Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-23435

authn op. reports Progressing=false when old-gen pods are still running

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Critical Critical
    • None
    • 4.13.z
    • apiserver-auth
    • Moderate
    • No
    • False
    • Hide

      None

      Show
      None
    • Release Note Not Required
    • In Progress

      Description of problem:

      When a new configuration is picked up by the authentication operator, it rolls out a new revision of oauth-server pods. However, since the pods define `terminationGracePeriodSeconds`, the old-revision pods would still be running even after the oauth-server deployment reports that all pods have been updated to the newest revision, which triggers the authentication operator to report Progressing=false.

The above behavior might cause that tests (and possible any observers) that expect the newer revision would be still routed to the old pods, causing confusion.

      Version-Release number of selected component (if applicable):

      4.13

      How reproducible:

      Always

      Steps to Reproduce:

      1. Trigger new oauth-server rollout
2. Observe the authentication operator reporting Progressing while also watching the number of pods in the openshift-authentication namespace

      Actual results:

      CAO reports Progressing=false even though there are more than the expected number of pods running.

      Expected results:

      CAO waits to report Progressing=false when only the new revision of pods is running in the openshift-authentication NS.

      Additional info:

      -

              fkrepins@redhat.com Filip Krepinsky
              slaznick@redhat.com Stanislav Láznička (Inactive)
              Xingxing Xia Xingxing Xia
              Rahul Gangwar
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: