Normal Description of problem:
In order to manage clusters manually deployed on azure with ACM a policy[1] was created then updated to feature a `skipNodesWithLocalStorage: false` section. The change appeared to have been recognized and the policy enforced but the autoscaler doesn't seem to have been updated despite the policy being changed to "compliant"
Version-Release number of selected component (if applicable):
ACM 2.8 and managed cluster on OCP 4.12.22
How reproducible:
customer reproduced only
Steps to Reproduce:
- deploy openshift 4.12.22 onto azure
- set up a policy to manage a ClusterAutoscaler
- update the policy to feature a `skipNodesWithLocalStorage: false` at the end
Actual results:
the policy is enforced but the autoscaler doesn't have the expected setting
apiVersion: autoscaling.openshift.io/v1 kind: ClusterAutoscaler metadata: creationTimestamp: "2023-07-27T12:00:10Z" generation: 2 managedFields: - apiVersion: autoscaling.openshift.io/v1 fieldsType: FieldsV1 fieldsV1: [...] manager: config-policy-controller operation: Update time: "2023-08-02T12:23:12Z" name: default resourceVersion: "352122610" uid: b57f47a6-d21c-4809-8a38-58056b648d0e spec: podPriorityThreshold: -10 resourceLimits: cores: max: 264 min: 36 maxNodesTotal: 63 memory: max: 2016 min: 188 scaleDown: delayAfterAdd: 10m delayAfterDelete: 5m delayAfterFailure: 30s enabled: true unneededTime: 60s
Expected results:
the policy is enforced and the autoscaler has the expected setting `skipNodesWithLocalStorage: false` set as expected
Additional info:
[1]-policy specs with the change
spec: disabled: false policy-templates: - objectDefinition: apiVersion: policy.open-cluster-management.io/v1 kind: ConfigurationPolicy metadata: name: cluster-autoscaler-azure-policy spec: object-templates: - complianceType: musthave objectDefinition: apiVersion: autoscaling.openshift.io/v1 kind: ClusterAutoscaler metadata: name: default spec: podPriorityThreshold: -10 resourceLimits: cores: max: '{{ fromConfigMap "poi-cluster-definition" "cluster-autoscaler-definition" "cluster.cores.max" | toInt }}' min: '{{ fromConfigMap "poi-cluster-definition" "cluster-autoscaler-definition" "cluster.cores.min" | toInt }}' maxNodesTotal: '{{ fromConfigMap "poi-cluster-definition" "cluster-autoscaler-definition" "cluster.maxNodesTotal" | toInt }}' memory: max: '{{ fromConfigMap "poi-cluster-definition" "cluster-autoscaler-definition" "cluster.memory.max" | toInt }}' min: '{{ fromConfigMap "poi-cluster-definition" "cluster-autoscaler-definition" "cluster.memory.min" | toInt }}' scaleDown: delayAfterAdd: 10m delayAfterDelete: 5m delayAfterFailure: 30s enabled: true unneededTime: 60s skipNodesWithLocalStorage: false remediationAction: enforce severity: low remediationAction: enforce
the history of the policy is showing
history: - eventName: policies-cm.cluster-autoscaler-azure-policy.1779a3eecce205be lastTimestamp: "2023-08-09T06:43:01Z" message: Compliant; notification - clusterautoscalers [default] found as specified, therefore this Object template is compliant - eventName: policies-cm.cluster-autoscaler-azure-policy.1779a3da15f9495f lastTimestamp: "2023-08-09T06:41:32Z" message: Compliant; notification - clusterautoscalers [default] found as specified, therefore this Object template is compliant - eventName: policies-cm.cluster-autoscaler-azure-policy.177792a1af42350a lastTimestamp: "2023-08-02T13:03:28Z" message: Compliant; notification - clusterautoscalers [default] found as specified, therefore this Object template is compliant - eventName: policies-cm.cluster-autoscaler-azure-policy.1777907207307591 lastTimestamp: "2023-08-02T12:23:24Z" message: Compliant; notification - clusterautoscalers [default] found as specified, therefore this Object template is compliant - eventName: policies-cm.cluster-autoscaler-azure-policy.1777906f32824485 lastTimestamp: "2023-08-02T12:23:12Z" message: Compliant; notification - clusterautoscalers [default] was updated successfully - eventName: policies-cm.cluster-autoscaler-azure-policy.1777906f308531b5 lastTimestamp: "2023-08-02T12:23:12Z" message: NonCompliant; violation - No instances of `clusterautoscalers` found as specified - eventName: policies-cm.cluster-autoscaler-azure-policy.17777cd576a12866 lastTimestamp: "2023-08-02T06:24:01Z" message: Compliant; notification - clusterautoscalers [default] found as specified, therefore this Object template is compliant - eventName: policies-cm.cluster-autoscaler-azure-policy.1775ba15c0a2bb9a lastTimestamp: "2023-07-27T12:43:57Z" message: Compliant; notification - clusterautoscalers [default] found as specified, therefore this Object template is compliant - eventName: policies-cm.cluster-autoscaler-azure-policy.1775b9f68cdcd1dc lastTimestamp: "2023-07-27T12:41:43Z" message: Compliant; notification - clusterautoscalers [default] found as specified, therefore this Object template is compliant - eventName: policies-cm.cluster-autoscaler-azure-policy.1775b818696bf665 lastTimestamp: "2023-07-27T12:07:30Z" message: Compliant; notification - clusterautoscalers [default] found as specified, therefore this Object template is compliant
