Description of problem: While mandating priority classes for all the components in `openshift-*` namespaces, we noticed that the following component(s) is/are missing priority class. pod-identity-webhook Following is the guidance on the which priority class to choose: If it is fine for your operator/operand to be preempted by user workload specify and OOMKilled use openshift-user-critical priority class If you want your operator/operand not to be preempted by user-workload but still be OOMKilled use system-cluster-critical priority class If you want operator/operand not be preempted by user-workload and OOMKilled last use system-node-critical priority class Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Verified on 4.8.0-0.nightly-2021-05-06-032413 $ oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.8.0-0.nightly-2021-05-06-032413 True False 17m Cluster version is 4.8.0-0.nightly-2021-05-06-032413 ##pod-identity-webhook has added priority class $ oc get deployment pod-identity-webhook -o json | jq -r ".spec.template.spec.priorityClassName" system-cluster-critical $ oc get pods pod-identity-webhook-7ffbb7bc78-flhgr -o json | jq -r ".spec.priorityClassName" system-cluster-critical
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2438