Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-13726

Hypershift image configuration not working for Hypershift HostedCluster

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Critical Critical
    • 4.16.0
    • 4.13.0
    • HyperShift
    • No
    • Hypershift Sprint 251
    • 1
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Customer Escalated

      Description of problem:

      Add image configuration for hypershift Hosted Cluster not working as expected. 

      Version-Release number of selected component (if applicable):

      # oc get clusterversions.config.openshift.io
      NAME      VERSION       AVAILABLE   PROGRESSING   SINCE   STATUS
      version   4.13.0-rc.8   True        False         6h46m   Cluster version is 4.13.0-rc.8      

      How reproducible:

      Always

      Steps to Reproduce:

      1. Get hypershift hosted cluster detail from management cluster. 
      
      # hostedcluster=$( oc get -n clusters hostedclusters -o json | jq -r '.items[].metadata.name')  
      
      2. Apply image setting for hypershift hosted cluster. 
      #  oc patch hc/$hostedcluster -p '{"spec":{"configuration":{"image":{"registrySources":{"allowedRegistries":["quay.io","registry.redhat.io","image-registry.openshift-image-registry.svc:5000","insecure.com"],"insecureRegistries":["insecure.com"]}}}}}' --type=merge -n clusters     
      hostedcluster.hypershift.openshift.io/85ea85757a5a14355124 patched 
      
      # oc get HostedCluster $hostedcluster -n clusters -ojson | jq .spec.configuration.image
      {
        "registrySources": {
          "allowedRegistries": [
            "quay.io",
            "registry.redhat.io",
            "image-registry.openshift-image-registry.svc:5000",
            "insecure.com"
          ],
          "insecureRegistries": [
            "insecure.com"
          ]
        }
      }
      
      3. Check Pod or operator restart to apply configuration changes. 
      
      # oc get pods -l app=kube-apiserver  -n clusters-${hostedcluster}
      NAME                              READY   STATUS    RESTARTS   AGE
      kube-apiserver-67b6d4556b-9nk8s   5/5     Running   0          49m
      kube-apiserver-67b6d4556b-v4fnj   5/5     Running   0          47m
      kube-apiserver-67b6d4556b-zldpr   5/5     Running   0          51m
      
      #oc get pods -l app=kube-apiserver  -n clusters-${hostedcluster} -l app=openshift-apiserver
      NAME                                   READY   STATUS    RESTARTS   AGE
      openshift-apiserver-7c69d68f45-4xj8c   3/3     Running   0          136m
      openshift-apiserver-7c69d68f45-dfmk9   3/3     Running   0          135m
      openshift-apiserver-7c69d68f45-r7dqn   3/3     Running   0          136m  
      
      4. Check image.config in hosted cluster.
      # oc get image.config -o yaml
      ...
        spec:
          allowedRegistriesForImport: []
        status:
          externalRegistryHostnames:
          - default-route-openshift-image-registry.apps.hypershift-ci-32506.qe.devcluster.openshift.com
          internalRegistryHostname: image-registry.openshift-image-registry.svc:5000  
      
      #oc get node
      NAME                                         STATUS   ROLES    AGE     VERSION
      ip-10-0-128-61.us-east-2.compute.internal    Ready    worker   6h42m   v1.26.3+b404935
      ip-10-0-130-68.us-east-2.compute.internal    Ready    worker   6h42m   v1.26.3+b404935
      ip-10-0-134-89.us-east-2.compute.internal    Ready    worker   6h42m   v1.26.3+b404935
      ip-10-0-138-169.us-east-2.compute.internal   Ready    worker   6h42m   v1.26.3+b404935
      
      # oc debug node/ip-10-0-128-61.us-east-2.compute.internal
      Temporary namespace openshift-debug-mtfcw is created for debugging node...
      Starting pod/ip-10-0-128-61us-east-2computeinternal-debug-mctvr ...
      To use host binaries, run `chroot /host`
      Pod IP: 10.0.128.61
      If you don't see a command prompt, try pressing enter.
      sh-4.4# chroot /host
      sh-5.1# cat /etc/containers/registries.conf
      unqualified-search-registries = ["registry.access.redhat.com", "docker.io"]
      short-name-mode = ""[[registry]]
        prefix = ""
        location = "registry-proxy.engineering.redhat.com"  [[registry.mirror]]
          location = "brew.registry.redhat.io"
          pull-from-mirror = "digest-only"[[registry]]
        prefix = ""
        location = "registry.redhat.io"  [[registry.mirror]]
          location = "brew.registry.redhat.io"
          pull-from-mirror = "digest-only"[[registry]]
        prefix = ""
        location = "registry.stage.redhat.io"  [[registry.mirror]]
          location = "brew.registry.redhat.io"
          pull-from-mirror = "digest-only" 

      Actual results:

      Config changes not applied in backend.Not operator & pod restart

      Expected results:

      Configuration should applied and pod & operator should restart after config changes. 

      Additional info:

       

            sjenning Seth Jennings
            xiuwang xiujuan wang
            Wen Wang Wen Wang
            Votes:
            1 Vote for this issue
            Watchers:
            20 Start watching this issue

              Created:
              Updated: