Bug 1858802
Summary: | rangeallocations.data is never updated when a project is removed | |||
---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Maciej Szulik <maszulik> | |
Component: | kube-controller-manager | Assignee: | Maciej Szulik <maszulik> | |
Status: | CLOSED ERRATA | QA Contact: | RamaKasturi <knarra> | |
Severity: | urgent | Docs Contact: | ||
Priority: | urgent | |||
Version: | 4.2.z | CC: | aaleman, aos-bugs, arghosh, bleanhar, bmilne, bshirren, calfonso, chuffman, fhirtz, knarra, maszulik, mfojtik, oarribas, pmuller, rhowe, travi, vlaad, wking, yinzhou | |
Target Milestone: | --- | |||
Target Release: | 4.3.z | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Bug Fix | ||
Doc Text: |
Cause:
UID range allocation is never updated when a project is removed. Only restarting kube-controller-manager pod was triggering repair procedure which was clearing that range.
Consequence:
It is possible to exhaust the UID range on cluster with high namespace create+remove turnover.
Fix:
Periodically run the repair job.
Result:
The UID range allocation should be freed periodically (currently every 8 hours) which should not require additional kube-controller-manager restarts. It should also ensure that the range is not exhausted.
|
Story Points: | --- | |
Clone Of: | 1858800 | |||
: | 1858803 (view as bug list) | Environment: | ||
Last Closed: | 2020-09-23 13:52:39 UTC | Type: | --- | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | 1858800 | |||
Bug Blocks: | 1858803 |
Comment 1
Maciej Szulik
2020-08-21 14:12:18 UTC
Moving the bug to verified state as i see that rangeallocations.data is updated whenever a project is deleted. 4.3.0-0.nightly-2020-09-02-201249 Below are the steps followed to verify the bug: ================================================= 1) Install 4.3.z cluster 2) Create more than 10K projects and see that rangeallocations.data is updated as below [ramakasturinarra@dhcp35-60 cucushift]$ oc get projects | wc -l 54 [ramakasturinarra@dhcp35-60 cucushift]$ oc get rangeallocations scc-uid -o yaml | grep -o "/" | wc -l 15 [ramakasturinarra@dhcp35-60 ~]$ oc get projects | wc -l 9986 [ramakasturinarra@dhcp35-60 ~]$ oc get rangeallocations scc-uid -o yaml | grep -o "/" | wc -l 1763 [ramakasturinarra@dhcp35-60 cucushift]$ oc get projects | wc -l 10100 [ramakasturinarra@dhcp35-60 cucushift]$ oc get rangeallocations scc-uid -o yaml | grep -o "/" | wc -l 1792 [ramakasturinarra@dhcp35-60 cucushift]$ oc get projects | wc -l 10154 [ramakasturinarra@dhcp35-60 cucushift]$ oc get rangeallocations scc-uid -o yaml | grep -o "/" | wc -l 1808 [ramakasturinarra@dhcp35-60 cucushift]$ oc get projects | wc -l 54 [ramakasturinarra@dhcp35-60 cucushift]$ oc get rangeallocations scc-uid -o yaml | grep -o "/" | wc -l 318 [ramakasturinarra@dhcp35-60 cucushift]$ oc get projects | wc -l 54 [ramakasturinarra@dhcp35-60 cucushift]$ oc get rangeallocations scc-uid -o yaml | grep -o "/" | wc -l 15 When the projects are deleted it came down to its original value which is 15. Based on the above data moving the bug to verified state. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.3.38 bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:3609 |