Uploaded image for project: 'Openshift sandboxed containers'
  1. Openshift sandboxed containers
  2. KATA-3462

PodVM image not deleted when deleting kataconfig on Azure

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: High High
    • None
    • None
    • podvm-builder
    • None
    • False
    • None
    • False
    • Hide
      .PodVM image not deleted when deleting kataconfig on Azure

      The pod VM image might not be deleted after you delete the `KataConfig` custom resource. Workaround: Use the Azure CLI to check for the pod VM gallery and delete it if necessary.

      Prerequisites:
      You have installed & configured the Azure CLI tool.

      Get the Azure resource group which the podvm belongs to:
      [source,terminal]
      ----
      $ RESOURCE_GROUP=$(oc get cm -n openshift-sandboxed-containers-operator peer-pods-cm -o jsonpath='{.data.AZURE_RESOURCE_GROUP}')
      ----

      List the images in this resource group:
      [source,terminal]
      ----
      $ az image list -g ${RESOURCE_GROUP} --query '[].id' -o tsv
      ----

      Expected output:
      [source,terminal]
      ----
      /subscriptions/<...>/resourceGroups/<...>/providers/Microsoft.Compute/images/podvm-image-0.0.2024112013
      ----

      Delete the podvm image (repeating as needed to address each remaining podvm image):
      [source,terminal]
      ----
      $ az image delete --ids /subscriptions/<...>/resourceGroups/<...>/providers/Microsoft.Compute/images/podvm-image-0.0.2024112013
      ----

      Additional information may be found at
      link:https://docs.openshift.com/container-platform/4.17/installing/installing_azure/installing-azure-account.html[Configuring an Azure account].
      Show
      .PodVM image not deleted when deleting kataconfig on Azure The pod VM image might not be deleted after you delete the `KataConfig` custom resource. Workaround: Use the Azure CLI to check for the pod VM gallery and delete it if necessary. Prerequisites: You have installed & configured the Azure CLI tool. Get the Azure resource group which the podvm belongs to: [source,terminal] ---- $ RESOURCE_GROUP=$(oc get cm -n openshift-sandboxed-containers-operator peer-pods-cm -o jsonpath='{.data.AZURE_RESOURCE_GROUP}') ---- List the images in this resource group: [source,terminal] ---- $ az image list -g ${RESOURCE_GROUP} --query '[].id' -o tsv ---- Expected output: [source,terminal] ---- /subscriptions/<...>/resourceGroups/<...>/providers/Microsoft.Compute/images/podvm-image-0.0.2024112013 ---- Delete the podvm image (repeating as needed to address each remaining podvm image): [source,terminal] ---- $ az image delete --ids /subscriptions/<...>/resourceGroups/<...>/providers/Microsoft.Compute/images/podvm-image-0.0.2024112013 ---- Additional information may be found at link: https://docs.openshift.com/container-platform/4.17/installing/installing_azure/installing-azure-account.html [Configuring an Azure account].
    • Known Issue
    • Done
    • Kata Sprint #261
    • 0
    • 0

      Description

      When undeploying peer pods, the podvm deletion job succeed but the podvm image still exist in azure.

      Steps to reproduce

      • Install OSC 1.8.0
      • Deploy KataConfig for non-CoCo peer pods
      • Wait for deployment to be complete
      • Get the AZURE_IMAGE_ID from the peer pods CM 
        $ oc get cm -n openshift-sandboxed-containers-operator peer-pods-cm -o yaml | grep AZURE_IMAGE_ID
  AZURE_IMAGE_ID: /subscriptions/<sensitive>/resourceGroups/aro-x9n3hg77/providers/Microsoft.Compute/galleries/PodVMGallery_d01b8b50/images/podvm-image/versions/0.0.2024111438
      • Find the corresponding image : 
        $ az image list -g aro-x9n3hg77 | grep /images/
    "id": "/subscriptions/<sensitive>/resourceGroups/aro-x9n3hg77/providers/Microsoft.Compute/images/podvm-image-0.0.2024111438",
      • Delete KataConfig
      • Wait for the podvm deletion job to complete
      • Check if the podvm image still exists

      Expected result

      $ az image list -g aro-x9n3hg77 | grep 0.0.2024111438
$

      Actual result

      $ az image list -g aro-x9n3hg77 | grep 0.0.2024111438
    "id": "/subscriptions/<sensitive>/resourceGroups/aro-x9n3hg77/providers/Microsoft.Compute/images/podvm-image-0.0.2024111438",
$

      Impact

      Extra costs for the customer

      Env

      OCP 4.15.37 in ARO
      OSC 1.8.0-7

      Additional helpful info

      User needs to `az login` with the same service principal that was used to create the podvm and `az delete` it manually.

              rhgkurz Greg Kurz
              rhgkurz Greg Kurz
              Andy Stillman Andy Stillman
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: