Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-3517

Affinity rule created in router deployment for single-replica infrastructure and "NodePortService" endpoint publishing strategy

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Normal
    • 4.12.z
    • 4.12
    • Networking / router
    • None
    • Moderate
    • 3
    • Sprint 227, Sprint 228, Sprint 229, Sprint 230, Sprint 231, Sprint 232, Sprint 233, Sprint 234
    • 8
    • Rejected
    • False
    • Hide

      None

      Show
      None

    Description

      This is a clone of issue OCPBUGS-1725. The following is the description of the original issue:

      Description of problem:

      Cluster ingress operator creates router deployments with affinity rules when running in a cluster with non-HA infrastructure plane (InfrastructureTopology=="SingleReplica") and "NodePortService" endpoint publishing strategy. With only one worker node available, rolling update of router-default stalls.

      Version-Release number of selected component (if applicable):

      All

      How reproducible:

      Create a single worker node cluster with "NodePortService" endpoint publishing strategy and try to restart the default router. Restart will not go through.

      Steps to Reproduce:

      1. Create a single worker node OCP cluster with HA control plane (ControlPlaneTopology=="HighlyAvailable"/"External") and one worker node (InfrastructureTopology=="SingleReplica") using "NodePortService" endpoint publishing strategy. The operator will create "ingress-default" deployment with "podAntiAffinity" block, even though the number of nodes where ingress pods can be scheduled is only one:
```
apiVersion: apps/v1
kind: Deployment
metadata:
  ...
  name: router-default
  namespace: openshift-ingress
  ...
spec:
  ...
  replicas: 1
  ...
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 50%
    type: RollingUpdate
  template:
    ...
    spec:
      affinity:
        ...
        podAntiAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
              - key: ingresscontroller.operator.openshift.io/deployment-ingresscontroller
                operator: In
                values:
                - default
              - key: ingresscontroller.operator.openshift.io/hash
                operator: In
                values:
                - 559d6c97f4
            topologyKey: kubernetes.io/hostname
...
```

2. Restart the default router

```
oc rollout restart deployment router-default -n openshift-ingress
```

      Actual results:

      Deployment restart does not complete and hangs forever:

```
oc get po -n openshift-ingress
NAME                              READY   STATUS    RESTARTS   AGE
router-default-58d88f8bf6-cxnjk   0/1     Pending   0          2s
router-default-5bb8c8985b-kdg92   1/1     Running   0          2d23h
```

      Expected results:

      Deployment restart completes

      Additional info:

       

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-1725 Affinity rule created in router deployment for single-replica infrastructure and "NodePortService" endpoint publishing strategy

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • Closed
          is blocked by

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-1725 Affinity rule created in router deployment for single-replica infrastructure and "NodePortService" endpoint publishing strategy

          • Normal - To be worked after urgent and high priorities are resolved. This term is chosen when the severity of an issue is relatively close to the level of effort to fix it. The existence of an easily implemented workaround can also lead to this priority level instead of a higher priority.
          • Closed
          links to

          GitHub openshift/cluster-ingress-operator#857: [release-4.12] OCPBUGS-3517: Ingress controller should not have affinity policy in single-replica clusters

          Activity

            People

              mmasters1@redhat.com Miciah Masters
              openshift-crt-jira-prow OpenShift Prow Bot
              Shudi Li Shudi Li
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: