry/quay-install" install_mirror_appliance.yml   

PLAY [Install Mirror Appliance] ***************************************************************************************************************************************

TASK [Gathering Facts] ************************************************************************************************************************************************
ok: [root@installer.internal.net]

TASK [mirror_appliance : Install Dependencies] ************************************************************************************************************************
included: /runner/project/roles/mirror_appliance/tasks/install-deps.yaml for root@installer.internal.net

TASK [mirror_appliance : Add IP address of all hosts to all hosts] ****************************************************************************************************
ok: [root@installer.internal.net]

TASK [mirror_appliance : Set SELinux Rules] ***************************************************************************************************************************
included: /runner/project/roles/mirror_appliance/tasks/set-selinux-rules.yaml for root@installer.internal.net

TASK [mirror_appliance : Set container_manage_cgroup flag on and keep it persistent across reboots] *******************************************************************
skipping: [root@installer.internal.net]

TASK [mirror_appliance : Create Podman Pod] ***************************************************************************************************************************
included: /runner/project/roles/mirror_appliance/tasks/create-podman-pod.yaml for root@installer.internal.net

TASK [mirror_appliance : Starting Pod with ports 80 and 443 exposed] **************************************************************************************************
changed: [root@installer.internal.net]

TASK [mirror_appliance : Autodetect Image Archive] ********************************************************************************************************************
included: /runner/project/roles/mirror_appliance/tasks/autodetect-image-archive.yaml for root@installer.internal.net

TASK [mirror_appliance : Checking for Image Archive] ******************************************************************************************************************
ok: [root@installer.internal.net -> localhost]

TASK [mirror_appliance : Create install directory for image-archive.tar dest] *****************************************************************************************
changed: [root@installer.internal.net]

TASK [mirror_appliance : Copy Images if /runner/image-archive.tar exists] *********************************************************************************************
changed: [root@installer.internal.net]

TASK [mirror_appliance : Unpack Images if /runner/image-archive.tar exists] *******************************************************************************************
changed: [root@installer.internal.net]

TASK [mirror_appliance : Loading Redis if redis.tar exists] ***********************************************************************************************************
fatal: [root@installer.internal.net]: FAILED! => {"changed": true, "cmd": "podman image import --change 'ENV PATH=/opt/app-root/src/bin:/opt/app-root/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' --change 'ENV container=oci'  --change 'ENV STI_SCRIPTS_URL=image:///usr/libexec/s2i' --change 'ENV STI_SCRIPTS_PATH=/usr/libexec/s2i' --change 'ENV APP_ROOT=/opt/app-root' --change 'ENV HOME=/var/lib/redis' --change 'ENV PLATFORM=el8' --change 'ENV REDIS_VERSION=6' --change 'ENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/redis' --change 'ENV REDIS_PREFIX=/usr' --change 'ENTRYPOINT=[\"container-entrypoint\"]' --change 'USER=1001' --change 'WORKDIR=/opt/app-root/src' --change 'EXPOSE=6379' --change 'VOLUME=/var/lib/redis/data' --change 'CMD [\"run-redis\"]' - registry.redhat.io/rhel8/redis-6:1-25 < /etc/quay-install/redis.tar", "delta": "0:00:00.003741", "end": "2022-01-01 23:51:45.598822", "msg": "non-zero return code", "rc": 1, "start": "2022-01-01 23:51:45.595081", "stderr": "/bin/sh: /etc/quay-install/redis.tar: No such file or directory", "stderr_lines": ["/bin/sh: /etc/quay-install/redis.tar: No such file or directory"], "stdout": "", "stdout_lines": []}

PLAY RECAP ************************************************************************************************************************************************************
root@installer.internal.net : ok=11   changed=4    unreachable=0    failed=1    skipped=1    rescued=0    ignored=0   

ERRO[2022-01-01 23:51:45] An error occurred: exit status 2
pdfruth commented

A hint if it helps...
I was able to fix the problem by making a simple change to the following file inside of execution-environment.tar;
./runner/project/roles/mirror_appliance/tasks/autodetect-image-archive.yaml

I changed all [3] occurrences of /etc/quay-install to {{ quay_root }}

HammerMeetNail commented

I think our internal QE team caught this recently too. It should work with local install, issue is exclusively with the remote install.

We'll have a fix out this week. Thanks for raising the issue.

HammerMeetNail commented

We've merged in a fix - expecting to have a new RC out in the next day or so

HammerMeetNail commented

Give this new RC a shot and let us know if you have any issues https://github.com/quay/openshift-mirror-registry/releases/tag/1.0.0-RC3

pdfruth commented

I can confirm that the changes in RC3 work as expected

  • 🎉1