Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-2214

Deploying an extension rpm with a MachineConfig and a custom osImage at the same time breaks the machine config pool

XMLWordPrintable

    • Moderate
    • None
    • 1
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      When we create a MachineConfig that deploys a rpm package and we use at the same time a custom osImage with the same rpm package installed, the machine config pool becomes degraded.

      Version-Release number of selected component (if applicable):

      $ oc get clusterversion
NAME      VERSION                              AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.12.0-0.nightly-2022-10-05-053337   True        False         5h11m   Error while reconciling 4.12.0-0.nightly-2022-10-05-053337: an unknown error has occurred: MultipleErrors

      How reproducible:

      Always

      Steps to Reproduce:

      1. Create a custom osImage with usbguard rpm installed

# Get base image
$ oc adm release info --image-for "rhel-coreos-8"
quay.io/opensh..... -> THIS IS THE BASE IMAGE

# Use this Dockerfile for example to create the image, and push it:

FROM BASE_IMAGE <- USE THE RIGHT BASE IMAGE HERE

RUN printf '[baseos]\nname=CentOS-$releasever - Base\nbaseurl=http://mirror.centos.org/centos/$releasever-stream/BaseOS/$basearch/os/\ngpgcheck=0\nenabled=1\n\n[appstream]\nname=CentOS-$releasever - AppStream\nbaseurl=http://mirror.centos.org/centos/$releasever-stream/AppStream/$basearch/os/\ngpgcheck=0\nenabled=1\n\n' > /etc/yum.repos.d/centos.repo && \
    rpm-ostree install zsh && \
    rpm-ostree cleanup -m && \
    ostree container commit

RUN rpm-ostree install http://mirror.centos.org/centos/8-stream/AppStream/x86_64/os/Packages/usbguard-1.0.0-8.el8.x86_64.rpm &&\
    ostree container commit


2. Create a MachineConfig to deploy the custom osImage

$ cat <<EOF | oc create -f -
kind: MachineConfig
apiVersion: machineconfiguration.openshift.io/v1
metadata:
  labels:
    machineconfiguration.openshift.io/role: "worker"
  name: "tc-54909-layering-extensions-worker"
spec:
  osImageURL: "quay.io/examplerepo/layering@sha256:879c8f770a580b03bcf32c710f13cdc868156c50abda279b8e2d977d3b40f5f8"
EOF

 3.Wait for the pool to be upgraded

$ oc get mcp 

4. Create a MachineConfig to deploy the usbguard extension

$ cat <<EOF | oc create -f -
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfig
metadata:
  labels:
    machineconfiguration.openshift.io/role: worker
  name: change-workers-extension-usbguard-worker
spec:
  config:
    ignition:
      version: 3.2.0
  extensions:
    - usbguard
EOF

      Actual results:

      The worker machineconfig pool becomes degraded, reporting this error:

      message: 'Node ip-10-0-159-135.us-east-2.compute.internal is reporting: "error
        running rpm-ostree update: \x1b[0m\x1b[31merror: \x1b[0mNo enabled repositories\n:
        exit status 1"'
      reason: 1 nodes are reporting degraded status on sync
      status: "True"
      type: NodeDegraded

      Expected results:

      The pool should not become degraded.

      Additional info:

       

       

              mburke@redhat.com Michael Burke
              sregidor@redhat.com Sergio Regidor de la Rosa
              Sergio Regidor de la Rosa Sergio Regidor de la Rosa
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: