2059779 – spec.nodeSelector is missing in MCE instance created by MCH upon installing ACM on infra nodes

Bug 2059779 - spec.nodeSelector is missing in MCE instance created by MCH upon installing ACM on infra nodes

Summary: spec.nodeSelector is missing in MCE instance created by MCH upon installing A...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Advanced Cluster Management for Kubernetes
Classification:	Red Hat
Component:	Installer
Sub Component:
Version:	rhacm-2.5
Hardware:	x86_64
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	rhacm-2.5
Assignee:	Jakob
QA Contact:	txue
Docs Contact:	Christopher Dawson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-03-02 00:13 UTC by Thuy Nguyen
Modified:	2023-06-07 08:50 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-06-09 02:09:02 UTC
Target Upstream Version:
Embargoed:
Flags:	bot-tracker-sync: rhacm-2.5+

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	stolostron backlog issues 20342	0	None	None	None	2022-03-02 03:00:11 UTC
Red Hat Product Errata	RHSA-2022:4956	0	None	None	None	2022-06-09 02:09:47 UTC

Description Thuy Nguyen 2022-03-02 00:13:52 UTC

Description of the problem: spec.nodeSelector is missing in MCE instance created by MCH upon installing ACM on infra nodes

Release version:

Operator snapshot version:
- ACM 2.5.0-DOWNSTREAM-2022-03-01-06-19-12
- MCE 2.0.0-DOWNANDBACK-2022-02-22-17-26-30

OCP version: ROSA 4.9.21

Browser Info:

Steps to reproduce:
1. Install ACM and MCE on infra nodes


Actual results:
MCE pods are not resided on infra nodes

Expected results:
All ACM and MCE pods are resided on infra nodes

Additional info:

ACM sub + mch - 
oc get sub -n ocm
NAME                          PACKAGE                       SOURCE         CHANNEL
advanced-cluster-management   advanced-cluster-management   brew-acm-iib   release-2.5


oc get sub -n ocm advanced-cluster-management -oyaml | grep spec: -A13
spec:
  channel: release-2.5
  config:
    nodeSelector:
      node-role.kubernetes.io/infra: ""
    tolerations:
    - effect: NoSchedule
      key: node-role.kubernetes.io/infra
      operator: Exists
  installPlanApproval: Manual
  name: advanced-cluster-management
  source: brew-acm-iib
  sourceNamespace: openshift-marketplace
  startingCSV: advanced-cluster-management.v2.5.0


oc get mch -n ocm multiclusterhub -oyaml
apiVersion: operator.open-cluster-management.io/v1
kind: MultiClusterHub
metadata:
  annotations:
    installer.open-cluster-management.io/mce-subscription-spec: '{"channel": "stable-2.0","installPlanApproval":
      "Automatic","name": "multicluster-engine","source": "brew-mce-iib","sourceNamespace":
      "openshift-marketplace","startingCSV": "multicluster-engine.v2.0.0"}'
  name: multiclusterhub
  namespace: ocm
spec:
  availabilityConfig: High
  enableClusterBackup: true
  imagePullSecret: multiclusterhub-operator-pull-secret
  ingress:
    sslCiphers:
    - ECDHE-ECDSA-AES256-GCM-SHA384
    - ECDHE-RSA-AES256-GCM-SHA384
    - ECDHE-ECDSA-AES128-GCM-SHA256
    - ECDHE-RSA-AES128-GCM-SHA256
  nodeSelector:
    node-role.kubernetes.io/infra: ""
  separateCertificateManagement: false


MCE sub + mce - created by mch
oc get sub -n multicluster-engine multicluster-engine -oyaml | grep spec: -A13
spec:
  channel: stable-2.0
  config:
    nodeSelector:
      node-role.kubernetes.io/infra: ""
    tolerations:
    - effect: NoSchedule
      key: node-role.kubernetes.io/infra
      operator: Exists
  installPlanApproval: Automatic
  name: multicluster-engine
  source: brew-mce-iib
  sourceNamespace: openshift-marketplace
  startingCSV: multicluster-engine.v2.0.0


oc get mce -n multicluster-engine multiclusterengine -oyaml | grep spec: -A8
spec:
  availabilityConfig: High
  imagePullSecret: multiclusterhub-operator-pull-secret
  targetNamespace: multicluster-engine
  tolerations:
  - effect: NoSchedule
    key: node-role.kubernetes.io/infra
    operator: Exists

Comment 1 bot-tracker-sync 2022-03-07 15:33:14 UTC

G2Bsync 1060774809 comment 
 thuyn-581 Mon, 07 Mar 2022 14:55:02 UTC 
 G2Bsync - 
Validated on 2.5.0-DOWNSTREAM-2022-03-03-03-15-27 (Final S3).

Comment 2 bot-tracker-sync 2022-03-11 18:53:34 UTC

G2Bsync 1057423242 comment 
 zkayyali812 Wed, 02 Mar 2022 21:45:12 UTC 
 /G2Bsync
Hi @thuyn-581,
Fix has been merged and validated in -`2.5.0-SNAPSHOT-2022-03-02-21-08-32` and later to ensure nodeSelector is set in MCE if set in MCH

Comment 5 errata-xmlrpc 2022-06-09 02:09:02 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: Red Hat Advanced Cluster Management 2.5 security updates, images, and bug fixes), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:4956

Comment 6 max burns 2023-06-07 08:50:13 UTC Comment hidden (spam)

Based on the information provided, it appears that the issue you're facing is related to the placement of MCE (Multicluster Engine) pods on infra nodes after installing ACM (Advanced Cluster Management) on the infra nodes. The MCE pods are not residing on the expected infra nodes.

To ensure that MCE pods are scheduled on infra nodes, you need to verify and ensure that the necessary configurations are set correctly. Here are a few steps you can take:

Verify the nodeSelector and tolerations configuration in the MCE subscription and MCE Custom Resource (CR). These configurations define the requirements and preferences for pod scheduling.

Check the MCE subscription (multicluster-engine) in the multicluster-engine namespace. Ensure that the nodeSelector field is correctly set to node-role.kubernetes.io/infra: "". This ensures that MCE pods are scheduled on nodes with the infra role.

Similarly, check the MCE Custom Resource (multiclusterengine) in the multicluster-engine namespace. Verify that the tolerations field includes an entry for infra nodes: - key: node-role.kubernetes.io/infra.

Confirm that the ACM subscription (advanced-cluster-management) in the ocm namespace also has the nodeSelector field correctly set to node-role.kubernetes.io/infra: "".

Ensure that all the necessary labels and annotations required for node selection are correctly applied to the infra nodes. You can verify the labels and annotations on the infra nodes using the oc get nodes --show-labels command.

If the configurations mentioned above are correct and the MCE pods are still not scheduled on the expected infra nodes, you may need to investigate further or seek assistance from the support channels specific to ACM and MCE, such as the ACM or Red Hat support teams. They can provide guidance and help troubleshoot the issue more effectively with access to the specific environment and configuration details. https://www.ballsportspro.com/

Note You need to log in before you can comment on or make changes to this bug.