Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Normal
Fix Version/s: 4.15.0
Affects Version/s: 4.12, 4.15.0
Component/s: Machine Config Operator
Labels:
- pre-merge-tested

Test Coverage:

+
Test Link:
https://polarion.engineering.redhat.com/polarion/redirect/project/OSE/workitem?id=OCP-68682
Regression:
No
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Release Note Text:

Hide
* Previously, the Machine Config Operator was pulling the `baremetalRuntimeCfgImage` container image multiple times: the first time to obtain node details and subsequent times to verify that the image is available. This caused issues during certificate rotation in situations where the mirror server or Quay was not available, and subsequent image pulls would fail. However, if the image is already on the nodes due to the first image pull then the nodes should start the kubelet regardless. With this update, the `baremetalRuntimeCfgImage` image is only pulled one time, thereby resolving the issue. (https://issues.redhat.com/browse/OCPBUGS-18772[*~~OCPBUGS-18772~~*])

Show
* Previously, the Machine Config Operator was pulling the `baremetalRuntimeCfgImage` container image multiple times: the first time to obtain node details and subsequent times to verify that the image is available. This caused issues during certificate rotation in situations where the mirror server or Quay was not available, and subsequent image pulls would fail. However, if the image is already on the nodes due to the first image pull then the nodes should start the kubelet regardless. With this update, the `baremetalRuntimeCfgImage` image is only pulled one time, thereby resolving the issue. ( https://issues.redhat.com/browse/OCPBUGS-18772 [* OCPBUGS-18772 *])
Release Note Type:
Bug Fix
Release Note Status:
Done
Target Version:

4.15.0

SFDC Cases Counter:
SFDC Cases Links:

PX Impact Score:
PX Priority Data:

MCO installs resolve-prepender NetworkManager script on the nodes. In order to find out node details it needs to pull baremetalRuntimeCfgImage. However, this image needs to be pulled just the first time, in the followup attempts this script just verifies that this image is available.

This is not desirable in situations where mirror / quay are not available or having a temporary problem - these kind of issues should not prevent the node from starting kubelet. During certificate rotation testing I noticed that the node with a significant time skew won't start kubelet, as it tries to pull baremetalRuntimeCfgImage for kubelet to start - but the image is already on the nodes and it doesn't need refreshing.

blocks

OCPBUGS-19430 MCO keeps attempting to pull baremetalRuntimeCfg image again and again

Closed

is cloned by

OCPBUGS-19430 MCO keeps attempting to pull baremetalRuntimeCfg image again and again

Closed

links to

openshift/machine-config-operator#3907: OCPBUGS-18772: resolv-prepender: avoid pulling baremetalRuntimeCfgImage again

openshift/machine-config-operator#3910: OCPBUGS-18772: Use image exists in resolv-prepender instead of wc -l

RHEA-2023:7198 rpm

Assignee:: Vadim Rutkovsky

Reporter:: Vadim Rutkovsky

QA Contact:: Sergio Regidor de la Rosa

Votes:: 0 Vote for this issue

Watchers:: 11 Start watching this issue

Created:: 2023/09/11 7:01 AM

Updated:: 2024/02/27 8:59 PM

Resolved:: 2024/02/27 8:59 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates