Description of problem: The ip-reconciler used for Whereabouts can cause undue problems for those that don't implement Whereabouts. The reconciler should be opt-in and used only when Whereabouts is in use. Version-Release number of selected component (if applicable): How reproducible: Easy to reproduce that the reconciler is required. Difficult to reproduce problems with the reconciler in a lab environment. Steps to Reproduce: 1. Look for cronjobs in openshift-multus namespace. Actual results: Cronjob is present. Expected results: Cronjob is not present until a OpenShift networks object containing a RawCNIConfig with a "ipam" section which includes "type": "whereabouts" is present.
Poking at the pull request's AWS update [1] to convince myself that the CronJob got removed: $ curl -s https://gcsweb-ci.apps.ci.l2s4.p1.openshiftapps.com/gcs/origin-ci-test/pr-logs/pull/openshift_cluster-network-operator/1369/pull-ci-openshift-cluster-network-operator-master-e2e-aws-upgrade/1511809674293284864/artifacts/e2e-aws-upgrade/openshift-e2e-test/artifacts/e2e.log | grep 'clusteroperator/network.*versions' Apr 06 22:09:02.715 I clusteroperator/network versions: operator 4.11.0-0.ci.test-2022-04-06-205514-ci-op-c4rc775i-initial -> 4.11.0-0.ci.test-2022-04-06-210024-ci-op-c4rc775i-latest $ curl -s https://gcsweb-ci.apps.ci.l2s4.p1.openshiftapps.com/gcs/origin-ci-test/pr-logs/pull/openshift_cluster-network-operator/1369/pull-ci-openshift-cluster-network-operator-master-e2e-aws-upgrade/1511809674293284864/artifacts/e2e-aws-upgrade/gather-audit-logs/artifacts/audit-logs.tar | tar -xz --strip-components=2 $ zgrep -h ip-reconciler kube-apiserver/*.log.gz | grep delete | grep cronjobs | jq '{stageTimestamp, verb, requestURI, responseStatus, username: .user.username}' { "stageTimestamp": "2022-04-06T22:07:40.363181Z", "verb": "delete", "requestURI": "/apis/batch/v1/namespaces/openshift-multus/cronjobs/ip-reconciler", "responseStatus": { "metadata": {}, "status": "Success", "code": 200 }, "username": "system:serviceaccount:openshift-network-operator:default" } So deleted by the network operator at 22:07, and the network operator claimed to level at the target version at 22:09. Looks good to me :) [1]: https://prow.ci.openshift.org/view/gs/origin-ci-test/pr-logs/pull/openshift_cluster-network-operator/1369/pull-ci-openshift-cluster-network-operator-master-e2e-aws-upgrade/1511809674293284864
PR not merged in nightly image, testing passed in cluster-bot: launch openshift/cluster-network-operator#1398 aws [weliang@weliang ~]$ oc get cronjobs -n openshift-multus No resources found in openshift-multus namespace. [weliang@weliang ~]$ oc edit networks.operator.openshift.io cluster network.operator.openshift.io/cluster edited [weliang@weliang ~]$ oc get cronjobs -n openshift-multus NAME SCHEDULE SUSPEND ACTIVE LAST SCHEDULE AGE ip-reconciler */15 * * * * False 0 <none> 33s [weliang@weliang ~]$ oc get cronjobs -n openshift-multus NAME SCHEDULE SUSPEND ACTIVE LAST SCHEDULE AGE ip-reconciler */15 * * * * False 0 <none> 45s [weliang@weliang ~]$ oc edit networks.operator.openshift.io cluster network.operator.openshift.io/cluster edited [weliang@weliang ~]$ oc get cronjobs -n openshift-multus No resources found in openshift-multus namespace. [weliang@weliang ~]$ oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.10.0-0.ci.test-2022-04-27-144048-ci-ln-8x4r85b-latest True False 63m Cluster version is 4.10.0-0.ci.test-2022-04-27-144048-ci-ln-8x4r85b-latest [weliang@weliang ~]$
Tested and verified in 4.11.0-0.nightly-2022-05-05-015322 [weliang@weliang ~]$ oc get cronjobs -n openshift-multus No resources found in openshift-multus namespace. [weliang@weliang ~]$ oc edit networks.operator.openshift.io cluster network.operator.openshift.io/cluster edited [weliang@weliang ~]$ watch -n2 oc get cronjobs -n openshift-multus [weliang@weliang ~]$ watch -n2 oc get cronjobs -n openshift-multus [weliang@weliang ~]$ oc edit networks.operator.openshift.io cluster network.operator.openshift.io/cluster edited [weliang@weliang ~]$ watch -n2 oc get cronjobs -n openshift-multus [weliang@weliang ~]$ oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.11.0-0.nightly-2022-05-05-015322 True False 20m Cluster version is 4.11.0-0.nightly-2022-05-05-015322 [weliang@weliang ~]$
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:5069