Bug 2184439

Summary:	[cnv-4.13] Need tunable featureGate to configure DisableMDEVConfiguration via HCO CR
Product:	Container Native Virtualization (CNV)	Reporter:	Kedar Bidarkar <kbidarka>
Component:	Installation	Assignee:	Oren Cohen <ocohen>
Status:	CLOSED ERRATA	QA Contact:	Debarati Basu-Nag <dbasunag>
Severity:	high	Docs Contact:
Priority:	high
Version:	4.13.0	CC:	dbasunag, kmajcher, stirabos, ycui
Target Milestone:	---	Keywords:	Reopened
Target Release:	4.13.2
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:	CNV vv4.13.2.rhel9-1	Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2023-07-11 16:02:38 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Kedar Bidarkar 2023-04-04 17:06:36 UTC

Description of problem:

We need to Introduce a new feature gate DisableMDEVConfiguration at HCO CR level.

https://github.com/kubevirt/hyperconverged-cluster-operator/blob/main/api/v1beta1/hyperconverged_types.go#L295



]$ oc annotate --overwrite -n openshift-cnv hyperconverged kubevirt-hyperconverged kubevirt.kubevirt.io/jsonpatch='[{
      "op": "add",
      "path": "/spec/configuration/developerConfiguration/featureGates/-",
      "value": "DisableMDEVConfiguration"
  }]'

Version-Release number of selected component (if applicable):
CNV 4.13

How reproducible:
Always

Steps to Reproduce:
1.
2.
3.

Actual results:
No way to configure "DisableMDEVConfiguration" FeatureGate

Expected results:
Need tunable featureGate to configure DisableMDEVConfiguration via HCO CR

Additional info:

Jira Issue for 4.14:  https://issues.redhat.com/browse/CNV-27645

Comment 1 Simone Tiraboschi 2023-04-04 21:18:46 UTC

This is not a bug fix but an RFE for the next release, please justify the business case otherwise let's defer to the next release.

Comment 3 Kedar Bidarkar 2023-04-28 12:25:13 UTC

Re-opening this bug, after discussing with Installation Team.

Comment 4 Simone Tiraboschi 2023-05-31 10:33:44 UTC

https://github.com/kubevirt/kubevirt/pull/9343 landed on the upstream release-0.59 stabilization branch but we still lack a tagged upstream v0.59.1 release exposing it.
Do we have an ETA?

Comment 6 Simone Tiraboschi 2023-06-06 12:22:18 UTC

Postponing to 4.13.2 since we are not able to get it merged upstream due to CI test blockers.

Comment 7 Krzysztof Majcher 2023-06-13 12:55:18 UTC

This needs to be backported all the way to 4.12 line.

Comment 8 Krzysztof Majcher 2023-06-13 12:56:44 UTC

Oren, can you take a look and let me know if we should wait for Simone, or we can continue with backporting his PR while he is away.

Comment 9 Oren Cohen 2023-06-13 13:10:02 UTC

We need to consume a newer kubevirt release in upstream HCO that included this fix:
https://github.com/kubevirt/kubevirt/pull/9856
For the CI to pass in the DisableMDEVConfiguration feature gate PR.

Comment 10 Debarati Basu-Nag 2023-06-15 10:34:27 UTC

I have logged, https://bugzilla.redhat.com/show_bug.cgi?id=2215286 to cover the upgrade scenario from 4.12.4.

Comment 11 Debarati Basu-Nag 2023-06-26 17:02:19 UTC

Verified against CNV-v4.13.2.rhel9-37
=====================
[cloud-user@ocp-ipi-executor-xl ~]$ oc get hco kubevirt-hyperconverged -n openshift-cnv -o json | jq ".spec.featureGates"
{
  "deployKubeSecondaryDNS": false,
  "deployTektonTaskResources": false,
  "disableMDevConfiguration": false,
  "enableCommonBootImageImport": true,
  "nonRoot": true,
  "withHostPassthroughCPU": false
}
[cloud-user@ocp-ipi-executor-xl ~]$


[cloud-user@ocp-ipi-executor-xl ~]$ oc get kubevirt kubevirt-kubevirt-hyperconverged -n openshift-cnv -o json | jq ".spec.configuration.developerConfiguration"
{
  "diskVerification": {
    "memoryLimit": "2G"
  },
  "featureGates": [
    "DataVolumes",
    "SRIOV",
    "CPUManager",
    "CPUNodeDiscovery",
    "Snapshot",
    "HotplugVolumes",
    "ExpandDisks",
    "GPU",
    "HostDevices",
    "DownwardMetrics",
    "NUMA",
    "VMExport",
    "DisableCustomSELinuxPolicy",
    "KubevirtSeccompProfile",
    "WithHostModelCPU",
    "HypervStrictCheck"
  ]
}
[cloud-user@ocp-ipi-executor-xl ~]$ 
On edit:
[cloud-user@ocp-ipi-executor-xl ~]$ oc get hco kubevirt-hyperconverged -n openshift-cnv -o json | jq ".spec.featureGates"
{
  "deployKubeSecondaryDNS": false,
  "deployTektonTaskResources": false,
  "disableMDevConfiguration": true,
  "enableCommonBootImageImport": true,
  "nonRoot": true,
  "withHostPassthroughCPU": false
}
[cloud-user@ocp-ipi-executor-xl ~]$ 

[cloud-user@ocp-ipi-executor-xl ~]$ oc get kubevirt kubevirt-kubevirt-hyperconverged -n openshift-cnv -o json | jq ".spec.configuration.developerConfiguration"
{
  "diskVerification": {
    "memoryLimit": "2G"
  },
  "featureGates": [
    "DataVolumes",
    "SRIOV",
    "CPUManager",
    "CPUNodeDiscovery",
    "Snapshot",
    "HotplugVolumes",
    "ExpandDisks",
    "GPU",
    "HostDevices",
    "DownwardMetrics",
    "NUMA",
    "VMExport",
    "DisableCustomSELinuxPolicy",
    "KubevirtSeccompProfile",
    "WithHostModelCPU",
    "HypervStrictCheck",
    "DisableMDEVConfiguration"
  ]
}
[cloud-user@ocp-ipi-executor-xl ~]$

Comment 17 errata-xmlrpc 2023-07-11 16:02:38 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Virtualization 4.13.2 Images), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2023:4028