-
Bug
-
Resolution: Done-Errata
-
Major
-
None
-
4.14.z
-
Quality / Stability / Reliability
-
False
-
-
None
-
Important
-
Yes
-
None
-
None
-
None
-
None
-
None
-
This OCPBUG add clarifications on how to customize the ArgoCD patch used by ZTP with various release of Openshift and ACM.
-
None
-
None
-
None
-
None
This is a clone of issue OCPBUGS-36503. The following is the description of the original issue:
—
Description of problem:
GitOps apps policies reporting "Unknown" state when using ACM CRs to template a policy and observed comparison error. The problem was that a rhel9 ACM PG executable/image was being copied while the gitops image is based on rhel8.
Version-Release number of selected component (if applicable):
Hub Cluster:- OCP: 4.16.0-0.nightly-2024-04-16-195622 ACM: 2.10.2 GitOps: 1.12.0 TALM: 4.14.5-11 Spoke Cluster:- OCP: 4.14.22 ZTP container image: 4.14.5-9
How reproducible:
Always
Steps to Reproduce:
1. Deploy 4.14 OCP SNO cluster with DU profile operator images from stage index 2. Use ACM PolicyGenerator resources for site specific configurations, example in http://registry.kni-qe-0.lab.eng.rdu2.redhat.com:3000/kni-qe/ztp-site-configs/src/workers-4.14/policygentemplates/ztp-test/acm-crs 3. ACM PGT referenced in GitOps apps policies using custom source path 4. Observed GitOps apps policies reporting "Unknown" state (not in Synced) with comparison error.
Actual results:
Failed to load target state: failed to generate manifest for source 1 of 1: rpc error: code = Unknown desc = Manifest generation error (cached): `kustomize build <path to cached source>/policygentemplates/ztp-test/acm-crs --enable-alpha-plugins` failed exit status 1: /.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator: /lib64/libc.so.6: version `GLIBC_2.32' not found (required by /.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator) /.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator: /lib64/libc.so.6: version `GLIBC_2.34' not found (required by /.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator) Error: failure in plugin configured via /tmp/kust-plugin-config-339301390; exit status 1: exit status 1
Expected results:
GitOps apps policies shoud be in "Synced" state after referencing ACM CRs to template a policy.
Additional info:
Below test case failed due to above stated issue.
OCP-54236
https://gitlab.cee.redhat.com/cnf/cnf-gotests/-/blob/master/test/ran/ztp/tests/ztp_argocd_acm_crs.go?ref_type=heads#L151-260
Root of the problem:-
Fix needs to be back ported to latest 4.14.z ZTP container image.
ACM Policy Generator container image referenced in a file "ztp/gitops-subscriptions/argocd/deployment/argocd-openshift-gitops-patch.json" (line 53) is rhel9 ACM PolicyGenerator image was being copied while the gitops image (1.12.0) is based on rhel8.
Work around:-
used line 48 from https://github.com/openshift-kni/cnf-features-deploy/pull/1805/files#diff-8ce728c9d79f1cb76a0e77264b6de0f6eda0d76bb35ae5816ea0a3a112a702f3
to copy the universal ACM PG executable/image instead of the rhel9 one.
Quick Manual Test Logs after applying a work around: (Test case : PASS)
https://docs.google.com/document/d/131FWudOhiMF3Krg2T6fw2Vyal2gfW5EWV99oBGPVSds/edit?usp=sharing
Original argocd-openshift-gitops-patch-org.json file (comes from 4.14.z ztp container):-
{
"spec": {
"controller": {
"resources": {
"limits": {
"cpu": "16",
"memory": "32Gi"
},
"requests": {
"cpu": "1",
"memory": "2Gi"
}
}
},
"kustomizeBuildOptions": "--enable-alpha-plugins",
"repo": {
"volumes": [
{
"name": "kustomize",
"emptyDir": {}
}
],
"initContainers": [
{
"resources": {
},
"terminationMessagePath": "/dev/termination-log",
"name": "kustomize-plugin",
"command": [
"/exportkustomize.sh"
],
"args": [
"/.config"
],
"imagePullPolicy": "Always",
"volumeMounts": [
{
"name": "kustomize",
"mountPath": "/.config"
}
],
"terminationMessagePolicy": "File",
"image": "registry.kni-qe-16.lab.eng.rdu2.redhat.com:5000/ztp/ztp-site-generator:v4.14.5-9"
},
{
"args": [
"-c",
"mkdir -p /.config/kustomize/plugin/ && cp -r /etc/kustomize/plugin/policy.open-cluster-management.io /.config/kustomize/plugin/"
],
"command": [
"/bin/bash"
],
"image": "registry.redhat.io/rhacm2/multicluster-operators-subscription-rhel9@sha256:e8d3308a746813a4397e29b51f0715d40629a4a8362c5d19a6948de688285dbf",
"name": "policy-generator-install",
"imagePullPolicy": "Always",
"volumeMounts": [
{
"mountPath": "/.config",
"name": "kustomize"
}
]
}
],
"volumeMounts": [
{
"name": "kustomize",
"mountPath": "/.config"
}
],
"env": [
{
"name": "ARGOCD_EXEC_TIMEOUT",
"value": "360s"
},
{
"name": "KUSTOMIZE_PLUGIN_HOME",
"value": "/.config/kustomize/plugin"
}
],
"resources": {
"limits": {
"cpu": "8",
"memory": "16Gi"
},
"requests": {
"cpu": "1",
"memory": "2Gi"
}
}
}
}
}
- clones
-
-
- Closed
-
- is blocked by
-
-
- Closed
-
- links to
-
RHEA-2024:143662
OpenShift Container Platform 4.14.7 CNF vRAN extras update
- mentioned on
(1 mentioned on)