Description of problem: Something like: apiVersion: hco.kubevirt.io/v1beta1 kind: HyperConverged metadata: name: kubevirt-hyperconverged namespace: openshift-cnv spec: infra: nodePlacement: nodeSelector: node-role.kubernetes.io/infra: '' workloads: nodePlacement: nodeSelector: node-role.kubernetes.io/worker: '' is not properly propagated down to kubemacpool-cert-manager deployment Version-Release number of selected component (if applicable): How reproducible: 100% Steps to Reproduce: 1. configure HCO CR as for the suggested configuration 2. check the placement of kubemacpool-cert-manager 3. Actual results: kubemacpool-cert-manager is not scheduled on infra nodes Expected results: kubemacpool-cert-manager is scheduled on infra nodes Additional info:
Fixed upstream https://github.com/kubevirt/cluster-network-addons-operator/pull/1525
Verified on: CNV 4.13.1 cluster-network-addons-operator-rhel9:v4.13.1-2 Verified with the following scenario: 1. Label all workers with infra role: $ oc get nodes NAME STATUS ROLES AGE VERSION c01-n-ys-4131o-gfnr2-master-0 Ready control-plane,master 4h32m v1.26.3+b404935 c01-n-ys-4131o-gfnr2-master-1 Ready control-plane,master 4h32m v1.26.3+b404935 c01-n-ys-4131o-gfnr2-master-2 Ready control-plane,master 4h32m v1.26.3+b404935 c01-n-ys-4131o-gfnr2-worker-0-255wc Ready worker 4h16m v1.26.3+b404935 c01-n-ys-4131o-gfnr2-worker-0-725qn Ready worker 4h16m v1.26.3+b404935 c01-n-ys-4131o-gfnr2-worker-0-tjvwz Ready worker 4h15m v1.26.3+b404935 $ $ oc label node c01-n-ys-4131o-gfnr2-worker-0-255wc node-role.kubernetes.io/infra="" node/c01-n-ys-4131o-gfnr2-worker-0-255wc labeled $ $ oc label node c01-n-ys-4131o-gfnr2-worker-0-725qn node-role.kubernetes.io/infra="" node/c01-n-ys-4131o-gfnr2-worker-0-725qn labeled $ oc label node c01-n-ys-4131o-gfnr2-worker-0-tjvwz node-role.kubernetes.io/infra="" node/c01-n-ys-4131o-gfnr2-worker-0-tjvwz labeled $ $ oc get nodes NAME STATUS ROLES AGE VERSION c01-n-ys-4131o-gfnr2-master-0 Ready control-plane,master 4h32m v1.26.3+b404935 c01-n-ys-4131o-gfnr2-master-1 Ready control-plane,master 4h32m v1.26.3+b404935 c01-n-ys-4131o-gfnr2-master-2 Ready control-plane,master 4h32m v1.26.3+b404935 c01-n-ys-4131o-gfnr2-worker-0-255wc Ready infra,worker 4h16m v1.26.3+b404935 c01-n-ys-4131o-gfnr2-worker-0-725qn Ready infra,worker 4h16m v1.26.3+b404935 c01-n-ys-4131o-gfnr2-worker-0-tjvwz Ready infra,worker 4h15m v1.26.3+b404935 2. Check what is the node on which kubemacpool-cert-manager is currently scheduled: $ oc get pod -n openshift-cnv kubemacpool-cert-manager-64c6596598-gct9v -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES kubemacpool-cert-manager-64c6596598-gct9v 1/1 Running 0 168m 10.128.0.115 c01-n-ys-4131o-gfnr2-master-0 <none> <none> 3. Edit HCO and add the infra and workloads nodePlacement which are specified in the bug description: $ oc edit hco -n openshift-cnv kubevirt-hyperconverged ... spec: ... infra: nodePlacement: nodeSelector: node-role.kubernetes.io/infra: "" ... workloads: nodePlacement: nodeSelector: node-role.kubernetes.io/worker: "" ... hyperconverged.hco.kubevirt.io/kubevirt-hyperconverged edited 4. Check for the nodeSelector in the new kubemacpool-cert-manager ReplicaSet: $ oc get replicaset -n openshift-cnv kubemacpool-cert-manager-66898f94cd -o yaml ... nodeSelector: node-role.kubernetes.io/infra: "" ... 5. Verify the kubemacpool-cert-manager pod was scheduled on one of the labeled nodes: $ oc get pod -n openshift-cnv kubemacpool-cert-manager-66898f94cd-j8lrs -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES kubemacpool-cert-manager-66898f94cd-j8lrs 1/1 Running 0 15m 10.131.0.104 c01-n-ys-4131o-gfnr2-worker-0-725qn <none> <none>
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Virtualization 4.13.1 Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2023:3686