Bug 1982274
| Summary: | OLM should block the OCP 4.8 upgrade to 4.9 when the operator installed with `olm.openShiftMaxVersion` annotation | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Nick Hale <nhale> |
| Component: | OLM | Assignee: | Nick Hale <nhale> |
| OLM sub component: | OLM | QA Contact: | Jian Zhang <jiazha> |
| Status: | CLOSED ERRATA | Docs Contact: | |
| Severity: | high | ||
| Priority: | high | CC: | dmesser, jiazha |
| Version: | 4.8 | ||
| Target Milestone: | --- | ||
| Target Release: | 4.9.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | No Doc Update | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 1979525 | Environment: | |
| Last Closed: | 2021-10-18 17:39:53 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1979525 | ||
|
Comment 4
Jian Zhang
2021-07-15 07:15:46 UTC
1, Create a 4.9 cluster that contains the fixed PR.
[cloud-user@preserve-olm-env jian]$ oc get clusterversion
NAME VERSION AVAILABLE PROGRESSING SINCE STATUS
version 4.9.0-0.nightly-2021-07-25-220028 True False 8m2s Cluster version is 4.9.0-0.nightly-2021-07-25-220028
[cloud-user@preserve-olm-env jian]$ oc -n openshift-operator-lifecycle-manager exec deploy/catalog-operator -- olm --version
OLM version: 0.18.3
git commit: 4a5ad031bf1e4888b01792f70a8c1a159719626b
2, Deploy a CatalogSource with an index image that its bundle image contains the "olm.properties" annotation.
[cloud-user@preserve-olm-env jian]$ cat cs-debug.yaml
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
name: max-operators
namespace: openshift-marketplace
spec:
displayName: Max Operators
image: quay.io/olmqe/etcd-index:max-4.9
priority: -400
publisher: Jian
sourceType: grpc
updateStrategy:
registryPoll:
interval: 10m0s
[cloud-user@preserve-olm-env jian]$
[cloud-user@preserve-olm-env jian]$ oc create -f cs-debug.yaml
catalogsource.operators.coreos.com/max-operators created
[cloud-user@preserve-olm-env jian]$ oc get packagemanifests|grep Max
etcd Max Operators 2m26s
3, Subscribe to this etcd operator.
[cloud-user@preserve-olm-env jian]$ cat og.yaml
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
name: default-og
namespace: default
spec:
targetNamespaces:
- default
[cloud-user@preserve-olm-env jian]$ oc create -f og.yaml
operatorgroup.operators.coreos.com/default-og created
[cloud-user@preserve-olm-env jian]$
[cloud-user@preserve-olm-env jian]$ cat sub-max.yaml
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: etcd
namespace: default
spec:
channel: singlenamespace-alpha
installPlanApproval: Automatic
name: etcd
source: max-operators
sourceNamespace: openshift-marketplace
startingCSV: etcdoperator.v0.9.4
[cloud-user@preserve-olm-env jian]$ oc create -f sub-max.yaml
subscription.operators.coreos.com/etcd created
[cloud-user@preserve-olm-env jian]$ oc get sub
NAME PACKAGE SOURCE CHANNEL
etcd etcd max-operators singlenamespace-alpha
[cloud-user@preserve-olm-env jian]$ oc get csv
NAME DISPLAY VERSION REPLACES PHASE
etcdoperator.v0.9.4 etcd 0.9.4 Succeeded
4, Check the maxOpenShiftVersion and the OLM ClusterOperator status.
[cloud-user@preserve-olm-env jian]$ oc get csv -o yaml|grep "maxOpenShiftVersion"
olm.properties: '[{"type": "olm.maxOpenShiftVersion", "value": "4.9"}]'
After a while, but, the Upgradeable still is True.
[cloud-user@preserve-olm-env jian]$ oc get co operator-lifecycle-manager -o=jsonpath={.status.conditions[?(@.type==\"Upgradeable\")].status}
True
Jian, I ran the index image you provided and it looks like the `olm.maxOpenShiftVersion` property wasn't being included in ListBundles. I created a new index using the same bundle, but with the latest version of opm (see quay.io/njhale/etcd-index:max-4.9), and it worked. At this point, I suspect the index under test was built with an older version of opm that doesn't accept arbitrary properties from CSV annotations. Please rebuild the index with a newer version of opm and retest. Thanks! Hi Nick,
Thanks for your information! I used the latest opm and got a try, as follows,
[cloud-user@preserve-olm-env opm]$ opm version
Version: version.Version{OpmVersion:"3475b1d5d", GitCommit:"3475b1d5d8d481394ba90b2823645bed0fb2b076", BuildDate:"2021-07-27T07:36:35Z", GoOs:"linux", GoArch:"amd64"}
[cloud-user@preserve-olm-env etcd]$ opm index add --mode semver -b quay.io/olmqe/etcd-bundle:max-4.9 -t quay.io/olmqe/etcd-index:max2-4.9
INFO[0000] building the index bundles="[quay.io/olmqe/etcd-bundle:max-4.9]"
INFO[0000] Could not find optional dependencies file file=bundle_tmp828545485/metadata load=annotations with=bundle_tmp828545485
INFO[0000] Could not find optional properties file file=bundle_tmp828545485/metadata load=annotations with=bundle_tmp828545485
INFO[0000] Generating dockerfile bundles="[quay.io/olmqe/etcd-bundle:max-4.9]"
INFO[0000] writing dockerfile: index.Dockerfile139291043 bundles="[quay.io/olmqe/etcd-bundle:max-4.9]"
INFO[0000] running podman build bundles="[quay.io/olmqe/etcd-bundle:max-4.9]"
INFO[0000] [podman build --format docker -f index.Dockerfile139291043 -t quay.io/olmqe/etcd-index:max2-4.9 .] bundles="[quay.io/olmqe/etcd-bundle:max-4.9]"
[cloud-user@preserve-olm-env etcd]$ docker push quay.io/olmqe/etcd-index:max2-4.9
...
Storing signatures
1, Create a 4.9 cluster that contains the fixed PR.
[cloud-user@preserve-olm-env jian]$ oc get clusterversion
NAME VERSION AVAILABLE PROGRESSING SINCE STATUS
version 4.9.0-0.nightly-2021-07-26-220837 True False 3m23s Cluster version is 4.9.0-0.nightly-2021-07-26-220837
[cloud-user@preserve-olm-env jian]$ oc -n openshift-operator-lifecycle-manager exec deploy/catalog-operator -- olm --version
OLM version: 0.18.3
git commit: 4a5ad031bf1e4888b01792f70a8c1a159719626b
2, Deploy a CatalogSource that consume this new index image: quay.io/olmqe/etcd-index:max2-4.9
[cloud-user@preserve-olm-env jian]$ cat cs-debug.yaml
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
name: max-operators
namespace: openshift-marketplace
spec:
displayName: Max Operators
image: quay.io/olmqe/etcd-index:max2-4.9
priority: -400
publisher: Jian
sourceType: grpc
updateStrategy:
registryPoll:
interval: 10m0s
[cloud-user@preserve-olm-env jian]$ oc create -f cs-debug.yaml
catalogsource.operators.coreos.com/max-operators created
[cloud-user@preserve-olm-env jian]$ oc get packagemanifests|grep Max
etcd Max Operators 34s
3, Subscribe to this etcd operator.
[cloud-user@preserve-olm-env jian]$ cat og.yaml
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
name: default-og
namespace: default
spec:
targetNamespaces:
- default
[cloud-user@preserve-olm-env jian]$ oc create -f og.yaml
operatorgroup.operators.coreos.com/default-og created
[cloud-user@preserve-olm-env jian]$
[cloud-user@preserve-olm-env jian]$ cat sub-max.yaml
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: etcd
namespace: default
spec:
channel: singlenamespace-alpha
installPlanApproval: Automatic
name: etcd
source: max-operators
sourceNamespace: openshift-marketplace
startingCSV: etcdoperator.v0.9.4
[cloud-user@preserve-olm-env jian]$ oc create -f sub-max.yaml
subscription.operators.coreos.com/etcd created
[cloud-user@preserve-olm-env jian]$ oc get sub -n default
NAME PACKAGE SOURCE CHANNEL
etcd etcd max-operators singlenamespace-alpha
[cloud-user@preserve-olm-env jian]$ oc get ip -n default
NAME CSV APPROVAL APPROVED
install-85szg etcdoperator.v0.9.4 Automatic true
[cloud-user@preserve-olm-env jian]$ oc get csv -n default
NAME DISPLAY VERSION REPLACES PHASE
etcdoperator.v0.9.4 etcd 0.9.4 Succeeded
4, Check the maxOpenShiftVersion and the OLM ClusterOperator status.
[cloud-user@preserve-olm-env jian]$ oc get csv -n default -o yaml|grep "maxOpenShiftVersion"
olm.properties: '[{"type": "olm.maxOpenShiftVersion", "value": "4.9"}]'
operatorframework.io/properties: '{"properties":[{"type":"olm.gvk","value":{"group":"etcd.database.coreos.com","kind":"EtcdBackup","version":"v1beta2"}},{"type":"olm.gvk","value":{"group":"etcd.database.coreos.com","kind":"EtcdCluster","version":"v1beta2"}},{"type":"olm.gvk","value":{"group":"etcd.database.coreos.com","kind":"EtcdRestore","version":"v1beta2"}},{"type":"olm.maxOpenShiftVersion","value":"4.9"},{"type":"olm.package","value":{"packageName":"etcd","version":"0.9.4"}}]}'
Yes, it works as expected after using the latest opm to add the bundle image to the index image.
[cloud-user@preserve-olm-env jian]$ oc get co operator-lifecycle-manager -o=jsonpath={.status.conditions[?(@.type==\"Upgradeable\")].status}
False
5, Uninstall this operator, the Upgradeable shoule be True
[cloud-user@preserve-olm-env jian]$ oc get sub -A
No resources found
[cloud-user@preserve-olm-env jian]$ oc get co operator-lifecycle-manager -o=jsonpath={.status.conditions[?(@.type==\"Upgradeable\")].status}
True
Looks good to me, verify it.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759 |