Bug 1905778

Summary: inconsistent ingresscontroller between fresh installed cluster and upgraded cluster
Product: OpenShift Container Platform Reporter: Hongan Li <hongli>
Component: NetworkingAssignee: Ryan Fredette <rfredette>
Networking sub component: router QA Contact: Hongan Li <hongli>
Status: CLOSED ERRATA Docs Contact:
Severity: low    
Priority: medium CC: amcdermo, aos-bugs, sgreene, wking
Version: 4.7   
Target Milestone: ---   
Target Release: 4.7.0   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-02-24 15:41:14 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On:    
Bug Blocks: 1921193    

Description Hongan Li 2020-12-09 03:38:30 UTC
Description of problem:
When checking https://bugzilla.redhat.com/show_bug.cgi?id=1904582#c7 and find that the ingresscontroller CR is different between the fresh installed cluster and upgraded cluster.   

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. upgrade a cluster from 4.1 to 4.7
2. # oc -n openshift-ingress-operator get ingresscontroller/default -oyaml
3. fresh install a 4.7 cluster and get ingresscontroller/default.
4. comparing the two outputs

Actual results:
1. spec.replicas, status.endpointPublishingStrategy.loadBalancer are missing in upgraded cluster.
2. "type: DeploymentDegraded" in status.conditions exists only in upgraded cluster.

Expected results:
should keep consistent in fresh installed cluster and upgraded cluster.

Additional info:

Comment 2 Ryan Fredette 2021-01-27 15:41:11 UTC
I can't address the inconsistency with spec.replicas because operators should not modify spec fields, but the other two inconsistent fields should be addressed with https://github.com/openshift/cluster-ingress-operator/pull/526 , which is now merged.

Comment 3 Hongan Li 2021-01-29 02:48:11 UTC
verified by upgrading a cluster from 4.1 to 4.7.0-0.nightly-2021-01-28-005023 and passed.

$ oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.7.0-0.nightly-2021-01-28-005023   True        False         15m     Cluster version is 4.7.0-0.nightly-2021-01-28-005023

$ oc -n openshift-ingress-operator get ingresscontroller/default -oyaml
apiVersion: operator.openshift.io/v1
kind: IngressController
  creationTimestamp: "2021-01-28T06:24:32Z"
  - ingresscontroller.operator.openshift.io/finalizer-ingresscontroller
  generation: 1
  name: default
  namespace: openshift-ingress-operator
  resourceVersion: "552081"
  selfLink: /apis/operator.openshift.io/v1/namespaces/openshift-ingress-operator/ingresscontrollers/default
  uid: 7c1f3b06-6131-11eb-910f-02e0051c8f58
spec: {}
  availableReplicas: 2
  - lastTransitionTime: "2021-01-28T09:50:56Z"
    status: "True"
    type: Available
  - lastTransitionTime: "2021-01-28T07:59:27Z"
    reason: Valid
    status: "True"
    type: Admitted
  - lastTransitionTime: "2021-01-28T07:59:27Z"
    message: The endpoint publishing strategy supports a managed load balancer
    reason: WantedByEndpointPublishingStrategy
    status: "True"
    type: LoadBalancerManaged
  - lastTransitionTime: "2021-01-28T07:59:27Z"
    message: The LoadBalancer service is provisioned
    reason: LoadBalancerProvisioned
    status: "True"
    type: LoadBalancerReady
  - lastTransitionTime: "2021-01-28T07:59:27Z"
    message: DNS management is supported and zones are specified in the cluster DNS config.
    reason: Normal
    status: "True"
    type: DNSManaged
  - lastTransitionTime: "2021-01-28T07:59:28Z"
    message: The record is provisioned in all reported zones.
    reason: NoFailedZones
    status: "True"
    type: DNSReady
  - lastTransitionTime: "2021-01-28T09:06:16Z"
    status: "False"
    type: Degraded
  - lastTransitionTime: "2021-01-28T12:25:04Z"
    status: "True"
    type: PodsScheduled
  - lastTransitionTime: "2021-01-28T12:25:04Z"
    message: The deployment has Available status condition set to True
    reason: DeploymentAvailable
    status: "True"
    type: DeploymentAvailable
  - lastTransitionTime: "2021-01-28T12:25:04Z"
    message: Minimum replicas requirement is met
    reason: DeploymentMinimumReplicasMet
    status: "True"
    type: DeploymentReplicasMinAvailable
  - lastTransitionTime: "2021-01-29T02:15:06Z"
    message: All replicas are available
    reason: DeploymentReplicasAvailable
    status: "True"
    type: DeploymentReplicasAllAvailable
  - lastTransitionTime: "2021-01-28T13:54:52Z"
    message: Canary route checks for the default ingress controller are successful
    reason: CanaryChecksSucceeding
    status: "True"
    type: CanaryChecksSucceeding
  domain: apps.hongli-upg.qe.devcluster.openshift.com
      scope: External
    type: LoadBalancerService
  observedGeneration: 1
  selector: ingresscontroller.operator.openshift.io/deployment-ingresscontroller=default
    - TLS_AES_128_GCM_SHA256
    - TLS_AES_256_GCM_SHA384
    - TLS_CHACHA20_POLY1305_SHA256
    - DHE-RSA-AES128-GCM-SHA256
    - DHE-RSA-AES256-GCM-SHA384
    minTLSVersion: VersionTLS12

Comment 6 errata-xmlrpc 2021-02-24 15:41:14 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.