Bug 1904663 - IPI pointer customization MachineConfig always generated
Summary: IPI pointer customization MachineConfig always generated
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 4.7
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.7.0
Assignee: Steven Hardy
QA Contact: Daniel
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-12-05 10:54 UTC by Steven Hardy
Modified: 2021-02-24 15:40 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-02-24 15:38:11 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift installer pull 4455 0 None closed Bug 1904663: Fix comparison in pointer ignition customization asset 2020-12-20 07:06:28 UTC
Red Hat Product Errata RHSA-2020:5633 0 None None None 2021-02-24 15:40:03 UTC

Description Steven Hardy 2020-12-05 10:54:21 UTC
An issue was noticed after https://github.com/openshift/installer/pull/4413 landed, the conditional in that PR isn't working, so we're always generating a machine config, even when no customizations have been applied, e.g:

e.g comment from Colin on that PR:

>Yeah this is happening across the board, digging into e.g. this 4.7 nightly in the e2e logs for a stock AWS IPI install I see:
    https://gcsweb-ci.apps.ci.l2s4.p1.openshiftapps.com/gcs/origin-ci-test/logs/release-openshift-ocp-installer-e2e-aws-4.7/1334471421937586176/artifacts/e2e-aws/installer/.openshift_install.log

        time="2020-12-03T12:25:59Z" level=info msg="Master pointer ignition was modified. Saving contents to a machineconfig"

In the case where no pointer customizations have been applied, this log output should not occur, and no 99-installer-ignition-master/worker MachineConfig object should exist.

Comment 2 Daniel 2020-12-15 06:14:20 UTC
Could you please describe the "steps to reproduce"?

Comment 3 Steven Hardy 2020-12-18 10:40:29 UTC
(In reply to Daniel from comment #2)
> Could you please describe the "steps to reproduce"?

During any IPI deployment with a 4.7 build you should now only see installer output like

  time="2020-12-03T12:25:59Z" level=info msg="Master pointer ignition was modified. Saving contents to a machineconfig"

When pointer ignition customizations *have* been applied ref https://github.com/openshift/installer/blob/master/docs/user/customization.md#os-customization-unvalidated

Likewise on the installed cluster there should be no 99-installer-ignition-master/worker MachineConfig object visible via e.g `oc get mc -A`

So, the steps to reproduce are just do any IPI deployment and ensure those logs/resources don't exist.

If you want to observe the case where they do exist, you can modify the pointer config, e.g something like:

  openshift-baremetal-install --dir somedir --log-level=debug create ignition-configs
  mv somedir/master.ign somedir/master.ign.orig
  jq -s '.[0] * .[1]' extra.ign somedir/master.ign.orig | tee somedir/master.ign
  mv somedir/worker.ign somedir/worker.ign.orig
  jq -s '.[0] * .[1]' extra.ign somedir/worker.ign.orig | tee somedir/worker.ign

Where extra.ign is like:

  {
    "ignition": {
      "version": "3.1.0"
    },
    "storage": {
      "files": [
        {
          "path": "/etc/test",
          "mode": 436,
          "contents": {
            "source": "data:,test-foo%0A"
          }
        }
      ]
    }
  }

And in this case you should see the previously mentioned logs and MachineConfig resources.

Comment 6 errata-xmlrpc 2021-02-24 15:38:11 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5633


Note You need to log in before you can comment on or make changes to this bug.