-
Epic
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
None
-
None
-
Do not allow non-CNV customers to set "fail-swap-on"
-
Product / Portfolio Work
-
-
67% To Do, 0% In Progress, 33% Done
-
False
-
-
False
-
Not Selected
-
None
-
None
Epic Goal
Dev Task
Implement changes to the kubelet configuration to prevent users from modifying the failOnSwap setting.
- This task should ensure that failOnSwap is hard-coded to false on worker nodes and true on other node types (e.g., control plane nodes). This technical enforcement is crucial to the success of the epic.
Doc Task
Update the OpenShift documentation to explicitly state that swap is not supported.
- This task is critical to managing user expectations and preventing support issues. It ensures that the "no swap" policy is clearly communicated to all users.
Why is this important?
- KubeletConfiguration is part of MachineConfig. Customers have the freedom to set all the flags available upstream. We don't want the customer to use swap mode of KubeletConfiguration even if the node is configured for swap.
Scenarios
1. Scenario: User Attempt to Override Swap Settings
- Given: A user attempts to create a new OpenShift 4.21 cluster.
- When: The user includes failSwapOn or swapDesired flags in their KubeletConfiguration API request.
- Then: The API should reject the request with a clear error message, stating that these swap settings are not user-configurable and are managed by OpenShift
2. Scenario: Upgrade Path
- Given: An existing OpenShift 4.20 cluster is running.
- When: The cluster is upgraded to OpenShift 4.21.
- Then: The Kubelet on all nodes (including control plane and worker nodes) should automatically update to the correct default settings. Specifically, failSwapOn should be false on worker nodes and true on other node types. swapDesired should be set to NoSwap for all nodes.
3. Scenario: New Cluster Default Configuration
- Given: A new, fresh OpenShift 4.21 cluster is created.
- When: The Kubelet configuration is inspected on all node types within the cluster.
- Then:
-
- On all worker nodes, failSwapOn must be set to false.
- On all other node types (e.g., control plane), failSwapOn must be set to true.
- swapDesired must be set to NoSwap for all nodes in the cluster. This confirms the policy applies universally across the cluster.
4. Scenario: FeatureGate Test
- Given: A CNV user has a new or existing OpenShift 4.21 cluster.
- When: The user applies a FeatureGate object to enable NodeSwap as shown below:
YAML
apiVersion: config.openshift.io/v1
kind: FeatureGate
metadata:
name: cluster
spec:
featureSet: CustomNoUpgrade
customNoUpgrade:
enabled:
- NodeSwap - Then: This should have no impact. But setting NodeSwap in disabled should fail.
Acceptance Criteria
- CI - MUST be running successfully with tests automated
- Release Technical Enablement - Provide necessary release enablement details and documents.
- ...
Dependencies (internal and external)
None (The other Epic for allowing CNV folks has dependency)
Previous Work (Optional):
1. Node Swap went GA in 1.34. OpenShift 4.21 will be using this release of kubernetes: https://kubernetes.io/blog/2025/08/19/tuning-linux-swap-for-kubernetes-a-deep-dive/
Open questions:
- CI - CI is running, tests are automated and merged.
- Release Enablement <link to Feature Enablement Presentation>
- DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
- DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
- DEV - Downstream build attached to advisory: <link to errata>
- QE - Test plans in Polarion: <link or reference to Polarion>
- QE - Automated tests merged: <link or reference to automated tests>
- DOC - Downstream documentation merged: <link to meaningful PR>
