Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-27178

logSizeMax automatically applied to containerRuntimeConfig even if not specified

    XMLWordPrintable

Details

    • Moderate
    • No
    • False
    • Hide

      None

      Show
      None

    Description

      Description of problem:

      According to https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html#ocp-4-11-deprecated-features-crio-parameters and Red Hat Insights, logSizeMax is deprecated in ContainerRuntimeConfig and shall instead be created via containerLogMaxSize in KubeletConfig.
      
      When starting that transition though, it was noticed that a ContainerRuntimeConfig as shown below, would still add logSizeMax and even overlaySize to the ContainerRuntimeConfig spec.
      
      $ bat /tmp/crio.yaml 
      apiVersion: machineconfiguration.openshift.io/v1
      kind: ContainerRuntimeConfig
      metadata:
       name: pidlimit
      spec:
       machineConfigPoolSelector:
         matchLabels:
           pools.operator.machineconfiguration.openshift.io/worker: '' 
       containerRuntimeConfig:
         pidsLimit: 4096 
         logLevel: debug
      
      $ oc get containerruntimeconfig  pidlimit -o json | jq '.spec.containerRuntimeConfig'
      {
        "logLevel": "debug",
        "logSizeMax": "0",
        "overlaySize": "0",
        "pidsLimit": 4096
      }
      
      When checking on the OpenShift Container Platform 4 - Node, using crio coonfig, we can see that the values are not applied. Yet it's disturbing to see those options added in the specification when in fact Red Hat is recommending to move them into KubeletConfig and remove them from ContainerRuntimeConfig.
      
      Further, having them still set in ContainerRuntimeConfig will trigger a false/positive alert in Red Hat Insights as generally the customer may have followed the recommendation but the system does not comply with the changes made :-)
      
      Also interesting , similar problem was reported a while ago in https://bugzilla.redhat.com/show_bug.cgi?id=1941936 and fixed. Hence it's interesting that this is coming back again.
      

      Version-Release number of selected component (if applicable):

      OpenShift Container Platform 4.13.4
      

      How reproducible:

      Always
      

      Steps to Reproduce:

      1. Install OpenShift Container Platform 4.13.4
      2. Create ContainerRuntimeConfig as shown above and validate the actual object created
      3. Run oc get containerruntimeconfig  pidlimit -o json | jq '.spec.containerRuntimeConfig' to validate the object created and inspect the spec.
      

      Actual results:

      $ oc get containerruntimeconfig  pidlimit -o json | jq '.spec.containerRuntimeConfig'
      {
        "logLevel": "debug",
        "logSizeMax": "0",
        "overlaySize": "0",
        "pidsLimit": 4096
      }
      

      Expected results:

      $ oc get containerruntimeconfig  pidlimit -o json | jq '.spec.containerRuntimeConfig'
      {
        "logLevel": "debug",
        "pidsLimit": 4096
      }
      

      Additional info:

      
      

      Attachments

        Issue Links

          Activity

            People

              qiwan233 Qi Wang
              rhn-support-sreber Simon Reber
              Min Li Min Li
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: