Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-76350

HCP: hypershift-operator ignores AWS AMI override in NodePool specification causing failures in AWS ISO (classified) regions

XMLWordPrintable

    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • Important
    • None
    • None
    • None
    • None
    • In Progress
    • Bug Fix
    • Hide
      Cause: The hypershift-operator's defaultNodePoolAMI() function did not check for nil StreamMetadata in the release image, and the AMI resolution logic in NewToken() did not honor the AWS AMI override specified in nodePool.Spec.Platform.AWS.AMI.
      Consequence: NodePool deployments failed in AWS ISO (classified) regions where release image stream metadata does not contain region data, even when users specified a custom AMI via the NodePool specification.
      Fix: Added a nil check for releaseImage.StreamMetadata in defaultNodePoolAMI() to prevent a nil pointer dereference when stream metadata is unavailable, and updated the AMI resolution logic to check for user-specified AMI overrides before falling back to the default AMI lookup.
      Result: NodePool deployments in AWS ISO (classified) regions now correctly use the AMI override specified in nodePool.Spec.Platform.AWS.AMI when stream metadata is unavailable.
      Show
      Cause: The hypershift-operator's defaultNodePoolAMI() function did not check for nil StreamMetadata in the release image, and the AMI resolution logic in NewToken() did not honor the AWS AMI override specified in nodePool.Spec.Platform.AWS.AMI. Consequence: NodePool deployments failed in AWS ISO (classified) regions where release image stream metadata does not contain region data, even when users specified a custom AMI via the NodePool specification. Fix: Added a nil check for releaseImage.StreamMetadata in defaultNodePoolAMI() to prevent a nil pointer dereference when stream metadata is unavailable, and updated the AMI resolution logic to check for user-specified AMI overrides before falling back to the default AMI lookup. Result: NodePool deployments in AWS ISO (classified) regions now correctly use the AMI override specified in nodePool.Spec.Platform.AWS.AMI when stream metadata is unavailable.
    • None
    • None
    • None
    • None

      Description of problem:

      Hypershift hosted clusters in AWS ISO (classified) regions fail to honor AMI overrides in NodePool specifications causing node pool deployments to fail.  

The offending code appears to be at https://github.com/openshift/hypershift/blob/main/hypershift-operator/controllers/nodepool/token.go#L137, which fails to take into account the AMI override defined in nodePool.Spec.Platform.AWS.AMI.  

Additionally, there's no provision for handling the lack of release image metadata in the ISO regions at https://github.com/openshift/hypershift/blob/main/hypershift-operator/controllers/nodepool/nodepool_controller.go#L723-L726.

An example of where the AMI override *is* being honored can be seen at https://github.com/openshift/hypershift/blob/main/hypershift-operator/controllers/nodepool/aws.go#L56-L57.

This is preventing a customer from moving forward with their HCP implementation.

      Version-Release number of selected component (if applicable):

      How reproducible:

      Consistently fails when attempting to deploy in AWS ISO (classified) regions.

      Steps to Reproduce:

          1.
    2.
    3.

      Actual results:

      Expected results:

      Additional info:

              hypershift-automation hypershift-team automation
              rh-ee-cwigal Chad Wigal
              Jie Zhao Jie Zhao
              None
              Votes:
              1 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: