Description of problem: When workload partitioning is enabled on Single Node cluster (SNO) all "infrastructure" pods are allocated to the management workload partition. Debug containers fail to launch against these pods: $ oc debug -n openshift-monitoring prometheus-k8s-0 Defaulting container name to prometheus. Use 'oc describe pod/prometheus-k8s-0-debug -n openshift-monitoring' to see all of the containers in this pod. The Pod "prometheus-k8s-0-debug" is invalid: spec.containers.resources.requests: Invalid value: core.ResourceList{"management.workload.openshift.io/cores":resource.Quantity{i:resource.int64Amount{value:1, scale:0}, d:resource.infDecAmount{Dec:(*inf.Dec)(nil)}, s:"1", Format:"DecimalSI"}, "memory":resource.Quantity{i:resource.int64Amount{value:10485760, scale:0}, d:resource.infDecAmount{Dec:(*inf.Dec)(nil)}, s:"10Mi", Format:"BinarySI"}}: the pod without workload annotations can not have containers with workload resources "management.workload.openshift.io/cores" $ oc debug kube-apiserver-master-0.cluster1.savanna.lab.eng.rdu2.redhat.com -n openshift-kube-apiserver Defaulting container name to kube-apiserver. Use 'oc describe pod/kube-apiserver-master-0cluster1savannalabengrdu2redhatcom-debug -n openshift-kube-apiserver' to see all of the containers in this pod. The Pod "kube-apiserver-master-0cluster1savannalabengrdu2redhatcom-debug" is invalid: spec.containers.resources.requests: Invalid value: core.ResourceList{"management.workload.openshift.io/cores":resource.Quantity{i:resource.int64Amount{value:10, scale:0}, d:resource.infDecAmount{Dec:(*inf.Dec)(nil)}, s:"10", Format:"DecimalSI"}, "memory":resource.Quantity{i:resource.int64Amount{value:52428800, scale:0}, d:resource.infDecAmount{Dec:(*inf.Dec)(nil)}, s:"50Mi", Format:"BinarySI"}}: the pod without workload annotations can not have containers with workload resources "management.workload.openshift.io/cores" Version-Release number of selected component (if applicable): 4.8 How reproducible: Always Steps to Reproduce: 1. Install SNO cluster with workload partitioning enabled 2. Run oc debug ... against pods similar to above 3. Actual results: Failure to launch pod Expected results: Debug pod running Additional info:
Ke Wang, FYI the workload partitioning admission plugin feature belongs to Node subteam.
Changed the component.
@alukiano @imiller @kewang was Memory Manager enabled on this SNO cluster ? is this BZ Sub component correct ?
No, it should not be the memory manager component at all.
Agreed with Artyom. Memory Manager is not related to this issue.
Verified on 4.9 fc.1 OCP with 4.9 rc.0 oc: https://openshift-release-artifacts.apps.ci.l2s4.p1.openshiftapps.com/4.9.0-rc.0/ This is successful: oc debug -n openshift-monitoring prometheus-k8s-0
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759