Bug 2039670 - Create PDBs for control plane components
Summary: Create PDBs for control plane components
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: kube-controller-manager
Version: 4.10
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.10.0
Assignee: Jan Chaloupka
QA Contact: zhou ying
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-01-12 08:27 UTC by Jan Chaloupka
Modified: 2022-03-10 16:39 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-03-10 16:38:43 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift cluster-authentication-operator pull 514 0 None Merged bug 2039670: Create the PDB dynamically so it does not get created on the SNO topology 2022-01-21 12:33:29 UTC
Github openshift cluster-authentication-operator pull 538 0 None Merged bug 2039670: Sync the library-go 2022-01-21 12:33:27 UTC
Github openshift cluster-csi-snapshot-controller-operator pull 109 0 None Merged bug 2039670: Skip deployment of PDBs on the SNO topology 2022-01-25 15:21:39 UTC
Github openshift cluster-openshift-apiserver-operator pull 489 0 None Merged bug 2039670: Create the PDB dynamically so it does not get created on the SNO topology 2022-01-21 12:33:28 UTC
Red Hat Product Errata RHSA-2022:0056 0 None None None 2022-03-10 16:39:00 UTC

Description Jan Chaloupka 2022-01-12 08:27:29 UTC
During a cluster upgrade there's currently no guarantee any control plan component 
will keep at least one of its pods available.  To ensure there is at least one pod available when the master nodes are getting drained, a PDB for each core component is created.

For more information please see https://issues.redhat.com/browse/WRKLDS-293.

KS, KCM and KA need additional logic alongside the PDBs. Their resolution is tracked through https://bugzilla.redhat.com/show_bug.cgi?id=2005901.

Comment 7 zhou ying 2022-01-30 05:46:34 UTC
Could find pdb for multi-nodes cluster : 
[root@localhost ~]# oc project openshift-kube-controller-manager
Now using project "openshift-kube-controller-manager" on server "https://api.yinzhou-30.qe.devcluster.openshift.com:6443".
[root@localhost ~]# oc get pdb
NAME                                MIN AVAILABLE   MAX UNAVAILABLE   ALLOWED DISRUPTIONS   AGE
kube-controller-manager-guard-pdb   2               N/A               1                     110m




can't find pdb for SNo:

[root@localhost roottest]# oc get node
NAME                                         STATUS   ROLES           AGE   VERSION
ip-10-0-153-252.us-east-2.compute.internal   Ready    master,worker   35m   v1.23.3+b63be7f
[root@localhost roottest]# oc project openshift-kube-controller-manager
Now using project "openshift-kube-controller-manager" on server "https://api.yinzhou-bugr.qe.devcluster.openshift.com:6443".
[root@localhost roottest]# oc get pdb
No resources found in openshift-kube-controller-manager namespace.

[root@localhost roottest]# oc get clusterversion 
NAME      VERSION                                    AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.10.0-0.nightly-arm64-2022-01-29-162645   True        False         16m     Cluster version is 4.10.0-0.nightly-arm64-2022-01-29-162645

Comment 10 errata-xmlrpc 2022-03-10 16:38:43 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056


Note You need to log in before you can comment on or make changes to this bug.