Bug 1884430: Move kube-rbac-proxy to general ovnkube DeamonSet

[bond95]

Follow up of this PR: #751

Basically it's fixing same issue as for SDN. To avoid deploying metric's DeamonSet before OVN, metrics was moved to OVN DeamonSet.

[openshift-ci-robot]

Hi @bond95. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[juanluisvaladas]

/retest

[juanluisvaladas]

/ok-to-test

[danwinship]

I believe the volume entry in both ovnkube-node.yaml and ovnkube-master.yaml needs to be made optional: true (as it is in bindata/network/openshift-sdn/sdn.yaml), because the secret can't be created until after the network is already up, but if the volume is required then the network won't come up without the secret having already been created.

[juanluisvaladas]

Tests are failing precisely because of this

[juanluisvaladas]

@bond95 can you add this to the PR as well?
#786

[bond95]

/retest

[juanluisvaladas]

/lgtm

[juanluisvaladas]

/retest

[bond95]

/retest

[juanluisvaladas]

/lgtm

[juanluisvaladas]

replace this line with
) || :

So that we don't get the error treated as a fatal. And the same with the node one.

[juanluisvaladas]

/retest

[juanluisvaladas]

@abhat this includes PRs #751 and #786 . I've verified it works on a cluster manually. Can you PTAL?

Logs of the cluster where we see it working as intended

$ oc logs  -c kube-rbac-proxy ovnkube-node-5m24w 
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/usr/lib64/python3.6/json/__init__.py", line 299, in load
    parse_constant=parse_constant, object_pairs_hook=object_pairs_hook, **kw)
  File "/usr/lib64/python3.6/json/__init__.py", line 354, in loads
    return _default_decoder.decode(s)
  File "/usr/lib64/python3.6/json/decoder.py", line 339, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "/usr/lib64/python3.6/json/decoder.py", line 357, in raw_decode
    raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
I0930 17:35:03.208820    6882 main.go:188] Valid token audiences: 
I0930 17:35:03.208920    6882 main.go:261] Reading certificate files
I0930 17:35:03.209213    6882 main.go:294] Starting TCP socket on :9103
I0930 17:35:03.210421    6882 main.go:301] Listening securely on :9103
2020/09/30 17:35:04 http: TLS handshake error from 10.0.32.4:38802: remote error: tls: bad certificate
2020/09/30 17:35:28 http: TLS handshake error from 10.0.32.3:41002: remote error: tls: bad certificate
2020/09/30 17:35:34 http: TLS handshake error from 10.0.32.4:39298: remote error: tls: bad certificate
2020/09/30 17:35:58 http: TLS handshake error from 10.0.32.3:41228: remote error: tls: bad certificate
2020/09/30 17:36:04 http: TLS handshake error from 10.0.32.4:39702: remote error: tls: bad certificate
2020/09/30 17:36:28 http: TLS handshake error from 10.0.32.3:41414: remote error: tls: bad certificate
2020/09/30 17:36:34 http: TLS handshake error from 10.0.32.4:40104: remote error: tls: bad certificate

[juanluisvaladas]

/retest

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[juanluisvaladas]

/bugzilla refresh

[openshift-ci-robot]

@juanluisvaladas: No Bugzilla bug is referenced in the title of this pull request.
To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[juanluisvaladas]

/retitle Bug 1884430: Move kube-rbac-proxy to general ovnkube DeamonSet

[juanluisvaladas]

/bugzilla refresh

[openshift-ci-robot]

@juanluisvaladas: No Bugzilla bug is referenced in the title of this pull request.
To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci-robot]

@bond95: This pull request references Bugzilla bug 1884430, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

3 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target release (4.6.0) matches configured target release for branch (4.6.0)
• bug is in the state ASSIGNED, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

In response to this:

Bug 1884430: Move kube-rbac-proxy to general ovnkube DeamonSet

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[juanluisvaladas]

/test e2e-vsphere-ovn

[juanluisvaladas]

/help

[tssurya]

@juanluisvaladas : can we please make sure we don't break that alerts-job thing again ? We have already bounced around this label change quiet a few times:

1. https://github.com/openshift/cluster-network-operator/pull/742/files
2. https://github.com/openshift/cluster-network-operator/pull/436/files

[juanluisvaladas]

@tssurya what needs to be changed? I see tests are passing so it should be fine

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-ci-robot]

@bond95: The following tests failed, say /retest to rerun all failed tests:

Test name	Commit	Details	Rerun command
ci/prow/e2e-gcp-upgrade	b7f8cc4	link	/test e2e-gcp-upgrade
ci/prow/e2e-vsphere	661f1d5	link	/test e2e-vsphere
ci/prow/e2e-openstack	518118b	link	/test e2e-openstack

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[openshift-bot]

/retest

Please review the full test history for this PR and help us cut down flakes.

[openshift-ci-robot]

@bond95: All pull requests linked via external trackers have merged:

• openshift/cluster-network-operator#778

Bugzilla bug 1884430 has been moved to the MODIFIED state.

In response to this:

Bug 1884430: Move kube-rbac-proxy to general ovnkube DeamonSet

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.