Description of problem: If the tag is defined on both MS and Infra, but the values differ, the value from MS should take precedence. Now the result is the first found value from machineset gets precedence. Version-Release number of selected component (if applicable): 4.8.0-0.nightly-2021-04-30-154520 How reproducible: always Steps to Reproduce: 1. Set up an ipi aws cluster with usertags: 1)$ ./openshift-install create install-config --dir tagtest 2) update install-config.yaml platform: aws: region: us-east-2 experimentalPropagateUserTags: true userTags: adminContact: zhsun 2. Add machineset tags with same name but different value with user-defined tags. $ oc edit machineset zhsuntag-thmsw-worker-us-east-2c tags: - name: kubernetes.io/cluster/zhsuntag-thmsw value: owned - name: adminContact value: zhsun - name: adminContact value: zhsun1 3. Scale up machinset Actual results: The first found value from machineset gets precedence. Check from aws GUI, the tag adminContact's value is zhsun. $ oc get infrastructure.config.openshift.io cluster -o yaml status: platform: AWS platformStatus: aws: region: us-east-2 resourceTags: - key: adminContact value: zhsun $ oc get machine zhsuntag2-cn9js-worker-us-east-2c-l7ttd -o yaml tags: - name: kubernetes.io/cluster/zhsuntag2-cn9js value: owned - name: adminContact value: zhsun - name: adminContact value: zhsun1 Expected results: Machine tags should have precedence over Infrastructure, the tag adminContact's value is zhsun1. Additional info:
This is somewhat intentional data, we expect the name key to be unique in the list of tags on any machine/machineset, but we don't have any validation for this. My suggestion would be that we don't change the behaviour here, but add a warning or error using validating webhooks to notify the user that only the first value for a given name will be copied to the EC2 instance
Still keen to merge this for 4.8, in need of reviews. I think this should be able to go in this week but will re-evaluate based on review feedback
Verified clusterversion: 4.9.0-0.nightly-2021-09-01-193941 I0903 05:51:51.430817 1 controller.go:59] controllers/MachineSet "msg"="Reconciling" "machineset"="zhsun93tag-dvbjd-worker-us-east-2c" "namespace"="openshift-machine-api" I0903 05:51:51.444660 1 deleg.go:130] KubeAPIWarningLogger "msg"="providerSpec.tags: duplicated tag names (adminContact): only the first value will be used." I0903 05:51:51.466948 1 controller.go:174] zhsun93tag-dvbjd-worker-us-east-2c-7qpq2: reconciling Machine I0903 05:51:51.485831 1 controller.go:174] zhsun93tag-dvbjd-worker-us-east-2c-7qpq2: reconciling Machine I0903 05:51:51.485853 1 actuator.go:104] zhsun93tag-dvbjd-worker-us-east-2c-7qpq2: actuator checking if machine exists I0903 05:51:51.542515 1 reconciler.go:265] zhsun93tag-dvbjd-worker-us-east-2c-7qpq2: Instance does not exist I0903 05:51:51.542541 1 controller.go:357] zhsun93tag-dvbjd-worker-us-east-2c-7qpq2: setting phase to Provisioning and requeuing tags: - name: kubernetes.io/cluster/zhsun93tag-dvbjd value: owned - name: adminContact value: zhsun - name: adminContact value: zhsun1 Check from aws GUI, the tag adminContact's value is the first value zhsun.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759