-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
4.13.z, 4.12, 4.14.z, 4.15.z, 4.17.z, 4.16.z, 4.18
-
Important
-
None
-
False
-
Description of problem:
Pod specs using NodeName for scheduling to a specific node, that has taints with NoExecute Effect leads to a endless loop of pods getting created and terminated and overloading etcd that can lead to denial of Service.
Version-Release number of selected component (if applicable):
This is impacting multiple releases, for example. 4.12,4.14.4.15,4.16 and 4.17
How reproducible:
For me its 100% of the time reproducable
Steps to Reproduce:
1. Add a taint with NoExecute effect on a node
2. Create a deployment with pod spec using `nodename` to force the deployment on specific node(with noExecute taint)
3. Do not specify the tolerations on the pod for the above taint simply use the NodeName to force the scheduling on a speific node.
Actual results:
Loop while creating pods with deployment. Pods are getting created and terminated in endless loop unless resource quota on the number of pods is established.
Expected results:
May be, in such a scenario of misconfigurations the pods can be created and terminated for a specific no of time and should not go into endless loop and clear logging about missing tolerations or misconfigurations can be logged into logs and events for pod and cluster level.
