Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-48163

MicroShift creates .nodename file non-atomically and can end up being empty

XMLWordPrintable

    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • 3
    • None
    • None
    • None
    • None
    • uShift Sprint 266
    • 1
    • Done
    • Bug Fix
    • Hide
      Previously, a `.nodename` file that holds the last hostname was created by MicroShift on startup non-atomically. When MicroShift's startup was interrupted, the `.nodename` file was left behind empty. This `.nodename` file was used on the next MicroShift startup, causing the node name to stored as an empty string. This caused the API Server to reject the kubelet's calls and the start up failed. With this release, the `.nodename` file is created atomically with each MicroShift start up, preventing the error.
      Show
      Previously, a `.nodename` file that holds the last hostname was created by MicroShift on startup non-atomically. When MicroShift's startup was interrupted, the `.nodename` file was left behind empty. This `.nodename` file was used on the next MicroShift startup, causing the node name to stored as an empty string. This caused the API Server to reject the kubelet's calls and the start up failed. With this release, the `.nodename` file is created atomically with each MicroShift start up, preventing the error.
    • None
    • None
    • None
    • None

      Description of problem:

      MicroShift on startup creates .nodename file which holds the last hostname. If MicroShift's startup is interrupted (e.g. by reboot issued by microshift-tuned daemon), the file can be empty.
If the file is empty, it'll be used on next MicroShift startup causing it to think that node name is empty string.

That empty string will be stored in kubelet's certificate (CN: system:node:) which will cause API Server to reject kubelet's calls because user "system:node:" doesn't have an access to Node resource.

      Version-Release number of selected component (if applicable):

       

      How reproducible:

      Once in 7 months since the low latency test was added.

      Steps to Reproduce:

          1. Setup MicroShift with low latency - microshift-tuned daemon should restart the host on first boot to activate new tuned profile.
    2.
    3.

      Actual results:

          Kubelet cannot register node because of the malformed user.

      Expected results:

          MicroShift starts successfully (aka .nodename is created atomically)

      Additional info:

              pmatusza@redhat.com Patryk Matuszak
              pmatusza@redhat.com Patryk Matuszak
              None
              None
              John George John George
              Shauna Diaz Shauna Diaz
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: