Bug 1935218

Summary: [CNV-2.5] Manifests in openshift-cnv missing resource requirements - Network
Product: Container Native Virtualization (CNV) Reporter: sgott
Component: NetworkingAssignee: oshoval
Status: CLOSED ERRATA QA Contact: Meni Yakove <myakove>
Severity: high Docs Contact:
Priority: high    
Version: 2.5.3CC: azavalko, cnv-qe-bugs, fdeutsch, ipinto, jgil, kbidarka, phoracek
Target Milestone: ---   
Target Release: 4.8.1   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: cluster-network-addons-operator-container-v4.8.1-2 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1931519 Environment:
Last Closed: 2021-08-24 12:48:59 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1931519, 1935219    
Bug Blocks: 1935217    

Description sgott 2021-03-04 14:44:46 UTC 
+++ This bug was initially created as a clone of Bug #1931519 +++

This is a clone to track items specifically related to network component

------------

Description of problem:

Most of the deployments and daemonsets stored in the openshift-cnv namespace don't specify the resource request in their manifests. Only daemonset/kube-cni-linux-bridge-plugin, deployment/kubemacpool-mac-controller-manager and daemonset/kube-cni-linux-bridge-plugin have it defined as follows:


Kind       | Name                               | CPU Req/Limits | Mem Req/Limits
---------- | ---------------------------------- | -------------- | ---------------
daemonset  | kube-cni-linux-bridge-plugin       | 60m/0m         | 30Mi/0Mi
deployment | kubemacpool-mac-controller-manager | 100m/300m      | 300Mi/600Mi


The following list of manifests don't define the resource requirements:

Kind       | Name
---------- | ---- 
daemonset  | bridge-marker
daemonset  | nmstate-handler
daemonset  | ovs-cni-amd64
daemonset  | bridge-marker
daemonset  | nmstate-handler
daemonset  | ovs-cni-amd64
daemonset  | kubevirt-node-labeller
daemonset  | ovs-cni-amd64
daemonset  | nmstate-handler
deployment | cdi-uploadproxy
deployment | cdi-apiserver
deployment | nmstate-webhook
deployment | hostpath-provisioner-operator
deployment | virt-api
deployment | virt-controller
deployment | virt-handler
deployment | virt-operator
deployment | virt-template-validator
deployment | vm-import-controller
deployment | vm-import-operator
deployment | cdi-deployment
deployment | cluster-network-addons-operator
deployment | cdi-operator
deployment | cluster-network-addons-operator
deployment | kubevirt-ssp-operato
deployment | hco-operator


Version-Release number of selected component (if applicable):
CNV 2.5.3 and onward.

How reproducible:



Steps to Reproduce:
1.Create CNV namespace
2.Create CNV Operator Group
3.Create HCO subscription and deploy stable
4.Wait for deployment of HCO operator to complete
5.Check for resource requests in deployed manifests.

Actual results:
Only 2 deployed manifests define their resource requirements, and only 1 define the resource limits (see list above). 

Expected results:
All deployed manifests define the resource requirements.

Additional info:
N/A
Comment 1 Petr Horáček 2021-05-17 07:18:05 UTC 
OpenShift guidelines on this matter: https://github.com/openshift/enhancements/blob/master/CONVENTIONS.md#resources-and-limits
Comment 3 Adi Zavalkovsky 2021-08-17 14:57:18 UTC 
Following manifests do not contain resource requirements:


deployment | cdi-uploadproxy
deployment | cdi-apiserver
deployment | hostpath-provisioner-operator
deployment | virt-handler
deployment | virt-operator
deployment | vm-import-controller
deployment | vm-import-operator
deployment | cdi-deployment
deployment | cdi-operator
deployment | kubevirt-ssp-operato
deployment | hco-operator

Same reproduction steps as bug report.
Verified on cnv-v4.8.1-2
OC version -
Client Version: 4.8.0-202108120034.p0.git.0d10c3f.assembly.stream-0d10c3f
Server Version: 4.8.4
Kubernetes Version: v1.21.1+38b3ecc
Comment 4 Petr Horáček 2021-08-17 16:16:38 UTC 
This epic is targeted at network components (there are other counterparts for storage and compute). None of the components you listed above is owned by network. Could we move it back on QE?
Comment 5 Adi Zavalkovsky 2021-08-17 16:30:24 UTC 
My bad. In that case, I guess it's verified.
Can I move it directly to verified, or does it need to go through ->ON_QE->VERIFIED path?
Comment 6 Adi Zavalkovsky 2021-08-18 08:40:44 UTC 
Verified. All deployed network components' manifests include resource requests.

Same reproduction steps as bug report.
Verified on cnv-v4.8.1-2
OC version -
Client Version: 4.8.0-202108120034.p0.git.0d10c3f.assembly.stream-0d10c3f
Server Version: 4.8.4
Kubernetes Version: v1.21.1+38b3ecc
Comment 11 errata-xmlrpc 2021-08-24 12:48:59 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Virtualization 4.8.1 Images security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:3259