Bug 1820242

Summary: [4.3] node-ca daemonset toleration conflicts with clusterlogging CR
Product: OpenShift Container Platform Reporter: Oleg Bulatov <obulatov>
Component: Image RegistryAssignee: Oleg Bulatov <obulatov>
Status: CLOSED ERRATA QA Contact: Wenjing Zheng <wzheng>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 4.2.zCC: adam.kaplan, aos-bugs, ChetRHosey, ddreggor, hcisneir, wzheng
Target Milestone: ---   
Target Release: 4.3.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: the nodeca daemon didn't tolerate the NoExecute taint, but ClusterLogging documentation recommends to use NoExecute Consequence: the nodeca daemon doesn't manage certificates on such nodes Fix: tolerate all taints Result: additionalTrustedCA are synced to all nodes with any taints
 Story Points: ---
Clone Of: 1801474
: 1820243 (view as bug list) Environment:
Last Closed: 2020-04-30 01:28:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1801474    
Bug Blocks: 1820243    

Comment 4 Wenjing Zheng 2020-04-21 09:56:02 UTC 
zhengwenjings-MacBook-Pro:4.3 wzheng$ oc adm taint nodes ip-10-0-55-103.us-east-2.compute.internal logging=true:NoExecute
node/ip-10-0-55-103.us-east-2.compute.internal tainted
zhengwenjings-MacBook-Pro:4.3 wzheng$ oc get pods
NAME                                               READY   STATUS              RESTARTS   AGE
cluster-image-registry-operator-69cb478b54-fvb4c   0/2     ContainerCreating   0          5s
cluster-image-registry-operator-69cb478b54-g2crx   0/2     Terminating         1          89m
image-registry-5b56fdf967-g8rsv                    1/1     Running             0          60m
node-ca-5kx2h                                      1/1     Running             0          60m
node-ca-6hhgb                                      1/1     Running             0          58m
node-ca-88h6v                                      1/1     Running             0          60m
node-ca-hl57m                                      1/1     Running             0          57m
node-ca-m76dr                                      1/1     Terminating         0          59m
zhengwenjings-MacBook-Pro:4.3 wzheng$ oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.3.0-0.nightly-2020-04-20-084750   True        False         79m     Cluster version is 4.3.0-0.nightly-2020-04-20-084750

Verified on 4.3.0-0.nightly-2020-04-20-084750.
Comment 6 errata-xmlrpc 2020-04-30 01:28:11 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:1529