Loading...

XML

Word

Printable

Type: Bug
Resolution: Won't Do
Priority: Normal
Fix Version/s: None
Affects Version/s: 4.15.0
Component/s: OLM
Labels:
- triaged

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Story Points:
None
Severity:
Important
Regression:
No

Target Backport Versions:
None
Target Version:
None
Release Blocker:
Rejected
Sprint:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Release Note Status:
None
Release Note Type:
None
Release Note Text:
None

Escape Reason:
None
Escape Impact:
None
Corrective Measures:
None
SDLC stage when should've been found:
None

Description of problem:

As the end user, I used the tag instead of digest for the bundle image so that I don't need to update the `catalog` if any updates, as follows,

jiazha-mac:~ jiazha$ cat catalog/index.yaml 
defaultChannel: "candidate-v1.0"
...
---
image: quay.io/olmqe/nginx-operator-bundle:v0.0.1
name: nginx-operator.v0.0.1
package: nginx-operator
properties:
- type: olm.bundle.mediatype
  value: "registry+v1"
- type: olm.package
  value:
    packageName: nginx-operator
    version: 0.0.1
schema: olm.bundle
---

But, the "IfNotPresent" imagePullPolicy of the bundle pod couldn't take the bundle image updates. If the previous bundle images have a problem, the users have to retag the bundle image and rebuild the catalog image or remove the preserved old image in the node manually. That's not a good experience. The pain points are as follows,

1, the "IfNotPresent" imagePullPolicy always uses the old bundle image even if there are updates on it.

      - lastTransitionTime: "2024-02-05T07:25:24Z"
    message: 'Failed to unpack the nginx-test-2jzxs1txpexrnyim9qut1b8067n0rvgd62zl33ejj
      Bundle: convert registry+v1 bundle to plain+v0 bundle: readfile metadata/annotations.yaml:
      file does not exist'
    reason: UnpackFailed
    status: "False"
    type: HasValidBundle

2, there is no exact image digest display on the problemed bundle, the end user cannot get the exact image they used. As follows,

jiazha-mac:operator-framework-rukpak jiazha$ oc get bundle  nginx-test-2jzxs1txpexrnyim9qut1b8067n0rvgd62zl33ejj  -o yaml
apiVersion: core.rukpak.io/v1alpha1
kind: Bundle
metadata:
  creationTimestamp: "2024-02-05T07:25:21Z"
  finalizers:
  - core.rukpak.io/delete-cached-bundle
  generation: 1
  labels:
    core.rukpak.io/bundle-template-hash: 2jzxs1txpexrnyim9qut1b8067n0rvgd62zl33ejjca7
    core.rukpak.io/owner-kind: BundleDeployment
    core.rukpak.io/owner-name: nginx-test
  name: nginx-test-2jzxs1txpexrnyim9qut1b8067n0rvgd62zl33ejj
  ownerReferences:
  - apiVersion: core.rukpak.io/v1alpha1
    blockOwnerDeletion: true
    controller: true
    kind: BundleDeployment
    name: nginx-test
    uid: dc1dd96b-d235-4aab-9446-563e58b2f0ef
  resourceVersion: "347445"
  uid: 377235c6-bc57-4d0d-927f-a865b19bff6d
spec:
  provisionerClassName: core-rukpak-io-registry
  source:
    image:
      ref: quay.io/olmqe/nginx-operator-bundle:v0.0.1
    type: image
status:
  conditions:
  - lastTransitionTime: "2024-02-05T07:25:21Z"
    message: 'convert registry+v1 bundle to plain+v0 bundle: readfile metadata/annotations.yaml:
      file does not exist'
    reason: UnpackFailed
    status: "False"
    type: Unpacked
  observedGeneration: 1
  phase: Failing

Version-Release number of selected component (if applicable):

4.15.0

How reproducible:

always

Steps to Reproduce:

    1. create a problems bundle image, which lack of the metadata files.
jiazha-mac:~ jiazha$ tree nginx
nginx
├── Dockerfile
├── manifests
│   ├── nginx-operator-controller-manager-metrics-service_v1_service.yaml
│   ├── nginx-operator-manager-config_v1_configmap.yaml
│   ├── nginx-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml
│   ├── nginx-operator.clusterserviceversion.yaml
│   └── olm.example.com_nginxolms.yaml


jiazha-mac:nginx jiazha$ docker buildx build . --push --platform linux/amd64,linux/arm64,linux/ppc64le,linux/s390x -t quay.io/olmqe/nginx-operator-bundle:v0.0.1
...

    2. build catalog image.
    3. deploy it on the cluser. It failed as expected.
jiazha-mac:~ jiazha$ cat catalog.yaml 
apiVersion: catalogd.operatorframework.io/v1alpha1
kind: Catalog
metadata:
  name: nginx-catalog
spec:
  source:
    type: image
    image:
      ref: quay.io/olmqe/nginx-operator-index:v1
jiazha-mac:~ jiazha$ cat operator.yaml 
apiVersion: operators.operatorframework.io/v1alpha1
kind: Operator
metadata:
  name: nginx-test
spec:
  packageName: nginx-operator
  channel: candidate-v0.0
  version: "0.0.1"

jiazha-mac:operator-framework-rukpak jiazha$ oc get operator.operators.operatorframework.io nginx-test -o yaml
apiVersion: operators.operatorframework.io/v1alpha1
kind: Operator
metadata:
  creationTimestamp: "2024-02-05T07:25:21Z"
  generation: 1
  name: nginx-test
  resourceVersion: "347389"
  uid: 28315a4d-cf9f-45f0-84e7-1577add5d2fd
spec:
  channel: candidate-v0.0
  packageName: nginx-operator
  upgradeConstraintPolicy: Enforce
  version: 0.0.1
status:
  conditions:
  - lastTransitionTime: "2024-02-05T07:25:21Z"
    message: resolved to "quay.io/olmqe/nginx-operator-bundle:v0.0.1"
    observedGeneration: 1
    reason: Success
    status: "True"
    type: Resolved
  - lastTransitionTime: "2024-02-05T07:25:21Z"
    message: bundledeployment status is unknown
    observedGeneration: 1
    reason: InstallationStatusUnknown
    status: Unknown
    type: Installed
  resolvedBundleResource: quay.io/olmqe/nginx-operator-bundle:v0.0.1

jiazha-mac:operator-framework-rukpak jiazha$ oc get bd nginx-test -o yaml
apiVersion: core.rukpak.io/v1alpha1
kind: BundleDeployment
metadata:
  creationTimestamp: "2024-02-05T07:25:21Z"
  generation: 2
  name: nginx-test
  ownerReferences:
  - apiVersion: operators.operatorframework.io/v1alpha1
    blockOwnerDeletion: true
    controller: true
    kind: Operator
    name: nginx-test
    uid: 28315a4d-cf9f-45f0-84e7-1577add5d2fd
  resourceVersion: "347446"
  uid: dc1dd96b-d235-4aab-9446-563e58b2f0ef
spec:
  provisionerClassName: core-rukpak-io-plain
  template:
    metadata: {}
    spec:
      provisionerClassName: core-rukpak-io-registry
      source:
        image:
          ref: quay.io/olmqe/nginx-operator-bundle:v0.0.1
        type: image
status:
  conditions:
  - lastTransitionTime: "2024-02-05T07:25:24Z"
    message: 'Failed to unpack the nginx-test-2jzxs1txpexrnyim9qut1b8067n0rvgd62zl33ejj
      Bundle: convert registry+v1 bundle to plain+v0 bundle: readfile metadata/annotations.yaml:
      file does not exist'
    reason: UnpackFailed
    status: "False"
    type: HasValidBundle
  observedGeneration: 2

4, fix the bundle image and redeploy it.
jiazha-mac:nginx jiazha$ docker buildx build . --push --platform linux/amd64,linux/arm64,linux/ppc64le,linux/s390x -t quay.io/olmqe/nginx-operator-bundle:v0.0.1
...

Actual results:

Still get the same error due to the bundle pod still reading the previously issued bundle image. It's really confusing and not UX for the end user.

    jiazha-mac:~ jiazha$ oc get pods  nginx-test-2jzxs1txpexrnyim9qut1b8067n0rvgd62zl33ejj -o yaml
apiVersion: v1
kind: Pod
...
  containers:
  - command:
    - /bin/unpack
    - --bundle-dir
    - /
    image: quay.io/olmqe/nginx-operator-bundle:v0.0.1
    imagePullPolicy: IfNotPresent
    name: bundle
    resources: {}
...

Expected results:

Use the "Always" instead of the "IfNotPresent" imagePullPolicy for the bundle unpack pod so that the end user can update their operators/bundles easily.

Additional info:

relates to

OCPBUGS-30132 OCP 4.15.0 is not correctly refreshing operator catalogs (imagePullPolicy: IfNotPresent)

Closed

Assignee:: Kevin Rizza

Reporter:: Jian Zhang

Need Info From:: None

Contributors:: None

QA Contact:: Jian Zhang

Doc Contact:: None

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2024/02/05 9:29 AM

Updated:: 2025/07/23 5:44 PM

Resolved:: 2024/06/21 1:52 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates