Bug 2181997
| Summary: | kubemacpool-cert-manager ignores node placement configuration | ||
|---|---|---|---|
| Product: | Container Native Virtualization (CNV) | Reporter: | Simone Tiraboschi <stirabos> |
| Component: | Networking | Assignee: | Quique Llorente <ellorent> |
| Status: | CLOSED ERRATA | QA Contact: | Yossi Segev <ysegev> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 4.13.0 | CC: | gveitmic, phoracek |
| Target Milestone: | --- | ||
| Target Release: | 4.13.1 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | cluster-network-addons-operator-rhel9 v4.13.1-2 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2023-06-20 13:41:05 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Verified on:
CNV 4.13.1
cluster-network-addons-operator-rhel9:v4.13.1-2
Verified with the following scenario:
1. Label all workers with infra role:
$ oc get nodes
NAME STATUS ROLES AGE VERSION
c01-n-ys-4131o-gfnr2-master-0 Ready control-plane,master 4h32m v1.26.3+b404935
c01-n-ys-4131o-gfnr2-master-1 Ready control-plane,master 4h32m v1.26.3+b404935
c01-n-ys-4131o-gfnr2-master-2 Ready control-plane,master 4h32m v1.26.3+b404935
c01-n-ys-4131o-gfnr2-worker-0-255wc Ready worker 4h16m v1.26.3+b404935
c01-n-ys-4131o-gfnr2-worker-0-725qn Ready worker 4h16m v1.26.3+b404935
c01-n-ys-4131o-gfnr2-worker-0-tjvwz Ready worker 4h15m v1.26.3+b404935
$
$ oc label node c01-n-ys-4131o-gfnr2-worker-0-255wc node-role.kubernetes.io/infra=""
node/c01-n-ys-4131o-gfnr2-worker-0-255wc labeled
$
$ oc label node c01-n-ys-4131o-gfnr2-worker-0-725qn node-role.kubernetes.io/infra=""
node/c01-n-ys-4131o-gfnr2-worker-0-725qn labeled
$ oc label node c01-n-ys-4131o-gfnr2-worker-0-tjvwz node-role.kubernetes.io/infra=""
node/c01-n-ys-4131o-gfnr2-worker-0-tjvwz labeled
$
$ oc get nodes
NAME STATUS ROLES AGE VERSION
c01-n-ys-4131o-gfnr2-master-0 Ready control-plane,master 4h32m v1.26.3+b404935
c01-n-ys-4131o-gfnr2-master-1 Ready control-plane,master 4h32m v1.26.3+b404935
c01-n-ys-4131o-gfnr2-master-2 Ready control-plane,master 4h32m v1.26.3+b404935
c01-n-ys-4131o-gfnr2-worker-0-255wc Ready infra,worker 4h16m v1.26.3+b404935
c01-n-ys-4131o-gfnr2-worker-0-725qn Ready infra,worker 4h16m v1.26.3+b404935
c01-n-ys-4131o-gfnr2-worker-0-tjvwz Ready infra,worker 4h15m v1.26.3+b404935
2. Check what is the node on which kubemacpool-cert-manager is currently scheduled:
$ oc get pod -n openshift-cnv kubemacpool-cert-manager-64c6596598-gct9v -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kubemacpool-cert-manager-64c6596598-gct9v 1/1 Running 0 168m 10.128.0.115 c01-n-ys-4131o-gfnr2-master-0 <none> <none>
3. Edit HCO and add the infra and workloads nodePlacement which are specified in the bug description:
$ oc edit hco -n openshift-cnv kubevirt-hyperconverged
...
spec:
...
infra:
nodePlacement:
nodeSelector:
node-role.kubernetes.io/infra: ""
...
workloads:
nodePlacement:
nodeSelector:
node-role.kubernetes.io/worker: ""
...
hyperconverged.hco.kubevirt.io/kubevirt-hyperconverged edited
4. Check for the nodeSelector in the new kubemacpool-cert-manager ReplicaSet:
$ oc get replicaset -n openshift-cnv kubemacpool-cert-manager-66898f94cd -o yaml
...
nodeSelector:
node-role.kubernetes.io/infra: ""
...
5. Verify the kubemacpool-cert-manager pod was scheduled on one of the labeled nodes:
$ oc get pod -n openshift-cnv kubemacpool-cert-manager-66898f94cd-j8lrs -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
kubemacpool-cert-manager-66898f94cd-j8lrs 1/1 Running 0 15m 10.131.0.104 c01-n-ys-4131o-gfnr2-worker-0-725qn <none> <none>
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Virtualization 4.13.1 Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2023:3686 |
Description of problem: Something like: apiVersion: hco.kubevirt.io/v1beta1 kind: HyperConverged metadata: name: kubevirt-hyperconverged namespace: openshift-cnv spec: infra: nodePlacement: nodeSelector: node-role.kubernetes.io/infra: '' workloads: nodePlacement: nodeSelector: node-role.kubernetes.io/worker: '' is not properly propagated down to kubemacpool-cert-manager deployment Version-Release number of selected component (if applicable): How reproducible: 100% Steps to Reproduce: 1. configure HCO CR as for the suggested configuration 2. check the placement of kubemacpool-cert-manager 3. Actual results: kubemacpool-cert-manager is not scheduled on infra nodes Expected results: kubemacpool-cert-manager is scheduled on infra nodes Additional info: