Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-3404

IngressController.spec.nodePlacement.nodeSelector.matchExpressions does not work

XMLWordPrintable

    • Moderate
    • None
    • 2
    • Sprint 227, Sprint 228, Sprint 229, Sprint 230
    • 4
    • Rejected
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      Specifying spec.nodePlacement.nodeSelector.matchExpressions on an IngressController API object causes cluster-ingress-operator to log error messages instead of configuring a node selector.

      Version-Release number of selected component (if applicable):

      All versions of OpenShift from 4.1 to 4.12.

      How reproducible:

      100%.

      Steps to Reproduce:

      1. Create an IngressController object with the following:

      spec: 
  nodePlacement: 
    nodeSelector: 
      matchExpressions: 
      - key: node.openshift.io/remotenode
        operator: DoesNotExist

      (Sorry if Jira has misformatted the yaml. I've given up on getting Jira to format it correctly. Edit the description to see the correctly formatted yaml.)
      2. Check the cluster-ingress-operator logs: oc -n openshift-ingress-operator logs -c ingress-operator deploy/ingress-operator

      Actual results:

      The cluster-ingress-operator logs show the following error message:

      2022-01-19T13:25:22.242Z	ERROR	operator.init.controller-runtime.manager.controller.ingress_controller	controller/controller.go:253	Reconciler error	{"name": "default", "namespace": "openshift-ingress-operator", "error": "failed to ensure deployment: failed to build router deployment: ingresscontroller \"default\" has invalid spec.nodePlacement.nodeSelector: operator \"NotIn\" cannot be converted into the old label selector format", "errorCauses": [{"error": "failed to ensure deployment: failed to build router deployment: ingresscontroller \"default\" has invalid spec.nodePlacement.nodeSelector: operator \"DoesNotExist\" cannot be converted into the old label selector format"}]}

      Expected results:

      Ideally, router pods should be configured with the specified node selector, and cluster-ingress-operator should not log an error. Unfortunately, this result cannot be implemented (see "Additional info").

      Alternatively, we should document that using the spec.nodePlacement.nodeSelector.matchExpressions is unsupported.

      Additional info:

      Although it is possible to put a complex match expression in the IngressController.spec.nodePlacement.nodeSelector API field, it is impossible for the operator to convert this into a node selector for the router deployment's pod template spec because the latter requires the node selector be in a string form, and the string form for node selectors does not support complex expressions. This is an unfortunate oversight in the design of the API. We cannot make complex expressions work, and we cannot make a breaking API change, so the only feasible option here is to change the API godoc to warn users that using matchExpressions is not supported.

      Related discussion: https://github.com/openshift/api/pull/870#discussion_r601577395.

      This Jira issue is a duplicate of https://bugzilla.redhat.com/show_bug.cgi?id=2043573 to placate automation.

            mmasters1@redhat.com Miciah Masters
            mmasters1@redhat.com Miciah Masters
            Hongan Li Hongan Li
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: