+++ This bug was initially created as a clone of Bug #1901604 +++ Description of problem: CNO code deliberately blocks any changes to Network CRD related to Kuryr configuration. We do not need to enforce that really, we have code that will make sure Kuryr pods are restarted when configuration changes. Version-Release number of selected component (if applicable): 4.x How reproducible: Always Steps to Reproduce: 1. Try editing defaultNetwork.kuryrConfig on `oc edit networks.operator.openshift.io cluster` (available options are listed here: https://github.com/openshift/openshift-docs/pull/27508/files#diff-43c64724124f82eabd8c2216bf5ae8eae892e97bf5cfb3694b028487d8cc10c8R58-R74) 2. Save the object. 3. Check CNO logs to see it starts to fail the reconciliation. Actual results: Changes are not applied to `oc get cm -n openshift-kuryr kuryr-config` Expected results: Changes are applied. Additional info:
Verified on 4.6.0-0.nightly-2021-01-30-211400 over OSP13 (2021-01-20.1) with Amphora provider. Running this: $ oc edit networks.operator.openshift.io cluster And including section kuryrConfig: spec: clusterNetwork: - cidr: 10.128.0.0/14 hostPrefix: 23 defaultNetwork: kuryrConfig: enablePortPoolsPrepopulation: false poolBatchPorts: 3 poolMaxPorts: 7 poolMinPorts: 1 type: Kuryr logLevel: "" serviceNetwork: - 172.30.0.0/16 is triggering the CNO reconciliation which is updating the kuryr config accordingly: $ oc get cm -n openshift-kuryr kuryr-config -o yaml | grep "\[vif_pool\]" -A5 [vif_pool] ports_pool_max = 7 ports_pool_min = 1 ports_pool_batch = 3 ports_pool_update_frequency = 30 kuryr pods remain stable after the change: $ oc get pods -n openshift-kuryr NAME READY STATUS RESTARTS AGE kuryr-cni-ggvhk 1/1 Running 0 101m kuryr-cni-gkw7x 1/1 Running 0 103m kuryr-cni-ls5cr 1/1 Running 0 102m kuryr-cni-nqhfs 1/1 Running 0 101m kuryr-cni-s87gs 1/1 Running 0 104m kuryr-cni-t7tzt 1/1 Running 0 104m kuryr-controller-7dbc659d8-nntpv 1/1 Running 0 62m Tempest tests run successfully with updated parameters.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: OpenShift Container Platform 4.6.16 security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:0308