Bug 1981784
Summary: | Problematic Deployment creates infinite number Replicasets causing etcd to reach quota limit | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Filip Krepinsky <fkrepins> |
Component: | kube-apiserver | Assignee: | Filip Krepinsky <fkrepins> |
Status: | CLOSED ERRATA | QA Contact: | zhou ying <yinzhou> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 4.7 | CC: | aos-bugs, dbaker, fkrepins, maszulik, mfojtik, skrenger, sreber, xxia, yinzhou |
Target Milestone: | --- | ||
Target Release: | 4.6.z | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
Cause: caused if deployment is created with unresolved image (no image stream) and no image.openshift.io/triggers annotation. By creating image stream and subsequently patching our deployment, new image resolution will occur on new replica sets. This will result in inconsistent state between deployment controller and apiserver's imagepolicy plugin.
Consequence: deployment controller creates replica sets in infinite loop
Fix: responsibilities of apiserver's imagepolicy plugin were lowered
Result: inconsistent image resolution should not occur in the deployments and thus it should not cause creation of infinite replica sets anymore
|
Story Points: | --- |
Clone Of: | 1981775 | Environment: | |
Last Closed: | 2021-09-22 20:06:32 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1981775 | ||
Bug Blocks: |
Comment 1
Filip Krepinsky
2021-07-21 12:05:06 UTC
> (Patch Manager) - 4.6 is only open for bugs of >= high severity. Please close or reassess the bugzilla severity.
@maszulik can we bump the severity?
(In reply to Filip Krepinsky from comment #2) > > (Patch Manager) - 4.6 is only open for bugs of >= high severity. Please close or reassess the bugzilla severity. > > @maszulik can we bump the severity? Yes, this definitely deserves higher severity since this might affect cluster stability. Can't reproduce with latest ocp4.6 now: [root@localhost roottest]# oc version Client Version: 4.9.0-202109020218.p0.git.96e95ce.assembly.stream-96e95ce Server Version: 4.6.0-0.nightly-2021-09-02-111008 Kubernetes Version: v1.19.0+1cec875 [root@localhost roottest]# oc new-project zhouy [root@localhost roottest]# oc create -f /tmp/dd.yaml deployment.apps/i-spawn-replicas created [root@localhost roottest]# oc create -f /tmp/is.yaml imagestream.image.openshift.io/imagestreamname created [root@localhost roottest]# oc get imagestream.image.openshift.io/imagestreamname -o json | jq '.spec' { "lookupPolicy": { "local": true } } [root@localhost roottest]# oc get rs NAME DESIRED CURRENT READY AGE i-spawn-replicas-84778cc586 0 0 0 68s [root@localhost roottest]# vi /tmp/patch.yaml [root@localhost roottest]# oc patch deployment i-spawn-replicas --type merge --patch "$(cat /tmp/patch.yaml)" deployment.apps/i-spawn-replicas patched [root@localhost roottest]# oc get rs | wc -l 3 [root@localhost roottest]# oc get rs | wc -l 3 [root@localhost roottest]# oc get rs | wc -l 3 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6.45 bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:3517 |