New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OCPBUGS-9274: canary: Tolerate infra node NoExecute taint #932
OCPBUGS-9274: canary: Tolerate infra node NoExecute taint #932
Conversation
Configure the canary daemonset to tolerate a "node-role.kubernetes.io/infra" node taint that specifies the "NoExecute" effect (or any other effect). Before this commit, the canary daemonset tolerated the "node-role.kubernetes.io/infra" node taint only if it specified the "NoSchedule" effect. However, some cluster admins taint infra nodes using both "NoSchedule" as well as "NoExecute", in which case canary pods would not be scheduled on these nodes. This inconsistency caused some confusion. With this commit, canary pods should be scheduled on infra nodes whether or not they are tainted using the "NoExecute" effect. This commit fixes OCPBUGS-9274. https://issues.redhat.com/browse/OCPBUGS-9274 * assets/canary/daemonset.yaml: Tolerate the "node-role.kubernetes.io/infra" taint irrespective of the specified effect. * pkg/manifests/bindata.go: Regenerate. * pkg/operator/controller/canary/daemonset_test.go (TestDesiredCanaryDaemonSet): Expect "Effect" to be unspecified on the toleration. (TestCanaryDaemonsetChanged): Add a test case to verify that canaryDaemonSetChanged correctly detects the change and updates the daemonset if the specified effect changes on the toleration.
@Miciah: This pull request references Jira Issue OCPBUGS-9274, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
Requesting review from QA contact: The bug has been updated to refer to the pull request using the external bug tracker. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/assign |
/retest-required |
/retest-required |
Seeing this repeatedly, wonder if it is transient:
/retest-required |
e2e-aws-operator failed because kube-apiserver and ovnkube-master failed to roll out some pods. |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: candita The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/hold |
/hold cancel |
e2e-aws-operator, e2e-aws-ovn, e2e-aws-ovn-serial, e2e-aws-ovn-single-node, and e2e-aws-ovn-upgrade failed because teh build cluster had no available nodes. |
@Miciah: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/retest-required |
80cfabf
into
openshift:master
@Miciah: Jira Issue OCPBUGS-9274: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-9274 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Configure the canary daemonset to tolerate a "node-role.kubernetes.io/infra" node taint that specifies the
NoExecute
effect (or any other effect).Before this change, the canary daemonset tolerated the "node-role.kubernetes.io/infra" node taint only if it specified the
NoSchedule
effect. However, some cluster admins taint infra nodes using bothNoSchedule
as well asNoExecute
, in which case canary pods would not be scheduled on these nodes. This inconsistency caused some confusion. With this change, canary pods should be scheduled on infra nodes whether or not they are tainted using theNoExecute
effect.assets/canary/daemonset.yaml
: Tolerate the "node-role.kubernetes.io/infra" taint irrespective of the specified effect.pkg/manifests/bindata.go
: Regenerate.pkg/operator/controller/canary/daemonset_test.go
(TestDesiredCanaryDaemonSet
): ExpectEffect
to be unspecified on the toleration.(
TestCanaryDaemonsetChanged
): Add a test case to verify thatcanaryDaemonSetChanged
correctly detects the change and updates the daemonset if the specified effect changes on the toleration.