Bug 1901605 - CNO blocks editing Kuryr options
Summary: CNO blocks editing Kuryr options
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.7
Hardware: All
OS: All
Target Milestone: ---
: 4.6.z
Assignee: Michał Dulko
QA Contact: GenadiC
Depends On: 1901604
TreeView+ depends on / blocked
Reported: 2020-11-25 15:45 UTC by OpenShift BugZilla Robot
Modified: 2021-02-08 13:51 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2021-02-08 13:50:51 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift cluster-network-operator pull 890 0 None closed [release-4.6] Bug 1901605: Kuryr: Allow changes to KuryrConfig 2021-02-02 08:02:38 UTC
Red Hat Product Errata RHSA-2021:0308 0 None None None 2021-02-08 13:51:05 UTC

Description OpenShift BugZilla Robot 2020-11-25 15:45:31 UTC
+++ This bug was initially created as a clone of Bug #1901604 +++

Description of problem:
CNO code deliberately blocks any changes to Network CRD related to Kuryr configuration. We do not need to enforce that really, we have code that will make sure Kuryr pods are restarted when configuration changes.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Try editing defaultNetwork.kuryrConfig on `oc edit networks.operator.openshift.io cluster` (available options are listed here: https://github.com/openshift/openshift-docs/pull/27508/files#diff-43c64724124f82eabd8c2216bf5ae8eae892e97bf5cfb3694b028487d8cc10c8R58-R74)
2. Save the object.
3. Check CNO logs to see it starts to fail the reconciliation.

Actual results:
Changes are not applied to `oc get cm -n openshift-kuryr kuryr-config`

Expected results:
Changes are applied.

Additional info:

Comment 3 rlobillo 2021-02-02 14:16:59 UTC
Verified on 4.6.0-0.nightly-2021-01-30-211400 over OSP13 (2021-01-20.1) with Amphora provider.

Running this:

$ oc edit networks.operator.openshift.io cluster

And including section kuryrConfig:

  - cidr:
    hostPrefix: 23
      enablePortPoolsPrepopulation: false
      poolBatchPorts: 3
      poolMaxPorts: 7
      poolMinPorts: 1
    type: Kuryr
  logLevel: ""

is triggering the CNO reconciliation which is updating the kuryr config accordingly:

$ oc get cm -n openshift-kuryr kuryr-config -o yaml | grep "\[vif_pool\]" -A5
    ports_pool_max = 7
    ports_pool_min = 1
    ports_pool_batch = 3
    ports_pool_update_frequency = 30

kuryr pods remain stable after the change:

$ oc get pods -n openshift-kuryr
NAME                               READY   STATUS    RESTARTS   AGE
kuryr-cni-ggvhk                    1/1     Running   0          101m
kuryr-cni-gkw7x                    1/1     Running   0          103m
kuryr-cni-ls5cr                    1/1     Running   0          102m
kuryr-cni-nqhfs                    1/1     Running   0          101m
kuryr-cni-s87gs                    1/1     Running   0          104m
kuryr-cni-t7tzt                    1/1     Running   0          104m
kuryr-controller-7dbc659d8-nntpv   1/1     Running   0          62m

Tempest tests run successfully with updated parameters.

Comment 5 errata-xmlrpc 2021-02-08 13:50:51 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: OpenShift Container Platform 4.6.16 security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.