Resolution: Unresolved
CNF RAN Sprint 258, CNF RAN Sprint 259
This OCPBUG add clarifications on how to customize the ArgoCD patch used by ZTP with various release of Openshift and ACM.
In Progress
Description of problem:
GitOps apps policies reporting "Unknown" state when using ACM CRs to template a policy and observed comparison error. The problem was that a rhel9 ACM PG executable/image was being copied while the gitops image is based on rhel8.
Version-Release number of selected component (if applicable):
Hub Cluster:- OCP: 4.16.0-0.nightly-2024-04-16-195622 ACM: 2.10.2 GitOps: 1.12.0 TALM: 4.14.5-11 Spoke Cluster:- OCP: 4.14.22 ZTP container image: 4.14.5-9
How reproducible:
Steps to Reproduce:
1. Deploy 4.14 OCP SNO cluster with DU profile operator images from stage index 2. Use ACM PolicyGenerator resources for site specific configurations, example in http://registry.kni-qe-0.lab.eng.rdu2.redhat.com:3000/kni-qe/ztp-site-configs/src/workers-4.14/policygentemplates/ztp-test/acm-crs 3. ACM PGT referenced in GitOps apps policies using custom source path 4. Observed GitOps apps policies reporting "Unknown" state (not in Synced) with comparison error.
Actual results:
Failed to load target state: failed to generate manifest for source 1 of 1: rpc error: code = Unknown desc = Manifest generation error (cached): `kustomize build <path to cached source>/policygentemplates/ztp-test/acm-crs --enable-alpha-plugins` failed exit status 1: /.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator: /lib64/libc.so.6: version `GLIBC_2.32' not found (required by /.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator) /.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator: /lib64/libc.so.6: version `GLIBC_2.34' not found (required by /.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator) Error: failure in plugin configured via /tmp/kust-plugin-config-339301390; exit status 1: exit status 1
Expected results:
GitOps apps policies shoud be in "Synced" state after referencing ACM CRs to template a policy.
Additional info:
Below test case failed due to above stated issue. OCP-54236 https://gitlab.cee.redhat.com/cnf/cnf-gotests/-/blob/master/test/ran/ztp/tests/ztp_argocd_acm_crs.go?ref_type=heads#L151-260 Root of the problem:- Fix needs to be back ported to latest 4.14.z ZTP container image. ACM Policy Generator container image referenced in a file "ztp/gitops-subscriptions/argocd/deployment/argocd-openshift-gitops-patch.json" (line 53) is rhel9 ACM PolicyGenerator image was being copied while the gitops image (1.12.0) is based on rhel8. Work around:- used line 48 from https://github.com/openshift-kni/cnf-features-deploy/pull/1805/files#diff-8ce728c9d79f1cb76a0e77264b6de0f6eda0d76bb35ae5816ea0a3a112a702f3 to copy the universal ACM PG executable/image instead of the rhel9 one. Quick Manual Test Logs after applying a work around: (Test case : PASS) https://docs.google.com/document/d/131FWudOhiMF3Krg2T6fw2Vyal2gfW5EWV99oBGPVSds/edit?usp=sharing Original argocd-openshift-gitops-patch-org.json file (comes from 4.14.z ztp container):- { "spec": { "controller": { "resources": { "limits": { "cpu": "16", "memory": "32Gi" }, "requests": { "cpu": "1", "memory": "2Gi" } } }, "kustomizeBuildOptions": "--enable-alpha-plugins", "repo": { "volumes": [ { "name": "kustomize", "emptyDir": {} } ], "initContainers": [ { "resources": { }, "terminationMessagePath": "/dev/termination-log", "name": "kustomize-plugin", "command": [ "/exportkustomize.sh" ], "args": [ "/.config" ], "imagePullPolicy": "Always", "volumeMounts": [ { "name": "kustomize", "mountPath": "/.config" } ], "terminationMessagePolicy": "File", "image": "registry.kni-qe-16.lab.eng.rdu2.redhat.com:5000/ztp/ztp-site-generator:v4.14.5-9" }, { "args": [ "-c", "mkdir -p /.config/kustomize/plugin/ && cp -r /etc/kustomize/plugin/policy.open-cluster-management.io /.config/kustomize/plugin/" ], "command": [ "/bin/bash" ], "image": "registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel9@sha256:e8d3308a746813a4397e29b51f0715d40629a4a8362c5d19a6948de688285dbf", "name": "policy-generator-install", "imagePullPolicy": "Always", "volumeMounts": [ { "mountPath": "/.config", "name": "kustomize" } ] } ], "volumeMounts": [ { "name": "kustomize", "mountPath": "/.config" } ], "env": [ { "name": "ARGOCD_EXEC_TIMEOUT", "value": "360s" }, { "name": "KUSTOMIZE_PLUGIN_HOME", "value": "/.config/kustomize/plugin" } ], "resources": { "limits": { "cpu": "8", "memory": "16Gi" }, "requests": { "cpu": "1", "memory": "2Gi" } } } } }
- blocks
OCPBUGS-36627 [CNF-ZTP]: GitOps apps policies reporting Unknown state when using ACM CRs
- Closed
- depends on
OCPBUGS-32756 [CNF-ZTP]: GitOps apps policies reporting Unknown state when using ACM CRs
- Closed
- is cloned by
OCPBUGS-36627 [CNF-ZTP]: GitOps apps policies reporting Unknown state when using ACM CRs
- Closed
- links to
RHEA-2024:128248 OpenShift Container Platform 4.16.0 CNF vRAN extras update
RHSA-2024:128510 OpenShift Container Platform 4.15.1 CNF vRAN extras update
- mentioned on