Description of problem: For both standard and 3-node clusters, the ZTP-created 'informDuValidator' policy never goes compliant. Version-Release number of selected component (if applicable): 4.10 How reproducible: 100% of the time Steps to Reproduce: 1. Deploy a standard cluster or 3-node cluster with ZTP 2. Check the DU inform policy 3. GOTO 2 Actual results: The policy does not go compliant because of SNO-specific assumptions made in the MachineConfig section Expected results: The policy should go compliant once the DU profile is fully ready for both standard and 3-node configurations Additional info: The 3 identified reasons for the policy never going compliant are: - The WorkloadPartitioning MachineConfig is only present on SNO installs. - The number of machines expected to be in the master MCP pool is exactly 1 (only true for SNO). - There is no checking at all of the worker MPC pool.
Verified for both 3-node compact clusters and 5-node standard clusters upon successful ZTP installation. [kni@registry ~]$ oc get policies -A NAMESPACE NAME REMEDIATION ACTION COMPLIANCE STATE AGE ztpmultinode ztp-common.common-config-policy inform Compliant 5h55m ztpmultinode ztp-common.common-subscriptions-policy inform Compliant 5h55m ztpmultinode ztp-group.group-du-3node-config-policy inform Compliant 5h55m ztpmultinode ztp-group.group-du-3node-du-validator inform Compliant 118m ztpmultinode ztp-site.example-multinode-site-config-policy inform Compliant 5h55m
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:0056