Bug 1908159 - [AWS C2S] MCO fails to sync cloud config
Summary: [AWS C2S] MCO fails to sync cloud config
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Machine Config Operator
Version: 4.7
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.7.0
Assignee: Matthew Staebler
QA Contact: Yunfei Jiang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-12-16 00:13 UTC by Matthew Staebler
Modified: 2021-02-24 15:45 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
This is a bug in new functionality added to 4.7.
Clone Of:
Environment:
Last Closed: 2021-02-24 15:44:54 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift machine-config-operator pull 2305 0 None closed Bug 1908159: operator: fix error syncing cloud config with CA data but no cloud config 2021-02-05 15:44:29 UTC
Red Hat Product Errata RHSA-2020:5633 0 None None None 2021-02-24 15:45:16 UTC

Description Matthew Staebler 2020-12-16 00:13:09 UTC 
When running in a C2S AWS region with a CA bundle for accessing the AWS API but without a cloud.conf, the machine-config-operator fails to sync the cloud config because the MCO deems that the cloud.conf is required.

This is not a regression but rather an oversight in recent changes to support AWS C2S [1].

[1] https://github.com/openshift/machine-config-operator/pull/2208#issuecomment-738237180
Comment 6 Yunfei Jiang 2021-01-22 05:50:34 UTC 
verified. PASS.
OCP version: 4.7.0-0.nightly-2021-01-21-090809


> ./oc get co | grep machine
machine-api                                4.7.0-0.nightly-2021-01-21-090809   True        False         False      19h
machine-approver                           4.7.0-0.nightly-2021-01-21-090809   True        False         False      19h
machine-config                             4.7.0-0.nightly-2021-01-21-090809   True        False         False      19h

> ./oc get node
NAME                           STATUS   ROLES    AGE   VERSION
ip-10-143-1-15.ec2.internal    Ready    worker   18h   v1.20.0+d9c52cc
ip-10-143-1-165.ec2.internal   Ready    worker   19h   v1.20.0+d9c52cc
ip-10-143-1-201.ec2.internal   Ready    master   19h   v1.20.0+d9c52cc
ip-10-143-1-206.ec2.internal   Ready    worker   19h   v1.20.0+d9c52cc
ip-10-143-1-239.ec2.internal   Ready    master   19h   v1.20.0+d9c52cc
ip-10-143-1-4.ec2.internal     Ready    master   19h   v1.20.0+d9c52cc

> ./oc  describe node | grep machineconfig
                    machineconfiguration.openshift.io/currentConfig: rendered-worker-30adc32d94ce7897e18962ec68730198
                    machineconfiguration.openshift.io/desiredConfig: rendered-worker-30adc32d94ce7897e18962ec68730198
                    machineconfiguration.openshift.io/reason:
                    machineconfiguration.openshift.io/state: Done
                    machineconfiguration.openshift.io/currentConfig: rendered-worker-30adc32d94ce7897e18962ec68730198
                    machineconfiguration.openshift.io/desiredConfig: rendered-worker-30adc32d94ce7897e18962ec68730198
                    machineconfiguration.openshift.io/reason:
                    machineconfiguration.openshift.io/state: Done
                    machineconfiguration.openshift.io/currentConfig: rendered-master-1220024f982f669c9fae8d91a4a0356f
                    machineconfiguration.openshift.io/desiredConfig: rendered-master-1220024f982f669c9fae8d91a4a0356f
                    machineconfiguration.openshift.io/reason:
                    machineconfiguration.openshift.io/state: Done
                    machineconfiguration.openshift.io/currentConfig: rendered-worker-30adc32d94ce7897e18962ec68730198
                    machineconfiguration.openshift.io/desiredConfig: rendered-worker-30adc32d94ce7897e18962ec68730198
                    machineconfiguration.openshift.io/reason:
                    machineconfiguration.openshift.io/state: Done
                    machineconfiguration.openshift.io/currentConfig: rendered-master-1220024f982f669c9fae8d91a4a0356f
                    machineconfiguration.openshift.io/desiredConfig: rendered-master-1220024f982f669c9fae8d91a4a0356f
                    machineconfiguration.openshift.io/reason:
                    machineconfiguration.openshift.io/state: Done
                    machineconfiguration.openshift.io/currentConfig: rendered-master-1220024f982f669c9fae8d91a4a0356f
                    machineconfiguration.openshift.io/desiredConfig: rendered-master-1220024f982f669c9fae8d91a4a0356f
                    machineconfiguration.openshift.io/reason:
                    machineconfiguration.openshift.io/state: Done

> ./oc get node ip-10-143-1-15.ec2.internal -oyaml
apiVersion: v1
kind: Node
metadata:
  annotations:
    csi.volume.kubernetes.io/nodeid: '{"ebs.csi.aws.com":"i-096a7080525e50250"}'
    machine.openshift.io/machine: openshift-machine-api/yunjiang-bz114a-75ckv-worker-us-iso-east-1c-2dgj8
    machineconfiguration.openshift.io/currentConfig: rendered-worker-30adc32d94ce7897e18962ec68730198
    machineconfiguration.openshift.io/desiredConfig: rendered-worker-30adc32d94ce7897e18962ec68730198
    machineconfiguration.openshift.io/reason: ""
    machineconfiguration.openshift.io/state: Done
    volumes.kubernetes.io/controller-managed-attach-detach: "true"
<--snip-->
  conditions:
  - lastHeartbeatTime: "2021-01-22T05:32:57Z"
    lastTransitionTime: "2021-01-21T10:36:35Z"
    message: kubelet has sufficient memory available
    reason: KubeletHasSufficientMemory
    status: "False"
    type: MemoryPressure
  - lastHeartbeatTime: "2021-01-22T05:32:57Z"
    lastTransitionTime: "2021-01-21T10:36:35Z"
    message: kubelet has no disk pressure
    reason: KubeletHasNoDiskPressure
    status: "False"
    type: DiskPressure
  - lastHeartbeatTime: "2021-01-22T05:32:57Z"
    lastTransitionTime: "2021-01-21T10:36:35Z"
    message: kubelet has sufficient PID available
    reason: KubeletHasSufficientPID
    status: "False"
    type: PIDPressure
  - lastHeartbeatTime: "2021-01-22T05:32:57Z"
    lastTransitionTime: "2021-01-21T10:41:05Z"
    message: kubelet is posting ready status
    reason: KubeletReady
    status: "True"
    type: Ready
<--snip-->

> ./oc get co machine-config -oyaml
apiVersion: config.openshift.io/v1
kind: ClusterOperator
metadata:
  annotations:
    exclude.release.openshift.io/internal-openshift-hosted: "true"
    include.release.openshift.io/self-managed-high-availability: "true"
    include.release.openshift.io/single-node-developer: "true"
  creationTimestamp: "2021-01-21T10:13:49Z"
  generation: 1
  managedFields:
  - apiVersion: config.openshift.io/v1
    fieldsType: FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .: {}
          f:exclude.release.openshift.io/internal-openshift-hosted: {}
          f:include.release.openshift.io/self-managed-high-availability: {}
          f:include.release.openshift.io/single-node-developer: {}
      f:spec: {}
      f:status:
        .: {}
        f:extension:
          f:master: {}
        f:relatedObjects: {}
        f:versions: {}
    manager: cluster-version-operator
    operation: Update
    time: "2021-01-21T10:13:49Z"
  - apiVersion: config.openshift.io/v1
    fieldsType: FieldsV1
    fieldsV1:
      f:status:
        f:conditions: {}
        f:extension:
          .: {}
          f:master: {}
          f:worker: {}
        f:relatedObjects: {}
        f:versions: {}
    manager: machine-config-operator
    operation: Update
    time: "2021-01-21T10:26:44Z"
  name: machine-config
  resourceVersion: "25771"
  selfLink: /apis/config.openshift.io/v1/clusteroperators/machine-config
  uid: 0d473ca6-e5b7-4ce6-9ce3-49a2e9687ea3
spec: {}
status:
  conditions:
  - lastTransitionTime: "2021-01-21T10:26:45Z"
    message: Cluster version is 4.7.0-0.nightly-2021-01-21-090809
    status: "False"
    type: Progressing
  - lastTransitionTime: "2021-01-21T10:23:40Z"
    status: "False"
    type: Degraded
  - lastTransitionTime: "2021-01-21T10:26:44Z"
    message: Cluster has deployed 4.7.0-0.nightly-2021-01-21-090809
    status: "True"
    type: Available
  - lastTransitionTime: "2021-01-21T10:26:44Z"
    reason: AsExpected
    status: "True"
    type: Upgradeable
  extension:
    master: all 3 nodes are at latest configuration rendered-master-1220024f982f669c9fae8d91a4a0356f
    worker: all 3 nodes are at latest configuration rendered-worker-30adc32d94ce7897e18962ec68730198
  relatedObjects:
  - group: ""
    name: openshift-machine-config-operator
    resource: namespaces
  - group: machineconfiguration.openshift.io
    name: ""
    resource: machineconfigpools
  - group: machineconfiguration.openshift.io
    name: ""
    resource: controllerconfigs
  - group: machineconfiguration.openshift.io
    name: ""
    resource: kubeletconfigs
  - group: machineconfiguration.openshift.io
    name: ""
    resource: containerruntimeconfigs
  - group: machineconfiguration.openshift.io
    name: ""
    resource: machineconfigs
  - group: ""
    name: ""
    resource: nodes
  versions:
  - name: operator
    version: 4.7.0-0.nightly-2021-01-21-090809
Comment 8 errata-xmlrpc 2021-02-24 15:44:54 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5633
Note You need to log in before you can comment on or make changes to this bug.