Bug 1798048 - Revision suffix in control plane static pods makes it hard to debug
Summary: Revision suffix in control plane static pods makes it hard to debug
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: kube-apiserver
Version: 4.4
Hardware: Unspecified
OS: Unspecified
unspecified
low
Target Milestone: ---
: 4.4.0
Assignee: Michal Fojtik
QA Contact: Ke Wang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-02-04 13:29 UTC by Michal Fojtik
Modified: 2020-05-04 11:33 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Feature: The static pod containers in control plane components should have deterministic name, so kubectl logs works for them without need of knowing the revision suffix. Reason: The revision suffix makes it hard to debug. Result: The revision suffix was removed.
Clone Of:
Environment:
Last Closed: 2020-05-04 11:33:07 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github openshift cluster-kube-apiserver-operator pull 750 None closed Bug 1798048: bindata: remove revision suffix from containers 2020-04-22 08:47:57 UTC
Github openshift cluster-kube-controller-manager-operator pull 342 None closed Bug 1798048: bindata: remove revision suffix from containers 2020-04-22 08:47:57 UTC
Red Hat Product Errata RHBA-2020:0581 None None None 2020-05-04 11:33:29 UTC

Description Michal Fojtik 2020-02-04 13:29:12 UTC
Description of problem:

The revision number in kube apiserver and controller manager pods make it harder to get logs from these pods as one have to know the current revision.

The revision was initially added them because we were failing in ways that required getting on hosts without kube-apiserver access and figuring out which revision was available. We fixed it later by adding information in the static pod on disk.


Actual results:

$ oc logs kube-apiserver-ip-10-0-128-147.ec2.internal -n openshift-kube-apiserver
error: a container name must be specified for pod kube-apiserver-ip-10-0-128-147.ec2.internal, choose one of: [kube-apiserver-11 kube-apiserver-cert-syncer-11 kube-apiserver-cert-regeneration-controller-11 kube-apiserver-insecure-readyz-11] or one of the init containers: [setup]


Expected results:

$ oc logs kube-apiserver-ip-10-0-128-147.ec2.internal -n openshift-kube-apiserver
error: a container name must be specified for pod kube-apiserver-ip-10-0-128-147.ec2.internal, choose one of: [kube-apiserver kube-apiserver-cert-syncer kube-apiserver-cert-regeneration-controller kube-apiserver-insecure-readyz] or one of the init containers: [setup]

Eventually:

$ oc logs kube-apiserver-ip-10-0-128-147.ec2.internal -n openshift-kube-apiserver -c kube-apiserver

Additional info:

Comment 2 Xingxing Xia 2020-02-07 10:58:13 UTC
First, thx for Dev report the bug following the pre-filled sections with clear enough steps. We didn't often see this :) and therefore sometimes Dev reported non-simple bugs are a bit too short in description for us to quickly verifyt :)

> ... one have to know the current revision ...
> oc logs kube-apiserver-ip-10-0-128-147.ec2.internal -n openshift-kube-apiserver
> error: a container name ... choose one of: [kube-apiserver-11
Since once fails, it prompts the revision, so I thought not hard to debug, though :)

> ... We fixed it later by adding information in the static pod
Ke Wang, also check the revision info in pod yaml when verifying above cmd's failure gone

Comment 3 Xingxing Xia 2020-02-11 02:56:33 UTC
Verified kas, ks, kcm static pods in latest 4.4 nightly build 4.4.0-0.nightly-2020-02-10-035806 as per comment 2, container name is "kube-apiserver" without the changing revision, revision info is in static pod yaml as before

Comment 5 errata-xmlrpc 2020-05-04 11:33:07 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0581


Note You need to log in before you can comment on or make changes to this bug.