Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-58358

Service Mesh 3 creates a podDisruptionBudget object that prevents nodes from upgrading

XMLWordPrintable

    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • 1
    • None
    • None
    • Rejected
    • NI&D Sprint 273
    • 1
    • Done
    • Bug Fix
    • Hide
      * Previously, when the Gateway API feature was enabled, it installed an Istio control plane configured with one pod replica and an associated `PodDisruptionBudget` setting. The `PodDisruptionBudget` setting prevented the only pod replica from being evicted, blocking cluster upgrades. With this release, the Ingress Operator prevents the Istio control plane from being configured with the `PodDisruptionBudget` setting allowing cluster upgrades. (link:https://issues.redhat.com/browse/OCPBUGS-58358[OCPBUGS-58358])

      Show
      * Previously, when the Gateway API feature was enabled, it installed an Istio control plane configured with one pod replica and an associated `PodDisruptionBudget` setting. The `PodDisruptionBudget` setting prevented the only pod replica from being evicted, blocking cluster upgrades. With this release, the Ingress Operator prevents the Istio control plane from being configured with the `PodDisruptionBudget` setting allowing cluster upgrades. (link: https://issues.redhat.com/browse/OCPBUGS-58358 [ OCPBUGS-58358 ])
    • None
    • None
    • None
    • None

      Description of problem:

          When GatewayClass is created on ocp419, ossm3 gets installed and IstioCR gets created. This IstioCR by default has PodDisruptionBudget set to 1 and min scaling set to 1. This prevents nodes from draining when Openshift gets updated to newer version. There is no way to edit the IstioCR so the workaround described in https://issues.redhat.com/browse/OSSM-9071 does not work. 
Only workaround I found is to remove GatewayClass CR, so IstioCR gets deleted and Openshift update can finish and afterwards recreating GatewayClass CR.

      Version-Release number of selected component (if applicable):

          ocp 4.19

      How reproducible:

      Steps to Reproduce:

          1. Follow https://docs.redhat.com/en/documentation/openshift_container_platform/4.19/html/networking/configuring-ingress-cluster-traffic#nw-ingress-gateway-api-enable_ingress-gateway-api to create GatewayClass CR.
    2. Openshift cluster has available updates     
    3. Initiate update and wait.
    4. Last step of update is to restart nodes, this will get stuck indefinitely with errors as "Node cannot be drained"

      Actual results:

      Expected results:

      Additional info:

          Related: https://issues.redhat.com/browse/OSSM-9071

    Will impact RH Connectivity Link users on ocp419.

      Potential fixes:

      Either:

      • By default set in IstioCR spec.values.pilot.autoscaleMin to 2
      • By default set in IstioCR spec.values.global.defaultPodDisruptionBudget.enabled to false
      • Allow users to change one of these values externally

              mmasters1@redhat.com Miciah Masters
              rhn-support-azgabur Alexander Zgabur
              None
              None
              Ishmam Amin Ishmam Amin
              None
              Votes:
              1 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: