New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[release-4.14] OCPBUGS-22787,OCPBUGS-22788,OCPBUGS-22789: ovnkube: container scripts cleanup #2090
[release-4.14] OCPBUGS-22787,OCPBUGS-22788,OCPBUGS-22789: ovnkube: container scripts cleanup #2090
Conversation
@dcbw: This pull request references Jira Issue OCPBUGS-22787, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. This pull request references Jira Issue OCPBUGS-22788, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. This pull request references Jira Issue OCPBUGS-22789, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/jira refresh |
@dcbw: This pull request references Jira Issue OCPBUGS-22787, which is invalid:
Comment This pull request references Jira Issue OCPBUGS-22788, which is invalid:
Comment This pull request references Jira Issue OCPBUGS-22789, which is valid. The bug has been moved to the POST state. 6 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/retest |
/retest |
/retest |
/jira refresh |
@dcbw: This pull request references Jira Issue OCPBUGS-22787, which is valid. The bug has been moved to the POST state. 6 validation(s) were run on this bug
Requesting review from QA contact: This pull request references Jira Issue OCPBUGS-22788, which is invalid:
Comment This pull request references Jira Issue OCPBUGS-22789, which is valid. 6 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/jira refresh |
@dcbw: This pull request references Jira Issue OCPBUGS-22787, which is valid. 6 validation(s) were run on this bug
Requesting review from QA contact: This pull request references Jira Issue OCPBUGS-22788, which is invalid:
Comment This pull request references Jira Issue OCPBUGS-22789, which is valid. 6 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/test ci/prow/4.14-upgrade-from-stable-4.13-e2e-gcp-ovn-upgrade |
@dcbw: The specified target(s) for
The following commands are available to trigger optional jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/test 4.14-upgrade-from-stable-4.13-e2e-gcp-ovn-upgrade |
During an internal audit conducted by one of our customers in OCP, it was discovered that the openshift-sdn component, specifically on port 9101, has exposed certain cipher suites that are considered weak. We have identified the following weak ciphers that are currently being accepted: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - See [1] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - See [2] [1] https://ciphersuite.info/cs/TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256/ [2] https://ciphersuite.info/cs/TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256/ Reported-at: https://issues.redhat.com/browse/OCPBUGS-15201 Signed-off-by: Flavio Fernandes <flaviof@redhat.com>
Like GENEVE we don't need to conntrack the hybrid overlay VXLAN traffic. Resolves: https://issues.redhat.com/browse/OCPBUGS-10652 Signed-off-by: Dan Williams <dcbw@redhat.com>
ovn-ctl didn't originally handle upgrading clustered databases, but Numan added that to CNO via openshift#755 He then added clustered DB upgrade support to ovn-ctl itself in September 2020: 67e2f386cc838d0b0f9b4b5da7fe611e1113b70c "ovn-ctl: Handle cluster db upgrades for run_(nb/sb)_ovsdb" https://patchwork.ozlabs.org/project/ovn/patch/20200909071939.5095-1-numans@ovn.org/ And we just never removed the upgrade bits from the CNO script. But also, standalone DB upgrades happen before the ovsdb-server starts so the original problem doesn't even apply anymore.
We don't need to wait for RAFT clusters to form anymore so we don't have to wait quite as long for readiness. We might have to wait a bit for a DB conversion, but that's pretty fast these days.
No reason it needs to be in the readiness probe and executed over and over. Put it along with the other options that get set after the DB gets started, like probe intervals and NB_Globals.
Since there's no RAFT, there's no cluster to converge and we don't need to wait.
@dcbw: This pull request references Jira Issue OCPBUGS-22787, which is valid. 6 validation(s) were run on this bug
Requesting review from QA contact: This pull request references Jira Issue OCPBUGS-22788, which is valid. 6 validation(s) were run on this bug
Requesting review from QA contact: This pull request references Jira Issue OCPBUGS-22789, which is valid. 6 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/label cherry-pick-approved |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dcbw, jluhrsen The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/test ci/prow/e2e-vsphere-ovn-windows |
@jluhrsen: The specified target(s) for
The following commands are available to trigger optional jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/test e2e-vsphere-ovn-windows |
@dcbw: The following tests failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/test e2e-aws-sdn-network-reverse-migration |
/tide refresh |
0ede33d
into
openshift:release-4.14
@dcbw: Jira Issue OCPBUGS-22787: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-22787 has been moved to the MODIFIED state. Jira Issue OCPBUGS-22788: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-22788 has been moved to the MODIFIED state. Jira Issue OCPBUGS-22789: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-22789 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
[ART PR BUILD NOTIFIER] This PR has been included in build cluster-network-operator-container-v4.14.0-202312132033.p0.g0ede33d.assembly.stream for distgit cluster-network-operator. |
Fix included in accepted release 4.14.0-0.nightly-2023-12-14-000637 |
Put common scripts into a bash script library and source that library from the ovnkube-node containers.