Loading...

Type: Bug
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: 4.16
Component/s: Documentation / Cloud Compute
Labels:
- triaged

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Story Points:
None
Severity:
Low
Regression:
None

Target Backport Versions:
None
Target Version:
None
Release Blocker:
None
Sprint:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Impact Score:

Release Note Status:
None
Release Note Type:
None
Release Note Text:
None

Escape Reason:
None
Escape Impact:
None
Corrective Measures:
None
SDLC stage when should've been found:
None

Description of problem:

For doc https://docs.openshift.com/container-platform/4.16/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-aws.html#cpmso-yaml-provider-spec-aws_cpmso-config-options-aws

1. we'd better change
spec:
# ...
  template:
# ...
      spec:
        providerSpec:
to 
spec:
# ...
  template:
# ...
    machines_v1beta1_machine_openshift_io:
# ...
      spec:
        providerSpec:
this issue same for other platforms

2. remove "tenancy:", there is no this parameter by default unless we configured it during installation. And we already have a separate chapter on how to configure tenancy in cpms https://docs.openshift.com/container-platform/4.16/machine_management/control_plane_machine_management/cpmso_provider_configurations/cpmso-config-options-aws.html#machineset-dedicated-instance_cpmso-config-options-aws we can move details to this part.

3. After installer move to capi, below part has changed from 
            securityGroups:
            - filters:
              - name: tag:Name
                values:
                - <cluster_id>-master-sg 
to 
            securityGroups:
            - filters:
              - name: tag:Name
                values:
                - zhsun-aws89-lh9cg-node
            - filters:
              - name: tag:Name
                values:
                - zhsun-aws89-lh9cg-lb
            - filters:
              - name: tag:Name
                values:
                - zhsun-aws89-lh9cg-controlplane

4. missed tags:
            tags:
            - name: kubernetes.io/cluster/zhsun-aws89-lh9cg
              value: owned

The cpms on aws looks like:
$ oc get controlplanemachineset cluster -n openshift-machine-api -o yaml   
apiVersion: machine.openshift.io/v1
kind: ControlPlaneMachineSet
metadata:
  labels:
    machine.openshift.io/cluster-api-cluster: zhsun-aws89-lh9cg
  name: cluster
  namespace: openshift-machine-api
spec:
  replicas: 3
  selector:
    matchLabels:
      machine.openshift.io/cluster-api-cluster: zhsun-aws89-lh9cg
      machine.openshift.io/cluster-api-machine-role: master
      machine.openshift.io/cluster-api-machine-type: master
  state: Active
  strategy:
    type: RollingUpdate
  template:
    machineType: machines_v1beta1_machine_openshift_io
    machines_v1beta1_machine_openshift_io:
      failureDomains:
        aws:
        - placement:
            availabilityZone: us-east-2a
          subnet:
            filters:
            - name: tag:Name
              values:
              - zhsun-aws89-lh9cg-subnet-private-us-east-2a
            type: Filters
        - placement:
            availabilityZone: us-east-2b
          subnet:
            filters:
            - name: tag:Name
              values:
              - zhsun-aws89-lh9cg-subnet-private-us-east-2b
            type: Filters
        - placement:
            availabilityZone: us-east-2c
          subnet:
            filters:
            - name: tag:Name
              values:
              - zhsun-aws89-lh9cg-subnet-private-us-east-2c
            type: Filters
        platform: AWS
      metadata:
        labels:
          machine.openshift.io/cluster-api-cluster: zhsun-aws89-lh9cg
          machine.openshift.io/cluster-api-machine-role: master
          machine.openshift.io/cluster-api-machine-type: master
      spec:
        lifecycleHooks: {}
        metadata: {}
        providerSpec:
          value:
            ami:
              id: ami-0dc8f3a200b9a6b1f
            apiVersion: machine.openshift.io/v1beta1
            blockDevices:
            - ebs:
                encrypted: true
                iops: 0
                kmsKey:
                  arn: ""
                volumeSize: 120
                volumeType: gp3
            credentialsSecret:
              name: aws-cloud-credentials
            deviceIndex: 0
            iamInstanceProfile:
              id: zhsun-aws89-lh9cg-master-profile
            instanceType: m6i.xlarge
            kind: AWSMachineProviderConfig
            loadBalancers:
            - name: zhsun-aws89-lh9cg-int
              type: network
            - name: zhsun-aws89-lh9cg-ext
              type: network
            metadata:
              creationTimestamp: null
            metadataServiceOptions: {}
            placement:
              availabilityZone: ""
              region: us-east-2
            securityGroups:
            - filters:
              - name: tag:Name
                values:
                - zhsun-aws89-lh9cg-node
            - filters:
              - name: tag:Name
                values:
                - zhsun-aws89-lh9cg-lb
            - filters:
              - name: tag:Name
                values:
                - zhsun-aws89-lh9cg-controlplane
            subnet: {}
            tags:
            - name: kubernetes.io/cluster/zhsun-aws89-lh9cg
              value: owned
            userDataSecret:
              name: master-user-data

is related to

OCPBUGS-37959 [AWS] <infrastructure_id>-worker-sg, <cluster_id>-master-sg securityGroups and <infrastructure_id>-private-<zone>, <cluster_id>-private-<aws_zone_b> subnet don't exist since 4.16

New

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide