Bug 2114922 - Can run with host-Model cpuModel even if it is in ObsoleteCPUModels
Summary: Can run with host-Model cpuModel even if it is in ObsoleteCPUModels
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Container Native Virtualization (CNV)
Classification: Red Hat
Component: Virtualization
Version: 4.12.0
Hardware: All
OS: Unspecified
high
high
Target Milestone: ---
: 4.13.0
Assignee: Barak
QA Contact: zhe peng
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-08-03 14:11 UTC by Barak
Modified: 2023-05-18 02:56 UTC (History)
3 users (show)

Fixed In Version: hco-bundle-registry-container-v4.13.0.rhel9-848
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-05-18 02:55:41 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github kubevirt kubevirt pull 7965 0 None open Vmi shouldn't run with obsolete cpu model 2022-11-02 09:40:45 UTC
Red Hat Issue Tracker CNV-20281 0 None None None 2022-11-09 13:59:15 UTC
Red Hat Product Errata RHSA-2023:3205 0 None None None 2023-05-18 02:56:30 UTC

Description Barak 2022-08-03 14:11:32 UTC 
Description of problem:
Currently if a node has host-model cpu that is included in ObsoleteCPUModels
and we create vmi with host-model cpu it can still be scheduled to that node,
than the vmi will run with host-model cpu and won't be able to migrate.

Version-Release number of selected component (if applicable):


How reproducible:
Add a node's host-model cpu model to the ObsoleteCPUModels
can find out which model is that through the node's label:
"host-model-cpu.node.kubevirt.io/<HostModelOfTheNode>": "true"  

Create a vm to start on the node with host-model(the default cpuModel)

Actual results:
The vm will be scheduled and run with the obsolete cpuModel

Expected results:
Virt launcher shouldn't be scheduled

Additional info:
Comment 1 sgott 2022-08-10 12:29:53 UTC 
In this scenario, we allow a VM to be created that cannot be migrated, which will block upgrade. Because of this we're increasing the severity.
Comment 5 zhe peng 2023-03-07 10:40:27 UTC 
verify with build: CNV-v4.13.0.rhel9-1639

step:
1: check cluster node cpu model(in the test is "EPYC-Rome")
2: add  cpu mode to ObsoleteCPUModels
$ oc get HyperConverged kubevirt-hyperconverged -n openshift-cnv -o yaml
...
  obsoleteCPUs:
    cpuModels:
    - EPYC-Rome
...
3: check node's label
...
host-model-cpu.node.kubevirt.io/EPYC-Rome: "true"
...

4: create a vm with default template
$ oc get vm
NAME        AGE     STATUS               READY
vm-fedora   6m24s   ErrorUnschedulable   False

$ oc get pods
NAME                            READY   STATUS    RESTARTS   AGE
virt-launcher-vm-fedora-dqnh6   0/1     Pending   0          6m39s

error msg is:
Events:
  Type     Reason            Age   From               Message
  ----     ------            ----  ----               -------
  Warning  FailedScheduling  7m5s  default-scheduler  0/6 nodes are available: 3 Insufficient devices.kubevirt.io/kvm, 3 Insufficient devices.kubevirt.io/tun, 3 Insufficient devices.kubevirt.io/vhost-net, 3 node(s) had untolerated taint {node-role.kubernetes.io/master: }, 6 node(s) didn't match Pod's node affinity/selector. preemption: 0/6 nodes are available: 6 Preemption is not helpful for scheduling..

move to verified.
Comment 8 errata-xmlrpc 2023-05-18 02:55:41 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Virtualization 4.13.0 Images security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:3205
Note You need to log in before you can comment on or make changes to this bug.