Description of problem: vSphere csi driver uses "Always" imagePullPolicy in some containers Version-Release number of selected component (if applicable): 4.8.0-0.nightly-2021-04-08-200632 How reproducible: Always Steps to Reproduce: 1. Install vSphere cluster 2. Enable the TechPreviewNoUpgrade featureset 3. Check containers which use "Always" imagePullPolicy $ oc -n openshift-cluster-csi-drivers get deployment vmware-vsphere-csi-driver-controller -o json | jq -r '.spec.template.spec.containers[] | select(.imagePullPolicy == "Always")|.name' csi-provisioner csi-attacher csi-resizer csi-liveness-probe $ oc -n openshift-cluster-csi-drivers get ds vmware-vsphere-csi-driver-node -o json | jq -r '.spec.template.spec.containers[] | select(.imagePullPolicy == "Always")|.name' csi-node-driver-registrar csi-liveness-probe Actual results: The sidecar containers use "Always" imagePullPolicy Expected results: ImagePullPolicy needs to be updated to "IfNotPresent".
Hi Wei, Good catch, but I think this should be fixed already. The default value for imagePullPolicy is Always if the image tag is :latest. Otherwise, the default value will be IfNotPresent. It looks like your cluster version is the same as bug 1947775 (4.8.0-0.nightly-2021-04-08-200632), which had the upstream images with :latest tag. Since bug 1947775 has been fixed, the field should be set to IfNotPresent. Could you confirm that?
Hi Fabio, Yes, you are correct, imagePullPolicy are all set to "IfNotPresent" now. It was fixed with bug 1947775. Let me know if need action from my side.
Hi @Wei, Thanks for confirming that. Even though this is now fixed, we should probably explicitly set the imagePullPolicy to IfNotPresent in order to avoid more confusion in the future. If you don't mind, we'd like to use this ticket to track this work. Here's a list of all operators that need to be changed. @Mustafa will work on getting those fields set accordingly: https://github.com/openshift/aws-ebs-csi-driver-operator https://github.com/openshift/azure-disk-csi-driver-operator https://github.com/openshift/csi-driver-manila-operator https://github.com/openshift/gcp-pd-csi-driver-operator https://github.com/openshift/kubevirt-csi-driver-operator https://github.com/openshift/openstack-cinder-csi-driver-operator https://github.com/openshift/ovirt-csi-driver-operator/ https://github.com/openshift/vmware-vsphere-csi-driver @Wei, you shouldn't see any changes on your end.
All checked except the ovirt-csi-driver-operator, from the PR, should no risk. Change the status to "VERIFIED"
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2438