1705646 – MUST VERIFY All components must use configmap leader lock file, not endpoints

Bug 1705646 - MUST VERIFY All components must use configmap leader lock file, not endpoints

Summary: MUST VERIFY All components must use configmap leader lock file, not endpoints

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Master
Sub Component:
Version:	4.1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	urgent
Target Milestone:	---
Target Release:	4.1.0
Assignee:	Michal Fojtik
QA Contact:	Xingxing Xia
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2019-05-02 16:27 UTC by Clayton Coleman
Modified:	2019-06-04 10:48 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-06-04 10:48:19 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2019:0758	0	None	None	None	2019-06-04 10:48:27 UTC

Description Clayton Coleman 2019-05-02 16:27:35 UTC

This bug was initially created as a copy of Bug #1705645

I am copying this bug because: this team must ensure they are not impacted:

Scheduler was using leader-elect-resource-lock endpoints, must be configmap.

I0502 15:23:30.593107       1 flags.go:33] FLAG: --kubeconfig=""
I0502 15:23:30.593111       1 flags.go:33] FLAG: --leader-elect="true"
I0502 15:23:30.593114       1 flags.go:33] FLAG: --leader-elect-lease-duration="15s"
I0502 15:23:30.593118       1 flags.go:33] FLAG: --leader-elect-renew-deadline="10s"
I0502 15:23:30.593122       1 flags.go:33] FLAG: --leader-elect-resource-lock="endpoints"
I0502 15:23:30.593126       1 flags.go:33] FLAG: --leader-elect-retry-period="2s"
I0502 15:23:30.593130       1 flags.go:33] FLAG: --lock-object-name="kube-scheduler"

Components *must not* use leader-elect-resource-lock=endpoints because it causes high churn on kube-proxies.  This is also not a safe change to roll out, so is a 4.1 blocker.

Comment 1 Michal Fojtik 2019-05-02 17:27:21 UTC

https://github.com/openshift/cluster-kube-controller-manager-operator/blob/master/bindata/v3.11.0/kube-controller-manager/defaultconfig.yaml#L22

Comment 3 errata-xmlrpc 2019-06-04 10:48:19 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0758

Note You need to log in before you can comment on or make changes to this bug.