Uploaded image for project: 'Red Hat OpenStack Services on OpenShift'
  1. Red Hat OpenStack Services on OpenShift
  2. OSPRH-13530

Init container in "octavia-rsyslog" daemonset is using upstream image with a tag

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Major Major
    • rhos-18.0.6
    • rhos-18.0 FR 1 (Nov 2024), rhos-18.0.4
    • octavia-operator
    • None
    • 2
    • False
    • Hide

      None

      Show
      None
    • False
    • ?
    • octavia-operator-container-1.0.7-8
    • None
    • Hide
      .Deploy Load-balancing service in an offline cluster

      Before this update, the container image URL of the `octavia-rsyslog` pod was hard-coded and could not be overridden, with the result that users could not deploy the Load-balancing service (octavia) in an offline cluster.

      With this update, the container image URL can be overridden, and you can deploy the Load-balancing service offline.
      Show
      .Deploy Load-balancing service in an offline cluster Before this update, the container image URL of the `octavia-rsyslog` pod was hard-coded and could not be overridden, with the result that users could not deploy the Load-balancing service (octavia) in an offline cluster. With this update, the container image URL can be overridden, and you can deploy the Load-balancing service offline.
    • Bug Fix
    • Done
    • VANS-010
    • 1
    • Important

      Issue :

      1. Init container in "octavia-rsyslog" daemonset is using upstream image and not downstream
      2. Image is called with a tag instead of digest, which fails in offline cluster

       

      $ oc get ds octavia-rsyslog -oyaml | yq '.spec.template.spec.initContainers[]'
args:
  - -c
  - /usr/local/bin/container-scripts/init.sh
command:
  - /bin/bash
env:
  - name: CONFIG_HASH
    value: abcdefghijklabcdefghijklabcdefghijklabcdefghijklabcdefghijkl
  - name: KOLLA_CONFIG_STRATEGY
    value: COPY_ALWAYS
  - name: NODE_NAME
    valueFrom:
      fieldRef:
        apiVersion: v1
        fieldPath: spec.nodeName
image: quay.io/podified-antelope-centos9/openstack-octavia-health-manager:current-podified.  <<<<
imagePullPolicy: IfNotPresent
name: init
resources: {}
securityContext:
  privileged: true
  runAsUser: 0
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File

      To Reproduce Steps to reproduce the behavior:

       

      1. Deploy Octavia in offline cluster

       

      $ less namespaces/openstack/events.log
....
....
22m         Warning   Failed                  pod/octavia-rsyslog-lh8l5                 Failed to pull image "quay.io/podified-antelope-centos9/openstack-octavia-health-manager:current-podified": rpc error: code = DeadlineExceeded desc = pinging container registry quay.io: Get "https://quay.io/v2/": dial tcp x.x.x.x:443: i/o timeout
22m         Warning   Failed                  pod/octavia-rsyslog-lh8l5                 Error: ErrImagePull
21m         Warning   Failed                  pod/octavia-rsyslog-fsrqc                 Error: ImagePullBackOff
21m         Warning   Failed                  pod/octavia-rsyslog-lh8l5                 Error: ImagePullBackOff
....
2m44s       Normal    BackOff                 pod/octavia-rsyslog-fsrqc                 Back-off pulling image "quay.io/podified-antelope-centos9/openstack-octavia-health-manager:current-podified"
2m42s       Normal    BackOff                 pod/octavia-rsyslog-lh8l5                 Back-off pulling image "quay.io/podified-antelope-centos9/openstack-octavia-health-manager:current-podified"

       

       

      From code :

      https://github.com/openstack-k8s-operators/octavia-operator/blob/18.0-fr1/pkg/octaviarsyslog/daemonset.go#L134

      $ less octavia-operator/pkg/octaviarsyslog/daemonset.go
....
                                        InitContainers: []corev1.Container{
                                                {
                                                        Name: "init",
                                                        // TODO(gthiemonge) Using Octavia HM Container image is a workaround to get a container with pyroute2
                                                        // Replace it by an init container image with pyroute2 when it's available
                                                        // OSPRH-8434
                                                        Image: octaviav1.OctaviaHealthManagerContainerImage,    <<<<<<
....

       

      https://github.com/openstack-k8s-operators/octavia-operator/blob/18.0-fr1/api/v1beta1/octavia_types.go#L35

       

      $ less octavia-operator/api/v1beta1/octavia_types.go
....
        // OctaviaHealthManagerContainerImage is the fall-back container image for OctaviaHealthManager
        OctaviaHealthManagerContainerImage = "quay.io/podified-antelope-centos9/openstack-octavia-health-manager:current-podified"
....

       

       

      from https://github.com/openstack-k8s-operators/octavia-operator/blob/18.0-fr1/api/v1beta1/octavia_types.go#L369

       

              HealthManagerContainerImageURL: util.GetEnvVar("RELATED_IMAGE_OCTAVIA_HEALTHMANAGER_IMAGE_URL_DEFAULT", OctaviaHealthManagerContainerImage),

       

      Although RELATED_IMAGE_OCTAVIA_HEALTHMANAGER_IMAGE_URL_DEFAULT env variable is getting referenced to OctaviaHealthManagerContainerImage, init container image seems to skip this override

      Expected behavior

       

      • Init container image in "octavia-rsyslog" daemonset should use downstream image along with digest

       

      Bug impact

      • Customer with offline cluster unable to deploy the Octavia

       

      Known workaround

      • No workaround as of now as it is constant in code

       

      Additional Info

      https://issues.redhat.com/browse/OSPRH-8434

              rhn-support-gthiemon Gregory Thiemonge
              rhn-support-apverma Apoorv Verma
              rhos-dfg-networking-squad-vans
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: