OCPBUGS-16019: prevent creation of multiple cni-sysctl-allowlist-ds pods #1904

mlguerrero12 · 2023-07-17T15:06:52Z

The daemonset has a BestEffort QoS which means that in some cases, the pods won't ever be scheduled.
This also prevents unwanted retries when one or more pods are not ready due to issues with the cluster.
https://issues.redhat.com/browse/OCPBUGS-15818 (BestEffort Daemonset cni-sysctl-allowlist-ds)

When there are issues with the cluster such as in https://issues.redhat.com/browse/OCPBUGS-15284, some pods are stuck in the terminating state which affects subsequent reconciliations of the allowlist controller.

openshift-ci-robot · 2023-07-17T15:06:58Z

@mlguerrero12: This pull request references Jira Issue OCPBUGS-16019, which is invalid:

expected the bug to target the "4.14.0" version, but no target version was set

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

In response to this:

The daemonset has a BestEffort QoS which means that in some cases, the pods won't ever be scheduled.
This also prevents unwanted retries when one or more pods are not ready due to issues with the cluster.
https://issues.redhat.com/browse/OCPBUGS-15818 (BestEffort Daemonset cni-sysctl-allowlist-ds)

When there are issues with the cluster such as in https://issues.redhat.com/browse/OCPBUGS-15284, some pods are stuck in the terminating state which affects subsequent reconciliations of the allowlist controller.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

mlguerrero12 · 2023-07-17T15:07:49Z

/jira refresh

openshift-ci-robot · 2023-07-17T15:07:56Z

@mlguerrero12: This pull request references Jira Issue OCPBUGS-16019, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug

bug is open, matching expected state (open)
bug target version (4.14.0) matches configured target version for branch (4.14.0)
bug is in the state ASSIGNED, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @anuragthehatter

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

openshift-ci-robot · 2023-07-17T15:07:59Z

@mlguerrero12: This pull request references Jira Issue OCPBUGS-16019, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug

bug is open, matching expected state (open)
bug target version (4.14.0) matches configured target version for branch (4.14.0)
bug is in the state ASSIGNED, which is one of the valid states (NEW, ASSIGNED, POST)

Requesting review from QA contact:
/cc @anuragthehatter

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

mlguerrero12 · 2023-07-18T07:27:47Z

/retest-required

mlguerrero12 · 2023-07-18T09:37:05Z

/retest

mlguerrero12 · 2023-07-18T13:03:31Z

/retest-required

mlguerrero12 · 2023-07-19T07:44:08Z

/retest

mlguerrero12 · 2023-07-20T07:49:25Z

/retest-required

mlguerrero12 · 2023-07-20T13:56:49Z

/retest

dougbtv · 2023-07-20T17:28:23Z

pkg/controller/allowlist/allowlist_controller.go

@@ -216,16 +241,16 @@ func deleteDeamonSet(ctx context.Context, client cnoclient.Client) error {
 	return nil
 }

-func daemonsetExists(ctx context.Context, client cnoclient.Client) (bool, error) {
+func getDeamonSet(ctx context.Context, client cnoclient.Client) (*appsv1.DaemonSet, error) {


nit: getDaemonSet

Fixed. Thanks.

dougbtv · 2023-07-20T17:55:45Z

/approve

cgoncalves · 2023-07-21T14:43:03Z

/lgtm

openshift-ci-robot · 2023-07-21T14:52:37Z

/retest-required

Remaining retests: 0 against base HEAD 3db0fc3 and 2 for PR HEAD ad8e30d in total

openshift-ci-robot · 2023-07-21T17:43:59Z

/retest-required

Remaining retests: 0 against base HEAD d4f68c0 and 1 for PR HEAD ad8e30d in total

mlguerrero12 · 2023-07-25T06:20:26Z

/retest-required

mlguerrero12 · 2023-07-25T09:21:00Z

/retest-required

mlguerrero12 · 2023-07-25T12:27:12Z

/retest-required

mlguerrero12 · 2023-07-26T06:59:26Z

/retest-required

openshift-ci-robot · 2023-07-26T14:05:16Z

/retest-required

Remaining retests: 0 against base HEAD fc3e0e2 and 0 for PR HEAD ad8e30d in total

openshift-ci-robot · 2023-07-26T17:21:34Z

/hold

Revision ad8e30d was retested 3 times: holding

mlguerrero12 · 2023-08-03T08:04:24Z

/hold cancel
/retest-required

openshift-ci-robot · 2023-08-03T09:47:55Z

/retest-required

Remaining retests: 0 against base HEAD 4178020 and 2 for PR HEAD ad8e30d in total

openshift-ci-robot · 2023-08-03T16:49:47Z

/retest-required

Remaining retests: 0 against base HEAD bbd4854 and 1 for PR HEAD ad8e30d in total

mlguerrero12 · 2023-08-04T09:03:33Z

/retest-required

openshift-ci-robot · 2023-08-04T14:56:23Z

/retest-required

Remaining retests: 0 against base HEAD ba2ab3a and 0 for PR HEAD ad8e30d in total

openshift-ci-robot · 2023-08-04T15:55:47Z

/hold

Revision ad8e30d was retested 3 times: holding

Signed-off-by: Marcelo Guerrero <marguerr@redhat.com>

The daemonset has a BestEffort QoS which means that in some cases, the pods won't ever be scheduled. This also prevents unwanted retries when one or more pods are not ready due to issues with the cluster. https://issues.redhat.com/browse/OCPBUGS-15818 Signed-off-by: Marcelo Guerrero <marguerr@redhat.com>

When there are issues with the cluster such as in https://issues.redhat.com/browse/OCPBUGS-15284, some pods are stuck in the terminating state which affects subsequent reconciliations of the allowlist controller. Signed-off-by: Marcelo Guerrero <marguerr@redhat.com>

mlguerrero12 · 2023-08-07T07:58:33Z

/hold cancel

cgoncalves · 2023-08-07T08:01:00Z

/lgtm

openshift-ci · 2023-08-07T08:01:26Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cgoncalves, dougbtv, mlguerrero12

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

~~OWNERS~~ [dougbtv]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci-robot · 2023-08-07T08:31:37Z

/retest-required

Remaining retests: 0 against base HEAD 829c548 and 2 for PR HEAD 98d6298 in total

mlguerrero12 · 2023-08-07T11:54:02Z

/retest-required

openshift-ci-robot · 2023-08-07T18:12:27Z

/retest-required

Remaining retests: 0 against base HEAD 5104647 and 1 for PR HEAD 98d6298 in total

openshift-ci · 2023-08-07T22:45:29Z

@mlguerrero12: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/e2e-gcp-ovn-upgrade	`98d6298`	link	false	`/test e2e-gcp-ovn-upgrade`
ci/prow/e2e-network-mtu-migration-ovn-ipv4	`98d6298`	link	false	`/test e2e-network-mtu-migration-ovn-ipv4`
ci/prow/e2e-openstack-ovn	`98d6298`	link	false	`/test e2e-openstack-ovn`
ci/prow/e2e-network-mtu-migration-sdn-ipv4	`98d6298`	link	false	`/test e2e-network-mtu-migration-sdn-ipv4`

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

mlguerrero12 · 2023-08-08T06:42:02Z

/retest-required

openshift-ci-robot · 2023-08-08T09:31:21Z

@mlguerrero12: Jira Issue OCPBUGS-16019: All pull requests linked via external trackers have merged:

openshift/cluster-network-operator#1904

Jira Issue OCPBUGS-16019 has been moved to the MODIFIED state.

In response to this:

The daemonset has a BestEffort QoS which means that in some cases, the pods won't ever be scheduled.
This also prevents unwanted retries when one or more pods are not ready due to issues with the cluster.
https://issues.redhat.com/browse/OCPBUGS-15818 (BestEffort Daemonset cni-sysctl-allowlist-ds)

When there are issues with the cluster such as in https://issues.redhat.com/browse/OCPBUGS-15284, some pods are stuck in the terminating state which affects subsequent reconciliations of the allowlist controller.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

mlguerrero12 · 2023-08-08T09:57:04Z

/cherry-pick release-4.13

openshift-cherrypick-robot · 2023-08-08T09:57:48Z

@mlguerrero12: #1904 failed to apply on top of branch "release-4.13":

Applying: Fix log level message when allowlist controller succeeds
Applying: Do not retry when allowlist pods are not ready
Applying: Check only pods owned by current allowlist sysctl DS
Using index info to reconstruct a base tree...
M	pkg/controller/allowlist/allowlist_controller.go
Falling back to patching base and 3-way merge...
Auto-merging pkg/controller/allowlist/allowlist_controller.go
CONFLICT (content): Merge conflict in pkg/controller/allowlist/allowlist_controller.go
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0003 Check only pods owned by current allowlist sysctl DS
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

In response to this:

/cherry-pick release-4.13

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

openshift-ci-robot added jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Jul 17, 2023

openshift-ci-robot added the jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. label Jul 17, 2023

openshift-ci-robot removed the jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. label Jul 17, 2023

openshift-ci bot requested a review from anuragthehatter July 17, 2023 15:08

dougbtv suggested changes Jul 20, 2023

View reviewed changes

openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jul 20, 2023

mlguerrero12 force-pushed the fix16019 branch from 7080224 to ad8e30d Compare July 21, 2023 11:18

openshift-ci bot assigned cgoncalves Jul 21, 2023

openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jul 21, 2023

openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 2, 2023

openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 3, 2023

openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 4, 2023

mlguerrero12 added 3 commits August 7, 2023 09:47

Fix log level message when allowlist controller succeeds

025043e

Signed-off-by: Marcelo Guerrero <marguerr@redhat.com>

mlguerrero12 force-pushed the fix16019 branch from ad8e30d to 98d6298 Compare August 7, 2023 07:47

openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. label Aug 7, 2023

openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 7, 2023

openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Aug 7, 2023

openshift-merge-robot merged commit 2da32c1 into openshift:master Aug 8, 2023
28 of 32 checks passed

This was referenced Aug 8, 2023

OCPBUGS-17457: prevent creation of multiple cni-sysctl-allowlist-ds pods #1936

Merged

OCPBUGS-17656: prevent creation of multiple cni-sysctl-allowlist-ds pods #1948

Merged

OCPBUGS-16019: prevent creation of multiple cni-sysctl-allowlist-ds pods #1904

OCPBUGS-16019: prevent creation of multiple cni-sysctl-allowlist-ds pods #1904

Conversation

mlguerrero12 commented Jul 17, 2023

openshift-ci-robot commented Jul 17, 2023

mlguerrero12 commented Jul 17, 2023

openshift-ci-robot commented Jul 17, 2023

openshift-ci-robot commented Jul 17, 2023

mlguerrero12 commented Jul 18, 2023

mlguerrero12 commented Jul 18, 2023

mlguerrero12 commented Jul 18, 2023

mlguerrero12 commented Jul 19, 2023

mlguerrero12 commented Jul 20, 2023

mlguerrero12 commented Jul 20, 2023

dougbtv Jul 20, 2023

Choose a reason for hiding this comment

mlguerrero12 Jul 21, 2023

Choose a reason for hiding this comment

dougbtv commented Jul 20, 2023

cgoncalves commented Jul 21, 2023

openshift-ci-robot commented Jul 21, 2023

openshift-ci-robot commented Jul 21, 2023

mlguerrero12 commented Jul 25, 2023

mlguerrero12 commented Jul 25, 2023

mlguerrero12 commented Jul 25, 2023

mlguerrero12 commented Jul 26, 2023

openshift-ci-robot commented Jul 26, 2023

openshift-ci-robot commented Jul 26, 2023

mlguerrero12 commented Aug 3, 2023

openshift-ci-robot commented Aug 3, 2023

openshift-ci-robot commented Aug 3, 2023

mlguerrero12 commented Aug 4, 2023

openshift-ci-robot commented Aug 4, 2023

openshift-ci-robot commented Aug 4, 2023

mlguerrero12 commented Aug 7, 2023

cgoncalves commented Aug 7, 2023

openshift-ci bot commented Aug 7, 2023

openshift-ci-robot commented Aug 7, 2023

mlguerrero12 commented Aug 7, 2023

openshift-ci-robot commented Aug 7, 2023

openshift-ci bot commented Aug 7, 2023 • edited

mlguerrero12 commented Aug 8, 2023

openshift-ci-robot commented Aug 8, 2023

mlguerrero12 commented Aug 8, 2023

openshift-cherrypick-robot commented Aug 8, 2023

openshift-ci bot commented Aug 7, 2023 •

edited