Bug 1718842 - Need to clean up extraneous secrets in node tuning operator namespace
Summary: Need to clean up extraneous secrets in node tuning operator namespace
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Node Tuning Operator
Version: 4.1.z
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: 4.1.z
Assignee: jmencak
QA Contact: Simon
URL:
Whiteboard: 4.1.4
: 1722604 (view as bug list)
Depends On:
Blocks: 1723569
TreeView+ depends on / blocked
 
Reported: 2019-06-10 11:32 UTC by Mike Fiedler
Modified: 2019-10-17 12:26 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: The node-tuning-operator in OCP 4.1.0 unnecessarily updated tuned service account which caused extraneous secrets in the openshift-cluster-node-tuning-operator namespace. Consequence: Extraneous secrets in openshift-cluster-node-tuning-operator namespace. Fix: OCP 4.1.1 fixed the problem, but did not clean the extraneous secrets. Result: Cleanup of extraneous secrets.
Clone Of:
: 1723569 (view as bug list)
Environment:
Last Closed: 2019-07-04 09:01:24 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2019:1635 None None None 2019-07-04 09:01:33 UTC

Description Mike Fiedler 2019-06-10 11:32:47 UTC
Description of problem:

Inhttps://bugzilla.redhat.com/show_bug.cgi?id=1714484 there was an issue with the node tuning operator creating extraneous secrets during the reconciliation loop.   That is fixed, but customers who installed 4.1.0 GA may be in a state where they have a large number of unneeded secrets in the operators namespace

We should help clean up the secrets automatically.   Cleaning them up manually could be time consuming and have some degree of risk.


Version-Release number of selected component (if applicable):  4.1.1

How reproducible: Always

Comment 10 jmencak 2019-06-21 13:29:43 UTC
*** Bug 1722604 has been marked as a duplicate of this bug. ***

Comment 11 Mike Fiedler 2019-06-25 12:51:46 UTC
This bz is for the 4.1.z cherrypick of this fix.   The correct PR is  https://github.com/openshift/cluster-node-tuning-operator/pull/65 which is open

Comment 14 Simon 2019-06-26 14:11:08 UTC
Verification: POSITIVE
Started with quay.io/openshift-release-dev/ocp-release:4.1.0

oc get clusterversions.config.openshift.io 
NAME      VERSION   AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.1.0     True        False         24m     Cluster version is 4.1.0

Node tuning operator created extraneous secrets.

After upgrading to upstream:

oc get clusterversions.config.openshift.io 
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.1.0-0.nightly-2019-06-26-044128   True        False         14m     Cluster version is 4.1.0-0.nightly-2019-06-26-044128

oc get clusteroperator node-tuning
NAME          VERSION                             AVAILABLE   PROGRESSING   DEGRADED   SINCE
node-tuning   4.1.0-0.nightly-2019-06-26-044128   True        False         False      45m

All extraneous secrets were deleted and no new extraneous secrets were created.

Comment 16 errata-xmlrpc 2019-07-04 09:01:24 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:1635


Note You need to log in before you can comment on or make changes to this bug.