Bug 1954892

Summary: Add necessary priority class to ingress-canary
Product: OpenShift Container Platform Reporter: ravig <rgudimet>
Component: NetworkingAssignee: Stephen Greene <sgreene>
Networking sub component: router QA Contact: jechen <jechen>
Status: CLOSED ERRATA Docs Contact:
Severity: medium    
Priority: medium CC: amcdermo, aos-bugs, hongli, ravi.gouda
Version: 4.8   
Target Milestone: ---   
Target Release: 4.8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-07-27 23:04:50 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description ravig 2021-04-29 02:45:55 UTC
Description of problem:


Private
Description ravig 2021-04-29 02:43:38 UTC

Description of problem:


While mandating priority classes for all the components in `openshift-*` namespaces, we noticed that the following component(s) is/are missing priority class.

openshift-ingress-canary/ingress-canary


Following is the guidance on the which priority class to choose:

If it is fine for your operator/operand to be preempted by user workload specify and OOMKilled  use openshift-user-critical priority class
If you want your operator/operand not to be preempted by user-workload but still be OOMKilled use system-cluster-critical priority class
If you want operator/operand not be preempted by user-workload and OOMKilled last use system-node-critical priority class


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:




Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Andrew McDermott 2021-04-29 16:25:32 UTC
@ravig is there any guidance for which priority class to use for daemonsets?

Comment 2 Stephen Greene 2021-05-21 19:50:52 UTC
@rgudimet can you help us determine which priority class to use for the canary daemonset?

Comment 6 jechen 2021-06-01 15:29:44 UTC
Verified in 4.8.0-0.nightly-2021-06-01-043518

$ oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.8.0-0.nightly-2021-06-01-043518   True        False         16m     Cluster version is 4.8.0-0.nightly-2021-06-01-043518

$ oc -n openshift-ingress-canary get ds -oyaml
<-- snip-->

      spec:
        containers:
        - command:
          - ingress-operator
          - serve-healthcheck
          image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:bbd856bec22173b7026d2c086a175a3576dca4b8905c48bd2734d7ee6ca7db2f
          imagePullPolicy: IfNotPresent
          name: serve-healthcheck-canary
          ports:
          - containerPort: 8080
            protocol: TCP
          - containerPort: 8888
            protocol: TCP
          resources:
            requests:
              cpu: 10m
              memory: 20Mi
          terminationMessagePath: /dev/termination-log
          terminationMessagePolicy: FallbackToLogsOnError
        dnsPolicy: ClusterFirst
        nodeSelector:
          kubernetes.io/os: linux
        priorityClassName: system-cluster-critical    <-----verified the fix from https://github.com/openshift/cluster-ingress-operator/pull/620
        restartPolicy: Always
        schedulerName: default-scheduler
        securityContext: {}
        terminationGracePeriodSeconds: 30
        tolerations:
        - effect: NoSchedule
          key: node-role.kubernetes.io/infra
          operator: Exists
<--snip-->

Comment 9 errata-xmlrpc 2021-07-27 23:04:50 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:2438