Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-16169

[4.12] Ironic inspector service should be proxied

XMLWordPrintable

    • No
    • 1
    • Metal Platform 239
    • 1
    • Rejected
    • False
    • Hide

      None

      Show
      None

      This is a clone of issue OCPBUGS-11985. The following is the description of the original issue:

      This is a clone of issue OCPBUGS-10343. The following is the description of the original issue:

      Description of problem:

      When deploying hosts using ironic's agent both the ironic service address and inspector address are required.
      
      The ironic service is proxied such that it can be accessed at a consistent endpoint regardless of where the pod is running. This is not the case for the inspection service.
      
      This means that if the inspection service moves after we find the address, provisioning will fail.
      
      In particular this non-matching behavior is frustrating when using the CBO [GetIronicIP function|https://github.com/openshift/cluster-baremetal-operator/blob/6f0a255fdcc7c0e5c04166cb9200be4cee44f4b7/provisioning/utils.go#L95-L127] as one return value is usable forever but the other needs to somehow be re-queried every time the pod moves.
      
      

      Version-Release number of selected component (if applicable):

      4.12
      

      How reproducible:

      Relatively
      

      Steps to Reproduce:

      1. Retrieve the inspector IP from GetIronicIP
      2. Reschedule the inspector service pod
      3. Provision a host
      

      Actual results:

      Ironic python agent raises an exception
      

      Expected results:

      Host provisions
      

      Additional info:

      This was found while deploying clusters using ZTP
      
      In this scenario specifically an image containing the ironic inspector IP is valid for an extended period of time. The same image can be used for multiple hosts and possibly multiple different spoke clusters.
      
      Our controller shouldn't be expected to watch the ironic pod to ensure we update the image whenever it moves. The best we can do is re-query the inspector IP whenever a user makes changes to the image, but that may still not be often enough.
      

            rhn-engineering-dtantsur Dmitry Tantsur
            openshift-crt-jira-prow OpenShift Prow Bot
            Jad Haj Yahya Jad Haj Yahya
            Votes:
            4 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: