Recommendation: Check for iptables in pre-req.sh #2383
Description
Describe the bug
We deployed Omnia recently (tag v1.6.1-4-g9eb3885b)
We ran into errors when executing local repo due to the iptables command not being present on the Control Plane
To Reproduce
Steps to reproduce the behavior:
- Install a minimal Ubuntu installation for the Control Plane
- When initializing the Local Repo we ran into the following errors:
TASK [configure_registry : Start and enable nerdctl-registry service] *******************************************************************************************
Tuesday 15 October 2024 22:05:34 +0000 (0:00:00.517) 0:02:06.220 *******
FAILED - RETRYING: [localhost]: Start and enable nerdctl-registry service (5 retries left).
FAILED - RETRYING: [localhost]: Start and enable nerdctl-registry service (4 retries left).
FAILED - RETRYING: [localhost]: Start and enable nerdctl-registry service (3 retries left).
FAILED - RETRYING: [localhost]: Start and enable nerdctl-registry service (2 retries left).
FAILED - RETRYING: [localhost]: Start and enable nerdctl-registry service (1 retries left).
fatal: [localhost]: FAILED! => {"attempts": 5, "changed": false, "msg": "Unable to start service nerdctl-registry: Job for nerdctl-registry.service failed because the control process exited with error code.\nSee "systemctl status nerdctl-registry.service" and "journalctl -xeu nerdctl-registry.service" for details.\n"}
TASK [configure_registry : Failed to start nerdctl-registry service] ********************************************************************************************
Tuesday 15 October 2024 22:06:31 +0000 (0:00:56.492) 0:03:02.713 *******
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to initiate nerdctl-registry service."}
** When we looked a bit deeper, we saw that iptables was not found **
failed to create shim task: OCI runtime create failed: runc create >
errors:\nfailed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error running hook #0: error running hook: exit status 1, stdout: , stderr: time="2024-10-15T22:06:31Z" level=fatal msg="failed to call cni.Setup: plugin type=\"bridge\" failed (add): failed to locate iptables: exec: \"iptables\": executable file not found in $PATH"\nFailed to write to log, write /var/lib/nerdctl/1935db59/containers/default/c8150ec2c309fc21e8a3b8061922c7531341be38c41b309bf96c90f794fc932c/oci-hook.createRuntime.log: file already closed: unknown"
Simple fix = install iptables and re-run local repo
The suggestion is that the pre-req.sh script check that iptables is installed (this would have caught the issue and prevented the errors).
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
The Control Plane server was installed with Ubuntu 22.04.5 - minimal install
Smartphone (please complete the following information):
- Device: [e.g. iPhone6]
- OS: [e.g. iOS8.1]
- Browser [e.g. stock browser, safari]
- Version [e.g. 22]
Additional context
Today, on this page: https://omnia-doc.readthedocs.io/en/latest/InstallationGuides/index.html
- I noticed this note "..Additionally, the control plane must have a full-featured operating system installed."
- Presumably, if we had performed a full install, we may not have hit this error (I have not tested / confirmed this).
I still recommend adding capability in pre-req.sh to verify that iptables is installed. IN the case of our minimal install, it was the only Control Plane package-related failure we ran into.