Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-10558

MAPO failing to retrieve flavour information after rotating credentials

    XMLWordPrintable

Details

    • +
    • No
    • ShiftStack Sprint 233
    • 1
    • False
    • Hide

      None

      Show
      None
    • Hide
      Previously, when there was a rotation of the {rh-openstack} `clouds.yaml` file, the {rh-openstack} machine API provider required a restart to reflect new cloud credentials. As a result, the ability of a machine set to scale to zero was affected.

      Now, the caching of cloud credentials is eliminated. The machine API provider can retrieve the latest corresponding secret as it is required, resolving the machine scaling issue.
      Show
      Previously, when there was a rotation of the {rh-openstack} `clouds.yaml` file, the {rh-openstack} machine API provider required a restart to reflect new cloud credentials. As a result, the ability of a machine set to scale to zero was affected. Now, the caching of cloud credentials is eliminated. The machine API provider can retrieve the latest corresponding secret as it is required, resolving the machine scaling issue.
    • Bug Fix

    Description

      Description of problem:

      When running a cluster on application credentials, this event appears repeatedly:

ns/openshift-machine-api machineset/nhydri0d-f8dcc-kzcwf-worker-0 hmsg/173228e527 - pathological/true reason/ReconcileError could not find information for "ci.m1.xlarge"

      Version-Release number of selected component (if applicable):

       

      How reproducible:

      Happens in the CI (https://prow.ci.openshift.org/view/gs/origin-ci-test/pr-logs/pull/openshift_release/33330/rehearse-33330-periodic-ci-shiftstack-shiftstack-ci-main-periodic-4.13-e2e-openstack-ovn-serial/1633149670878351360).

      Steps to Reproduce:

      1. On a living cluster, rotate the OpenStack cloud credentials
2. Invalidate the previous credentials
3. Watch the machine-api events (`oc -n openshift-machine-api get event`). A `Warning` type of issue could not find information for "name-of-the-flavour" will appear.

If the cluster was installed using a password that you can't invalidate:
1. Rotate the cloud credentials to application credentials
2. Restart MAPO (`oc -n openshift-machine-api get pods -o NAME | xargs -r oc -n openshift-machine-api delete`)
3. Rotate cloud credentials again
4. Revoke the first application credentials you set
5. Finally watch the events (`oc -n openshift-machine-api get event`)

The event signals that MAPO wasn't able to update flavour information on the MachineSet status.

      Actual results:

       

      Expected results:

      No issue detecting the flavour details

      Additional info:

      Offending code likely around this line: https://github.com/openshift/machine-api-provider-openstack/blob/bcb08a7835c08d20606d75757228fd03fbb20dab/pkg/machineset/controller.go#L116

      Attachments

        Issue Links

          blocks

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-10603 MAPO failing to retrieve flavour information after rotating credentials

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • Closed
          clones

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-8687 MAPO failing to retrieve flavour information after rotating credentials

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • Closed
          is blocked by

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-8687 MAPO failing to retrieve flavour information after rotating credentials

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • Closed
          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-10603 MAPO failing to retrieve flavour information after rotating credentials

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • Closed
          links to

          GitHub openshift/machine-api-provider-openstack#64: [release-4.13] OCPBUGS-10558: machineset_controller: Stop caching clouds credentials

          Activity

            People

              pprinett@redhat.com Pierre Prinetti
              openshift-crt-jira-prow OpenShift Prow Bot
              Itay Matza Itay Matza
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: