-
Bug
-
Resolution: Unresolved
-
Critical
-
None
-
4.21, 4.22
-
None
Description of problem:
When add HyperShift operator `--registry-overrides` flag to override image registries, the cluster-api and capi-provider deployments are not being overridden and continue pulling images from quay.io/openshift-release-dev/ocp-v4.0-art-dev` instead of the configured override registry.
All other control plane components correctly use the overridden registry.
This worked correctly in 4.19 and 4.20 but is broken in 4.21 and later
Version-Release number of selected component (if applicable):
How reproducible:
always
Steps to Reproduce:
1.Deploy HyperShift on Aks
2.Mirror OpenShift release images to ACR:
oc adm release mirror --from $RELEASE_IMAGE_LATEST --to $ACR_REPO -a $PULL_SECRET_PATH
3.Configure HyperShift operator with registry overrides
oc patch deployment operator -n hypershift --type=json -p='[
{
"op": "add",
"path": "/spec/template/spec/containers/0/args/-",
"value": "--registry-overrides=quay.io/openshift-release-dev/ocp-v4.0-art-dev='$ACR_REPO',quay.io
/openshift-release-dev/ocp-release='$ACR_REPO'"
}
]'
4. Create a HostedCluster
5. Verify deployment images in the hosted control plane namespace:
oc get deploy -n clusters-<cluster-name> -o json | \
jq -r '.items[] | .metadata.name + " | " + .spec.template.spec.containers[0].image'
Actual results:
[capi-provider pod yaml|https://gcsweb-qe-private-deck-ci.apps.ci.l2s4.p1.openshiftapps.com/gcs/qe-private-deck/logs/periodic-ci-openshift-openshift-tests-private-release-4.21-amd64-nightly-azure-aks-hypershift-registry-overrides-guest-f7/2011706395962904576/artifacts/azure-aks-hypershift-registry-overrides-guest-f7/dump/artifacts/namespaces/clusters-356b04e96ea8e61b0cdf/core/pods/capi-provider-866456b576-rjs4j.yaml]
Only initContainers image has been overrided.
[cluster-api pod yaml|https://gcsweb-qe-private-deck-ci.apps.ci.l2s4.p1.openshiftapps.com/gcs/qe-private-deck/logs/periodic-ci-openshift-openshift-tests-private-release-4.21-amd64-nightly-azure-aks-hypershift-registry-overrides-guest-f7/2011706395962904576/artifacts/azure-aks-hypershift-registry-overrides-guest-f7/dump/artifacts/namespaces/clusters-356b04e96ea8e61b0cdf/core/pods/cluster-api-898cb5d8b-4fwdf.yaml]
The two deploy still use quay.io, but not overrided registry
Expected results:
All deployments in the hosted control plane namespace, including `cluster-api` and `capi-provider`, should use images from the override registry (`preservehypershiftaks.azurecr.io/release-xxxxx`).
Additional info:
[dump log|https://gcsweb-qe-private-deck-ci.apps.ci.l2s4.p1.openshiftapps.com/gcs/qe-private-deck/logs/periodic-ci-openshift-openshift-tests-private-release-4.21-amd64-nightly-azure-aks-hypershift-registry-overrides-guest-f7/2011706395962904576/artifacts/azure-aks-hypershift-registry-overrides-guest-f7/dump/]