Remove kube-dns from installer

[pravisankar]

• Now openshift-cluster-dns-operator will provide the needed internal domain resolution functionality

[pravisankar]

/retest

[ironcladlou]

/retest

[ironcladlou]

/retest

[pravisankar]

/retest

[ironcladlou]

/retest

[pravisankar]

/retest

[ironcladlou]

/retest

[pravisankar]

/retest

[pravisankar]

/retest

[ironcladlou]

The latest failure may not be a flake... better double check this branch against AWS and manually try the commands the CI job template is using to find the router

[ramr]

@pravisankar it seems like these changes are causing the cluster to not come up. Finally managed to get past the nat gateway limit!

Here's what I saw on one of the master nodes:

[root@ip-10-0-20-251 core]# podman ps
CONTAINER ID   IMAGE                                                          COMMAND                  CREATED         STATUS             PORTS   NAMES
87c26e314870   docker.io/abhinavdahiya/origin-setup-etcd-environment:latest   /bin/setup-etcd-env...   3 minutes ago   Up 3 minutes ago           naughty_golick
[root@ip-10-0-20-251 core]# podman logs 87c26e314870
I1102 00:06:09.036710       1 main.go:62] ip addr is 10.0.20.251
E1102 00:06:09.040767       1 main.go:68] error looking up self: lookup _etcd-server-ssl._tcp.devcluster.openshift.com on 10.0.0.2:53: no such host
E1102 00:07:09.046228       1 main.go:68] error looking up self: lookup _etcd-server-ssl._tcp.devcluster.openshift.com on 10.0.0.2:53: no such host
E1102 00:08:09.046187       1 main.go:68] error looking up self: lookup _etcd-server-ssl._tcp.devcluster.openshift.com on 10.0.0.2:53: no such host
E1102 00:09:09.046474       1 main.go:68] error looking up self: lookup _etcd-server-ssl._tcp.devcluster.openshift.com on 10.0.0.2:53: no such host
E1102 00:10:09.046067       1 main.go:68] error looking up self: lookup _etcd-server-ssl._tcp.devcluster.openshift.com on 10.0.0.2:53: no such host

So it looks like because we disabled the dns server, the etcd setup fails and nothing starts up.

[pravisankar]

@ramr I thought pr #526 addressed this specific issue.

[ramr]

@pravisankar aah, k I just tested directly with this branch and its rebased upto sha: f7080b1469da1e258b6aa83c1a242607604773e7 which is a couple of commits away from that merge. Also looks like you do need to rebase this PR - couple of conflicts. Thx

[abhinavdahiya]

openshift/cluster-dns-operator#44 should allow the dns operator to schedule on masters.

otherwise the error from ci

sudo oc --config /opt/tectonic/auth/kubeconfig -n openshift-cluster-dns-operator get pods cluster-dns-operator-7cdc75466d-nksx4 -oyaml
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: 2018-11-02T18:26:40Z
  generateName: cluster-dns-operator-7cdc75466d-
  labels:
    name: cluster-dns-operator
    pod-template-hash: "3787310228"
  name: cluster-dns-operator-7cdc75466d-nksx4
  namespace: openshift-cluster-dns-operator
  ownerReferences:
  - apiVersion: apps/v1
    blockOwnerDeletion: true
    controller: true
    kind: ReplicaSet
    name: cluster-dns-operator-7cdc75466d
    uid: d738a17f-decc-11e8-9871-124667a4a6a6
  resourceVersion: "1618"
  selfLink: /api/v1/namespaces/openshift-cluster-dns-operator/pods/cluster-dns-operator-7cdc75466d-nksx4
  uid: d739f920-decc-11e8-9871-124667a4a6a6
spec:
  containers:
  - command:
    - cluster-dns-operator
    env:
    - name: WATCH_NAMESPACE
      valueFrom:
        fieldRef:
          apiVersion: v1
          fieldPath: metadata.namespace
    - name: OPERATOR_NAME
      value: cluster-dns-operator
    image: registry.svc.ci.openshift.org/ci-op-m3n2pzv1/stable@sha256:462a4ae61446e9c98f82c7d63d20d9c060a00678ec6957ddcfe83ddd31af9270
    imagePullPolicy: IfNotPresent
    name: cluster-dns-operator
    resources: {}
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: cluster-dns-operator-token-zqr9j
      readOnly: true
  dnsPolicy: Default
  priority: 0
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: cluster-dns-operator
  serviceAccountName: cluster-dns-operator
  terminationGracePeriodSeconds: 30
  volumes:
  - name: cluster-dns-operator-token-zqr9j
    secret:
      defaultMode: 420
      secretName: cluster-dns-operator-token-zqr9j
status:
  conditions:
  - lastProbeTime: null
    lastTransitionTime: 2018-11-02T18:26:40Z
    message: '0/3 nodes are available: 3 node(s) had taints that the pod didn''t tolerate.'
    reason: Unschedulable
    status: "False"
    type: PodScheduled
  phase: Pending
  qosClass: BestEffort

[pravisankar]

/retest

[ironcladlou]

@abhinavdahiya looks like this is ready to go, PTAL

[ironcladlou]

@pravisankar remove the WIP tag?

[pravisankar]

@ironcladlou @abhinavdahiya this will break extended test, prefer this to be merged after openshift/origin#21406 (updating the pr as per the feedback)

[ironcladlou]

@pravisankar I think you have it backwards: e2e-aws passes today with this PR (wildcard extended tests aren't enabled yet in the job). This one should merge ASAP so we can start detecting and dealing with any fallout.

[pravisankar]

@abhinavdahiya can you please review/merge this pr?

[abhinavdahiya]

@ramr can you rebase on master, #605 and #549 were merged and you might have to resync this file and update in both variables... sorry about this 😇

[abhinavdahiya]

/approve

[abhinavdahiya]

/lgtm

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: abhinavdahiya, pravisankar

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [abhinavdahiya]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[ironcladlou]

/retest