Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-18117

Spod Pods for master nodes crashed when an RHV cluster EUS upgrades from 4.12>4.13

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • 4.13.z
    • Security Profiles Operator
    • None
    • Important
    • No
    • False
    • Hide

      None

      Show
      None

      Description of problem:

       

      Spod Pods for master nodes crashed when an RHV cluster EUS upgrades from 4.12>4.13
 
$ oc get pod
NAME                                                  READY   STATUS                  RESTARTS         AGE
security-profiles-operator-58cd998779-dx9bf           1/1     Running                 0                3h
security-profiles-operator-58cd998779-qr9hm           1/1     Running                 0                3h
security-profiles-operator-58cd998779-t7wvg           1/1     Running                 0                3h
security-profiles-operator-webhook-59544fbd97-5m8qc   1/1     Running                 0                3h
security-profiles-operator-webhook-59544fbd97-br7st   1/1     Running                 0                3h
security-profiles-operator-webhook-59544fbd97-vxbjt   1/1     Running                 0                3h
spod-2qz6z                                            0/3     Init:CrashLoopBackOff   17 (4m38s ago)   3h
spod-4wgh5                                            0/3     Init:Error              20               3h
spod-brdcb                                            3/3     Running                 0                3h
spod-fxnzj                                            3/3     Running                 0                3h
spod-h8s2f                                            0/3     Init:CrashLoopBackOff   22 (47s ago)     3h
spod-mnnf7                                            3/3     Running                 0                3h
$ oc logs pod/spod-h8s2f --all-containers 
...
time="2023-08-25T07:26:27Z" level=info msg="Copied selinuxrecording.cil"
+ chown 65535:0 /etc/selinux.d
+ chmod 750 /etc/selinux.d
+ semodule -i /usr/share/selinuxd/templates/base_container.cil /usr/share/selinuxd/templates/config_container.cil /usr/share/selinuxd/templates/home_container.cil /usr/share/selinuxd/templates/log_container.cil /usr/share/selinuxd/templates/net_container.cil /usr/share/selinuxd/templates/tmp_container.cil /usr/share/selinuxd/templates/tty_container.cil /usr/share/selinuxd/templates/virt_container.cil /usr/share/selinuxd/templates/x_container.cil
error parsing semanage configuration file: syntax error
semodule:  Could not create semanage handle
+ semodule -i /opt/spo-profiles/selinuxd.cil
error parsing semanage configuration file: syntax error
semodule:  Could not create semanage handle
+ semodule -i /opt/spo-profiles/selinuxrecording.cil
error parsing semanage configuration file: syntax error
semodule:  Could not create semanage handle

       

      Version-Release number of selected component (if applicable):

      Security-profiles-operator.v0.7.1

      How reproducible:

      Always

      Steps to Reproduce:

      1. Create a normal RHV cluster with payload 4.12.0-0.nightly-2023-08-17-171705, install Security-profiles-operator.v0.7.1
2.Pause worker pool and upgrade to 4.13.0-0.nightly-2023-08-24-112924

      Actual results:

      Seen from the description.

      Expected results:

      All spod pods should be running.

      Additional info:

       

              wenshen@redhat.com Vincent Shen
              xiyuan@redhat.com Xiaojie Yuan
              Xiaojie Yuan Xiaojie Yuan
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: