-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
4.21
-
None
-
Quality / Stability / Reliability
-
False
-
-
None
-
Moderate
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
When loadbalancers in the machine are not the same with AWSCluster, create MAPI master machine with authoritativeAPI: ClusterAPI doesn't work, it reports sync error FailedToConvertMAPIMachineToCAPI I think the error FailedToConvertMAPIMachineToCAPI is for MAPI2CAPI, but here it's CAPI2MAPI, so it should not report such error. It should get loadbalancers from the AWSCluster to create the machine, and ignore loadbalancers defined in the machine yaml, because authoritativeAPI is setting to ClusterAPI, so the loadbalancers defined in the non-authoritative MAPI machine should be overwritten.
Version-Release number of selected component (if applicable):
4.21.0-0.nightly-multi-2025-10-20-011127
How reproducible:
always
Steps to Reproduce:
1.Create an AWS techpreview cluster, there is controlplanemachineset by default, delete the controlplanemachineset, master machines are sync to CAPI
2.Create master-user-data secret in openshift-cluster-api
3.Create a MAPI master machine with authoritativeAPI: ClusterAPI, and loadbalancers are different from AWSCluster, there are two loadbalancers in AWSCluster, but only with one in the machine, for example
loadBalancers:
- name: ci-op-wqf72xd2-150c1-p4qqn-ext
type: network
liuhuali@Lius-MacBook-Pro huali-test % oc get machine ci-op-wqf72xd2-150c1-p4qqn-master-0 -oyaml>ms1.yaml
liuhuali@Lius-MacBook-Pro huali-test % vim ms1.yaml
liuhuali@Lius-MacBook-Pro huali-test % oc create -f ms1.yaml
machine.machine.openshift.io/ci-op-wqf72xd2-150c1-p4qqn-master-3 created
liuhuali@Lius-MacBook-Pro huali-test % cat ms1.yaml
apiVersion: machine.openshift.io/v1beta1
kind: Machine
metadata:
labels:
machine.openshift.io/cluster-api-cluster: ci-op-wqf72xd2-150c1-p4qqn
machine.openshift.io/cluster-api-machine-role: master
machine.openshift.io/cluster-api-machine-type: master
machine.openshift.io/instance-type: m6g.xlarge
machine.openshift.io/region: ap-northeast-1
machine.openshift.io/zone: ap-northeast-1c
name: ci-op-wqf72xd2-150c1-p4qqn-master-3
namespace: openshift-machine-api
spec:
authoritativeAPI: ClusterAPI
lifecycleHooks:
preDrain:
- name: EtcdQuorumOperator
owner: clusteroperator/etcd
metadata: {}
providerSpec:
value:
ami:
id: ami-035d6df3818a1cb1f
apiVersion: machine.openshift.io/v1beta1
blockDevices:
- ebs:
encrypted: true
iops: 0
kmsKey:
arn: ""
volumeSize: 120
volumeType: gp3
capacityReservationId: ""
credentialsSecret:
name: aws-cloud-credentials
deviceIndex: 0
iamInstanceProfile:
id: ci-op-wqf72xd2-150c1-p4qqn-master-profile
instanceType: m6g.xlarge
kind: AWSMachineProviderConfig
loadBalancers:
- name: ci-op-wqf72xd2-150c1-p4qqn-ext
type: network
metadata:
creationTimestamp: null
metadataServiceOptions: {}
placement:
availabilityZone: ap-northeast-1c
region: ap-northeast-1
securityGroups:
- filters:
- name: tag:Name
values:
- ci-op-wqf72xd2-150c1-p4qqn-node
- filters:
- name: tag:Name
values:
- ci-op-wqf72xd2-150c1-p4qqn-lb
- filters:
- name: tag:Name
values:
- ci-op-wqf72xd2-150c1-p4qqn-controlplane
subnet:
filters:
- name: tag:Name
values:
- ci-op-wqf72xd2-150c1-p4qqn-subnet-private-ap-northeast-1c
tags:
- name: kubernetes.io/cluster/ci-op-wqf72xd2-150c1-p4qqn
value: owned
- name: ci-nat-replace
value: "false"
- name: clusterName
value: ci-op-wqf72xd2-150c1
- name: expirationDate
value: 2025-10-21T11:48+00:00
- name: usage-ci-type
value: prow
- name: usage-cluster-type
value: classic
- name: usage-job-type
value: presubmit
- name: usage-pull-request
value: "69031"
- name: usage-user
value: huali9
userDataSecret:
name: master-user-data
4. No CAPI machine is created, the MAPI machine stuck in no phase, report sync error FailedToConvertMAPIMachineToCAPI
liuhuali@Lius-MacBook-Pro huali-test % oc get machine -n openshift-machine-api
NAME PHASE TYPE REGION ZONE AGE
ci-op-wqf72xd2-150c1-p4qqn-master-0 Running m6g.xlarge ap-northeast-1 ap-northeast-1c 112m
ci-op-wqf72xd2-150c1-p4qqn-master-1 Running m6g.xlarge ap-northeast-1 ap-northeast-1d 112m
ci-op-wqf72xd2-150c1-p4qqn-master-2 Running m6g.xlarge ap-northeast-1 ap-northeast-1c 112m
ci-op-wqf72xd2-150c1-p4qqn-master-3 m6g.xlarge ap-northeast-1 ap-northeast-1c 15m
ci-op-wqf72xd2-150c1-p4qqn-worker-ap-northeast-1c-9dlkx Running m6g.xlarge ap-northeast-1 ap-northeast-1c 106m
ci-op-wqf72xd2-150c1-p4qqn-worker-ap-northeast-1c-vl2ks Running m6g.xlarge ap-northeast-1 ap-northeast-1c 106m
ci-op-wqf72xd2-150c1-p4qqn-worker-ap-northeast-1d-x9sn2 Running m6g.xlarge ap-northeast-1 ap-northeast-1d 106m
liuhuali@Lius-MacBook-Pro huali-test % oc get machine.c
NAME CLUSTER NODENAME PROVIDERID PHASE AGE VERSION
ci-op-wqf72xd2-150c1-p4qqn-master-0 ci-op-wqf72xd2-150c1-p4qqn ip-10-0-61-145.ap-northeast-1.compute.internal aws:///ap-northeast-1c/i-0943312629f34d163 Running 46m
ci-op-wqf72xd2-150c1-p4qqn-master-1 ci-op-wqf72xd2-150c1-p4qqn ip-10-0-74-74.ap-northeast-1.compute.internal aws:///ap-northeast-1d/i-0088ce226b658e334 Running 46m
ci-op-wqf72xd2-150c1-p4qqn-master-2 ci-op-wqf72xd2-150c1-p4qqn ip-10-0-24-128.ap-northeast-1.compute.internal aws:///ap-northeast-1c/i-0ab346ab0a3023616 Running 46m
ci-op-wqf72xd2-150c1-p4qqn-worker-ap-northeast-1c-9dlkx ci-op-wqf72xd2-150c1-p4qqn ip-10-0-22-64.ap-northeast-1.compute.internal aws:///ap-northeast-1c/i-04b77c14acad8f0d5 Running 88m
ci-op-wqf72xd2-150c1-p4qqn-worker-ap-northeast-1c-vl2ks ci-op-wqf72xd2-150c1-p4qqn ip-10-0-44-30.ap-northeast-1.compute.internal aws:///ap-northeast-1c/i-093a2f18e1b248b56 Running 95m
ci-op-wqf72xd2-150c1-p4qqn-worker-ap-northeast-1d-x9sn2 ci-op-wqf72xd2-150c1-p4qqn ip-10-0-119-130.ap-northeast-1.compute.internal aws:///ap-northeast-1d/i-0cb7af2543fed4e8e Running 95m
liuhuali@Lius-MacBook-Pro huali-test % oc get awsmachine
NAME CLUSTER STATE READY INSTANCEID MACHINE
ci-op-wqf72xd2-150c1-p4qqn-master-0 ci-op-wqf72xd2-150c1-p4qqn running true aws:///ap-northeast-1c/i-0943312629f34d163 ci-op-wqf72xd2-150c1-p4qqn-master-0
ci-op-wqf72xd2-150c1-p4qqn-master-1 ci-op-wqf72xd2-150c1-p4qqn running true aws:///ap-northeast-1d/i-0088ce226b658e334 ci-op-wqf72xd2-150c1-p4qqn-master-1
ci-op-wqf72xd2-150c1-p4qqn-master-2 ci-op-wqf72xd2-150c1-p4qqn running true aws:///ap-northeast-1c/i-0ab346ab0a3023616 ci-op-wqf72xd2-150c1-p4qqn-master-2
ci-op-wqf72xd2-150c1-p4qqn-worker-ap-northeast-1c-9dlkx ci-op-wqf72xd2-150c1-p4qqn running true aws:///ap-northeast-1c/i-04b77c14acad8f0d5 ci-op-wqf72xd2-150c1-p4qqn-worker-ap-northeast-1c-9dlkx
ci-op-wqf72xd2-150c1-p4qqn-worker-ap-northeast-1c-vl2ks ci-op-wqf72xd2-150c1-p4qqn running true aws:///ap-northeast-1c/i-093a2f18e1b248b56 ci-op-wqf72xd2-150c1-p4qqn-worker-ap-northeast-1c-vl2ks
ci-op-wqf72xd2-150c1-p4qqn-worker-ap-northeast-1d-x9sn2 ci-op-wqf72xd2-150c1-p4qqn running true aws:///ap-northeast-1d/i-0cb7af2543fed4e8e ci-op-wqf72xd2-150c1-p4qqn-worker-ap-northeast-1d-x9sn2
liuhuali@Lius-MacBook-Pro huali-test % oc get machine -n openshift-machine-api ci-op-wqf72xd2-150c1-p4qqn-master-3 -oyaml
apiVersion: machine.openshift.io/v1beta1
kind: Machine
metadata:
creationTimestamp: "2025-10-21T05:46:20Z"
finalizers:
- sync.machine.openshift.io/finalizer
generation: 1
labels:
machine.openshift.io/cluster-api-cluster: ci-op-wqf72xd2-150c1-p4qqn
machine.openshift.io/cluster-api-machine-role: master
machine.openshift.io/cluster-api-machine-type: master
machine.openshift.io/instance-type: m6g.xlarge
machine.openshift.io/region: ap-northeast-1
machine.openshift.io/zone: ap-northeast-1c
name: ci-op-wqf72xd2-150c1-p4qqn-master-3
namespace: openshift-machine-api
resourceVersion: "63103"
uid: 0f55fe85-ed2d-44a1-a047-2d4c3ac6e0e5
spec:
authoritativeAPI: ClusterAPI
lifecycleHooks:
preDrain:
- name: EtcdQuorumOperator
owner: clusteroperator/etcd
metadata: {}
providerSpec:
value:
ami:
id: ami-035d6df3818a1cb1f
apiVersion: machine.openshift.io/v1beta1
blockDevices:
- ebs:
encrypted: true
iops: 0
kmsKey:
arn: ""
volumeSize: 120
volumeType: gp3
capacityReservationId: ""
credentialsSecret:
name: aws-cloud-credentials
deviceIndex: 0
iamInstanceProfile:
id: ci-op-wqf72xd2-150c1-p4qqn-master-profile
instanceType: m6g.xlarge
kind: AWSMachineProviderConfig
loadBalancers:
- name: ci-op-wqf72xd2-150c1-p4qqn-ext
type: network
metadata:
creationTimestamp: null
metadataServiceOptions: {}
placement:
availabilityZone: ap-northeast-1c
region: ap-northeast-1
securityGroups:
- filters:
- name: tag:Name
values:
- ci-op-wqf72xd2-150c1-p4qqn-node
- filters:
- name: tag:Name
values:
- ci-op-wqf72xd2-150c1-p4qqn-lb
- filters:
- name: tag:Name
values:
- ci-op-wqf72xd2-150c1-p4qqn-controlplane
subnet:
filters:
- name: tag:Name
values:
- ci-op-wqf72xd2-150c1-p4qqn-subnet-private-ap-northeast-1c
tags:
- name: kubernetes.io/cluster/ci-op-wqf72xd2-150c1-p4qqn
value: owned
- name: ci-nat-replace
value: "false"
- name: clusterName
value: ci-op-wqf72xd2-150c1
- name: expirationDate
value: 2025-10-21T11:48+00:00
- name: usage-ci-type
value: prow
- name: usage-cluster-type
value: classic
- name: usage-job-type
value: presubmit
- name: usage-pull-request
value: "69031"
- name: usage-user
value: huali9
userDataSecret:
name: master-user-data
status:
authoritativeAPI: ClusterAPI
conditions:
- lastTransitionTime: "2025-10-21T05:46:20Z"
message: 'Drain operation currently blocked by: [{Name:EtcdQuorumOperator Owner:clusteroperator/etcd}]'
reason: HookPresent
severity: Warning
status: "False"
type: Drainable
- lastTransitionTime: "2025-10-21T05:46:20Z"
message: The AuthoritativeAPI status is set to 'ClusterAPI'
reason: AuthoritativeAPINotMachineAPI
status: "True"
type: Paused
- lastTransitionTime: "2025-10-21T05:46:20Z"
status: "True"
type: Terminable
- lastTransitionTime: "2025-10-21T05:46:20Z"
message: 'failed to convert Machine API machine to Cluster API machine: spec.providerSpec.value.loadBalancers:
Invalid value: []v1beta1.LoadBalancerReference{v1beta1.LoadBalancerReference{Name:"ci-op-wqf72xd2-150c1-p4qqn-ext",
Type:"network"}}: must include load balancer named "ci-op-wqf72xd2-150c1-p4qqn-int"'
reason: FailedToConvertMAPIMachineToCAPI
severity: Error
status: "False"
type: Synchronized
lastUpdated: "2025-10-21T05:46:20Z"
phase: ""
synchronizedGeneration: 0
Actual results:
No CAPI machine is created, the MAPI machine stuck in no phase, report sync error FailedToConvertMAPIMachineToCAPI
Expected results:
Create CAPI machine successfully, MAPI machine sync successfully
Additional info:
must-gather: https://drive.google.com/file/d/1p7-XMn_MKWcdZiO2lTH3wjvxKyVWIBFN/view?usp=sharing
new feature testing for https://issues.redhat.com/browse/OCPCLOUD-2709