Force PAO installation on master nodes

[marcel-apf]

PAO is meant to run on "control plane".

Use podAffinity to schedule PAO only on master nodes.
(https://docs.openshift.com/container-platform/4.5/nodes/scheduling/nodes-scheduler-pod-affinity.html)
Use taints tolerations to allow PAO scheduling on the master nodes.
(https://docs.openshift.com/container-platform/4.5/nodes/scheduling/nodes-scheduler-taints-tolerations.html)

Add a test verifying PAO runs in master nodes
Straight forward test that queries the node PAO is running on
is a master node.

[marcel-apf]

/retest

[marcel-apf]

Depends on #350

[MarSik]

I wonder if we should just use len(pods.Items) < 1 (just in case we eventually add HA and leader election). Or maybe it would be premature to change the test now, so just asking.

[ffromani]

Fair point, I prefer to keep the test as-is and see it break first when/if we add the HA/leader election.

[ffromani]

looks mostly OK. Most (relatively minor) concerns about the e2e test and the GetPerformanceProfilePod function, changes to CSV looks good

[ffromani]

it seems OCP control plane is using

    nodeSelector:
      node-role.kubernetes.io/master: ""

but the end result is the same and affinity rules are more powerful than nodeSelector, so it seems is fine.

[marcel-apf]

I preferred affinity since is is reflected in the official docs

[ffromani]

Is affinity reflected in the openshift official docs or the kubernetes official docs? or both?

[marcel-apf]

both

[ffromani]

any way to check that pod is indeeded running performance-operator and not any random pod which is happen to have the same label?

[marcel-apf]

In the same namespace as PAO "openshift-performance-addon" ? I think is a relatively safe bet...

[ffromani]

It's still a bet, meaning is still anecdotal evidence, and we need quite some of it to gain confidence. Checking the image name seems stronger (does it contain 'performance-operator'). Feel free to add more checks, or to lookup better ones.
The best way would probably be to check a PAO endpoint and to verify it is behaving correctly; that's sufficient proof the service is there. It's probably complex, maybe too complex to be done here, though.

[marcel-apf]

We are also checking we have only one pod in the namespace. The check is the first step in the func tests, I suppose the next steps will fail if for some reason the PAO is not in the namespace, but another pod with same label.
While I agree that theoretically is not enough, is it the place to add more checks?
I can add a check the actual pod name starts with performace-operator-{something}, but this is a side effect on how k8s names pods.Or maybe would add to confidence?

[marcel-apf]

Added check the performance operator pod name (not label) starts with "performance-operator"

[marcel-apf]

That should increase the confidence in the bet

[ffromani]

Still not completely happy with this solution, but good enough for now.

[ffromani]

unused?

[marcel-apf]

used by Reject()

[ffromani]

Fair enough. And BTW this is exacty why I dislike the dot imports.

[ffromani]

/lgtm
good enough for now

[marcel-apf]

/retest

[cynepco3hahue]

/retest

[coveralls]

Pull Request Test Coverage Report for Build 492

• 0 of 0 changed or added relevant lines in 0 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage remained the same at 70.939%

---

Totals
Change from base Build 485:	0.0%
Covered Lines:	869
Relevant Lines:	1225

---

💛 - Coveralls

[cynepco3hahue]

@marcel-apf Please fix CI job

export GOROOT=$(go env GOROOT); """_cache"/tools"/"operator-sdk-"v0.18.2"-"x86_64-linux-gnu""" generate k8s
time="2020-09-22T16:10:05Z" level=info msg="Running deepcopy code-generation for Custom Resource group versions: [performance:[v1 v1alpha1], ]\n"
time="2020-09-22T16:10:47Z" level=info msg="Code-generation complete."
Verifying that all code is committed after updating deps and formatting and generating code
hack/verify-generated.sh
uncommitted generated files. run 'make generate' and commit results.
 M functests/utils/pods/pods.go

[marcel-apf]

@marcel-apf Please fix CI job

export GOROOT=$(go env GOROOT); """_cache"/tools"/"operator-sdk-"v0.18.2"-"x86_64-linux-gnu""" generate k8s
time="2020-09-22T16:10:05Z" level=info msg="Running deepcopy code-generation for Custom Resource group versions: [performance:[v1 v1alpha1], ]\n"
time="2020-09-22T16:10:47Z" level=info msg="Code-generation complete."
Verifying that all code is committed after updating deps and formatting and generating code
hack/verify-generated.sh
uncommitted generated files. run 'make generate' and commit results.
 M functests/utils/pods/pods.go

Done, thanks!

[ffromani]

/lgtm

[openshift-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: fromanirh, marcel-apf

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [fromanirh]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[marcel-apf]

/retest

[marcel-apf]

/retest

[cynepco3hahue]

/cherry-pick release-4.6

[openshift-cherrypick-robot]

@cynepco3hahue: once the present PR merges, I will cherry-pick it on top of release-4.6 in a new PR and assign it to you.

In response to this:

/cherry-pick release-4.6

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[ffromani]

/override ci/prow/e2e-gcp-operator-upgrade
known issue about dup kernel args

[openshift-ci-robot]

@fromanirh: Overrode contexts on behalf of fromanirh: ci/prow/e2e-gcp-operator-upgrade

In response to this:

/override ci/prow/e2e-gcp-operator-upgrade
known issue about dup kernel args

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[cynepco3hahue]

/retest

[cynepco3hahue]

The single flakiness because of

out=Unable to connect to the server: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

[cynepco3hahue]

/override ci/prow/e2e-gcp

[openshift-ci-robot]

@cynepco3hahue: Overrode contexts on behalf of cynepco3hahue: ci/prow/e2e-gcp

In response to this:

/override ci/prow/e2e-gcp

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[ffromani]

The single flakiness because of

out=Unable to connect to the server: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

ok, for the record I agree with the evalutation and I was about to override myself. @cynepco3hahue was just faster.

[ffromani]

/retest

[openshift-ci-robot]

@marcel-apf: The following test failed, say /retest to rerun all failed tests:

Test name	Commit	Details	Rerun command
ci/prow/e2e-gcp	414cb91	link	/test e2e-gcp

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[cynepco3hahue]

@marcel-apf The failure connects to the functional test under the PR

• Failure [0.012 seconds]
[performance][config] Performance configuration
/go/src/github.com/openshift-kni/performance-addon-operators/functests/0_config/config.go:42
  Should run performance profile pod on a master node [It]
  /go/src/github.com/openshift-kni/performance-addon-operators/functests/0_config/config.go:44
  Failed to find the Performance Addon Operator pod
      
  Unexpected error:
      <*errors.errorString | 0xc00021e7a0>: {
          s: "incorrect performance operator pods count: 0",
      }
      incorrect performance operator pods count: 0
  occurred
  /go/src/github.com/openshift-kni/performance-addon-operators/functests/0_config/config.go:46

[cynepco3hahue]

The new test runs before the deployment of the PAO, so it not surprising that the test fails. I propose to make the check where the PAO pod run as part of the deployment test.

[ffromani]

The new test runs before the deployment of the PAO, so it not surprising that the test fails. I propose to make the check where the PAO pod run as part of the deployment test.

This means moving the test from the 0_config to the 1_performance suite, right? Because this is what I was thinking, and it's fine for me.

[ffromani]

The new test runs before the deployment of the PAO, so it not surprising that the test fails. I propose to make the check where the PAO pod run as part of the deployment test.

This means moving the test from the 0_config to the 1_performance suite, right? Because this is what I was thinking, and it's fine for me.

let's see: c61e2d1

I'll take care of this PR and have it merged ASAP.

[MarSik]

/retest

[ffromani]

actually obsoleted because #373 got merged

[marcel-apf]

yay!, closing this one