Uploaded image for project: 'Openshift sandboxed containers'
  1. Openshift sandboxed containers
  2. KATA-4162

PODVM_IMAGE_URI is left behind in ConfigMap after KataConfig deletion

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: High High
    • OSC 1.11
    • OSC 1.10.0
    • Operator
    • None
    • Quality / Stability / Reliability
    • 1
    • False
    • Hide

      None

      Show
      None
    • False
    • Hide
      .KataConfig CR deletion removes peer pod configuration

      Before this update, deleting a `KataConfig` custom resource (CR) with peer pods enabled did not remove the peer pod configuration. As a result, a new `KataConfig` CR used the old configuration and the peer pods failed to start. With this release, deleting the `KataConfig` CR also deletes the peer pod configuration. When the `KataConfig` CR is redeployed, the peer pods start up.
      Show
      .KataConfig CR deletion removes peer pod configuration Before this update, deleting a `KataConfig` custom resource (CR) with peer pods enabled did not remove the peer pod configuration. As a result, a new `KataConfig` CR used the old configuration and the peer pods failed to start. With this release, deleting the `KataConfig` CR also deletes the peer pod configuration. When the `KataConfig` CR is redeployed, the peer pods start up.
    • Bug Fix
    • Done
    • Denali #5
    • 0

      Description

      Deletion of KataConfig leaves the OCI image set in PODVM_IMAGE_URI in azure-podvm-image-cm. A new KataConfig deployment will silently reuse this OC image which might fail to start.

      Steps to reproduce

      1. Create KataConfig with peer pods enabled
      2. Wait for KataConfig to be ready
      3. Delete KataConfig
      4. Check the azure-podvm-image-cm ConfigMap

      Expected result

      Either the ConfigMap doesn't exists at all or at least the PODVM_IMAGE_URI entry is unset or "".

      Actual result

      The ConfigMap still has the PODVM_IMAGE_URI set to OCI image from the previous deployment.

      Impact

      Peer pods might fail to start if the previous OCI image is compatible with a new deployment.

      Env

      Additional helpful info

              jrope Julien ROPE
              rhgkurz Greg Kurz
              Avital Pinnick Avital Pinnick
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: