Bug 1858802

Summary: rangeallocations.data is never updated when a project is removed
Product: OpenShift Container Platform Reporter: Maciej Szulik <maszulik>
Component: kube-controller-managerAssignee: Maciej Szulik <maszulik>
Status: CLOSED ERRATA QA Contact: RamaKasturi <knarra>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 4.2.zCC: aaleman, aos-bugs, arghosh, bleanhar, bmilne, bshirren, calfonso, chuffman, fhirtz, knarra, maszulik, mfojtik, oarribas, pmuller, rhowe, travi, vlaad, wking, yinzhou
Target Milestone: ---   
Target Release: 4.3.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: UID range allocation is never updated when a project is removed. Only restarting kube-controller-manager pod was triggering repair procedure which was clearing that range. Consequence: It is possible to exhaust the UID range on cluster with high namespace create+remove turnover. Fix: Periodically run the repair job. Result: The UID range allocation should be freed periodically (currently every 8 hours) which should not require additional kube-controller-manager restarts. It should also ensure that the range is not exhausted.
 Story Points: ---
Clone Of: 1858800
: 1858803 (view as bug list) Environment:
Last Closed: 2020-09-23 13:52:39 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1858800    
Bug Blocks: 1858803    

Comment 1 Maciej Szulik 2020-08-21 14:12:18 UTC 
I’m adding UpcomingSprint, because I was occupied by fixing bugs with higher priority/severity, developing new features with higher priority, or developing new features to improve stability at a macro level. I will revisit this bug next sprint.
Comment 4 RamaKasturi 2020-09-08 15:55:22 UTC 
Moving the bug to verified state as i see that rangeallocations.data is updated whenever a project is deleted.

4.3.0-0.nightly-2020-09-02-201249

Below are the steps followed to verify the bug:
=================================================
1) Install 4.3.z cluster
2) Create more than 10K projects and see that rangeallocations.data is updated as below

[ramakasturinarra@dhcp35-60 cucushift]$ oc get projects | wc -l
54
[ramakasturinarra@dhcp35-60 cucushift]$ oc get rangeallocations scc-uid -o yaml | grep -o "/" | wc -l
15

[ramakasturinarra@dhcp35-60 ~]$ oc get projects | wc -l
9986
[ramakasturinarra@dhcp35-60 ~]$ oc get rangeallocations scc-uid -o yaml | grep -o "/" | wc -l
1763

[ramakasturinarra@dhcp35-60 cucushift]$ oc get projects | wc -l
10100
[ramakasturinarra@dhcp35-60 cucushift]$ oc get rangeallocations scc-uid -o yaml | grep -o "/" | wc -l
1792

[ramakasturinarra@dhcp35-60 cucushift]$ oc get projects | wc -l
10154

[ramakasturinarra@dhcp35-60 cucushift]$ oc get rangeallocations scc-uid -o yaml | grep -o "/" | wc -l
1808

[ramakasturinarra@dhcp35-60 cucushift]$ oc get projects | wc -l
54
[ramakasturinarra@dhcp35-60 cucushift]$ oc get rangeallocations scc-uid -o yaml | grep -o "/" | wc -l
318

[ramakasturinarra@dhcp35-60 cucushift]$ oc get projects | wc -l
54
[ramakasturinarra@dhcp35-60 cucushift]$ oc get rangeallocations scc-uid -o yaml | grep -o "/" | wc -l
15

When the projects are  deleted it came down to its original value which is 15. 

Based on the above data moving the bug to verified state.
Comment 6 errata-xmlrpc 2020-09-23 13:52:39 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.3.38 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:3609