Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Normal
Fix Version/s: 4.13.0
Affects Version/s: 4.12
Component/s: Windows Containers
Labels:
None

Story Points:
3
Sprint:
WINC - Sprint 228
sprint_count:
1
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Release Note Text:

Hide
* Previously, the test to determine if the `Windows Defender` antivirus service is running was incorrectly checking for any process whose name started with `Windows Defender`, regardless of state. This resulted in an error when creating firewall exclusions for containerd on instances without `Windows Defender` installed. This fix now checks for the presence of the specific running process associated with the Windows Defender antivirus service. As a result, the Windows Machine Config Operator (WMCO) can properly configure Windows instances as nodes regardless of whether `Windows Defender` is installed or not. (link:https://issues.redhat.com/browse/OCPBUGS-1513[~~OCPBUGS-1513~~*])

Show
* Previously, the test to determine if the `Windows Defender` antivirus service is running was incorrectly checking for any process whose name started with `Windows Defender`, regardless of state. This resulted in an error when creating firewall exclusions for containerd on instances without `Windows Defender` installed. This fix now checks for the presence of the specific running process associated with the Windows Defender antivirus service. As a result, the Windows Machine Config Operator (WMCO) can properly configure Windows instances as nodes regardless of whether `Windows Defender` is installed or not. (link: https://issues.redhat.com/browse/OCPBUGS-1513 [ OCPBUGS-1513 *])
Release Note Type:
Bug Fix
Release Note Status:
Done
Target Version:

4.13.0

SFDC Cases Counter:
SFDC Cases Links:

Description

Description of problem:

The check, whether or not Defender is running is wrong.

The Defender Services are always there, so that check returns always "true".

This is the correct method of checking: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility?view=o365-worldwide#use-windows-powershell-to-confirm-that-microsoft-defender-antivirus-is-running

Version-Release number of selected component (if applicable):

How reproducible:

Always

Steps to Reproduce:

1. Disable Microsoft Defender Antivirus on a VM
2. Add the VM as a BYOH node

Actual results:

{"level":"error","ts":1662711753.9641004,"logger":"wc __IP__","msg":"error running","cmd":"powershell.exe -NonInteractive -ExecutionPolicy Bypass \"Add-MpPreference -ExclusionProcess C:\\k\\containerd\\containerd.exe\"","out":"Add-MpPreference : The term 'Add-MpPreference' is not recognized as the name of a cmdlet, function, script file, or \r\noperable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try \r\nagain.\r\nAt line:1 char:1\r\n+ Add-MpPreference -ExclusionProcess C:\\k\\containerd\\containerd.exe\r\n+ ~~~~~~~~~~~~~~~~\r\n    + CategoryInfo          : ObjectNotFound: (Add-MpPreference:String) [], CommandNotFoundException\r\n    + FullyQualifiedErrorId : CommandNotFoundException\r\n \r\n","error":"Process exited with status 1","stacktrace":"github.com/openshift/windows-machine-config-operator/pkg/windows.(*windows).createWindowsDefenderExclusion\n\t/remote-source/build/windows-machine-config-operator/pkg/windows/windows.go:1056\ngithub.com/openshift/windows-machine-config-operator/pkg/windows.(*windows).configureContainerd\n\t/remote-source/build/windows-machine-config-operator/pkg/windows/windows.go:455\ngithub.com/openshift/windows-machine-config-operator/pkg/windows.(*windows).Configure\n\t/remote-source/build/windows-machine-config-operator/pkg/windows/windows.go:436\ngithub.com/openshift/windows-machine-config-operator/pkg/nodeconfig.(*nodeConfig).Configure\n\t/remote-source/build/windows-machine-config-operator/pkg/nodeconfig/nodeconfig.go:197\ngithub.com/openshift/windows-machine-config-operator/controllers.(*instanceReconciler).ensureInstanceIsUpToDate\n\t/remote-source/build/windows-machine-config-operator/controllers/controllers.go:91\ngithub.com/openshift/windows-machine-config-operator/controllers.(*ConfigMapReconciler).ensureInstancesAreUpToDate\n\t/remote-source/build/windows-machine-config-operator/controllers/configmap_controller.go:293\ngithub.com/openshift/windows-machine-config-operator/controllers.(*ConfigMapReconciler).reconcileNodes\n\t/remote-source/build/windows-machine-config-operator/controllers/configmap_controller.go:258\ngithub.com/openshift/windows-machine-config-operator/controllers.(*ConfigMapReconciler).Reconcile\n\t/remote-source/build/windows-machine-config-operator/controllers/configmap_controller.go:153\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Reconcile\n\t/remote-source/build/windows-machine-config-operator/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:121\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/remote-source/build/windows-machine-config-operator/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:320\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/remote-source/build/windows-machine-config-operator/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:273\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/remote-source/build/windows-machine-config-operator/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:234"}

Expected results:

No error when configuring the Node

Additional info:

Attachments

Issue Links

blocks

OCPBUGS-3573 Check if Windows defender is running doesnt work

Closed

is cloned by

OCPBUGS-3572 Check if Windows defender is running doesnt work

Closed

OCPBUGS-3573 Check if Windows defender is running doesnt work

Closed

links to

[Bug]: Check if Defender is running is wrong #1240

openshift/windows-machine-config-operator#1316: OCPBUGS-1513: Fix check for Windows Defender

mentioned on

Merge request - Updated US source to: 12c7a05 Merge pull request #1325 from openshift-cherrypick-robot/cherry-pick-1316-to-release-4.11

Merge request - Updated US source to: 5820358 Merge pull request #1319 from openshift-cherrypick-robot/cherry-pick-1272-to-release-4.12

(2 mentioned on)

Activity

People

Assignee:: Mohammad Shaikh

Reporter:: Sebastian Soto

QA Contact:: Aharon Rasouli

Doc Contact:: Darragh Fitzmaurice

Votes:: 1 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 2022/09/20 1:13 PM

Updated:: 2024/03/25 6:06 PM

Resolved:: 2023/05/10 12:28 AM