Loading...

XML

Word

Printable

Type: Feature Request
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Component/s: Node Health Check Operator
Labels:
- FenceAgentsRemediation

Target Version:
None
Activity Type:
Product / Portfolio Work
Status Summary:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Products:
None
Hierarchy Progress Bar:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Review Complete:
None
PX Impact Score:
PX Impact Range:
None
PX Priority Data:
None
PX Technical Impact:
None
PX Technical Impact Notes:
None
PX Scheduling Request:
None

1. Proposed title of this feature request

RUN FenceAgentsRemediation(FAR) operators pods on the master node or add an option to do it.
2. What is the nature and description of the request?

By default, FAR operator pods will run on worker nodes, and there is no option to move them to master nodes.
The KCS https://access.redhat.com/solutions/6979864 did not work even if we combined it with tolerations for the master nodes.


mdeore@mdeore1-mac ~ % oc get sub
NAME                       PACKAGE                    SOURCE             CHANNEL
fence-agents-remediation   fence-agents-remediation   redhat-operators   stable
mdeore@mdeore1-mac ~ % oc get sub -o yaml
apiVersion: v1
items:
- apiVersion: operators.coreos.com/v1alpha1
  kind: Subscription
  metadata:
    creationTimestamp: "2025-11-03T10:36:11Z"
    generation: 1
    labels:
      operators.coreos.com/fence-agents-remediation.openshift-workload-availability: ""
    name: fence-agents-remediation
    namespace: openshift-workload-availability
    resourceVersion: "758041"
    uid: a564991b-36fe-4955-a77e-3391cce08a98
  spec:
    channel: stable
    config:
      nodeSelector:
        node-role.kubernetes.io/master: ""
      tolerations:
      - effect: NoSchedule
        key: node-role.kubernetes.io/master
        operator: Exists
    installPlanApproval: Automatic
    name: fence-agents-remediation
    source: redhat-operators
    sourceNamespace: openshift-marketplace
    startingCSV: fence-agents-remediation.v0.6.0

mdeore@mdeore1-mac ~ % oc get po -o wide
NAME                                                           READY   STATUS    RESTARTS   AGE     IP             NODE                                                NOMINATED NODE   READINESS GATES
fence-agents-remediation-controller-manager-6c7cfc54c7-7t8dq   2/2     Running   0          4m17s   10.131.0.34    worker-2.shrocp4upi417ovn.lab.psi.pnq2.redhat.com   <none>           <none>
fence-agents-remediation-controller-manager-6c7cfc54c7-gkznc   2/2     Running   0          4m17s   10.128.2.184   worker-1.shrocp4upi417ovn.lab.psi.pnq2.redhat.com   <none>           <none>

3. Why does the customer need this? (List the business requirements here)

Customers don't want every pod that runs on the worker nodes to have access to our Idrac/Redfish. As every pod goes out by the IP of the worker host, the customer can't limit that on our firewall.
If we move them to master nodes, we can allow only the master node IPs in the firewall to Redfish.
4. List any affected packages or components.
The Subscription and fence-agents-remediation.v0.6.0 for fence-agents-remediation.

Assignee:: Ramon Acedo

Reporter:: Mayur Deore

Need Info From:: None

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2025/11/24 4:03 PM

Updated:: 2025/11/24 7:26 PM

Target start:: None

Target end:: None

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates