Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OCPBUGS-14399: Minor fix to support protectKernelDefaults field in Kubelet Config #3736

Merged
merged 1 commit into from Jun 22, 2023
Merged

OCPBUGS-14399: Minor fix to support protectKernelDefaults field in Kubelet Config #3736

merged 1 commit into from Jun 22, 2023

Conversation

sairameshv
Copy link
Member

"Fixes: https://issues.redhat.com/browse/OCPBUGS-14399"

- What I did
Added a small workaround to support the protectKernelDefaults field of the Kubelet Config when user sets it to false
- How to verify it
Apply the following kubeletconfig to the OCP cluster and observe that the same has been reflected in the /etc/kubernetes/kubelet.conf file of the worker nodes

apiVersion: machineconfiguration.openshift.io/v1
kind: KubeletConfig
metadata:
  name: worker-protect-kernel-defaults
spec:
  machineConfigPoolSelector:
    matchLabels:
      pools.operator.machineconfiguration.openshift.io/worker: ""
  kubeletConfig:
    protectKernelDefaults: false

- Description for the changelog

protectKernelDefaults is set to true in the OCP by default recently. Now, configuring this field via kubeletconfig to false doesn't take effect due to this behavior.
This PR adds a minor fix that allow a user to set the field to false

@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jun 8, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jun 8, 2023

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

@sairameshv sairameshv force-pushed the OCPBUGS-14399 branch 4 times, most recently from 9415821 to 9e9f67a Compare June 9, 2023 02:34
@sairameshv
Copy link
Member Author

/test ?

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jun 9, 2023

@sairameshv: The following commands are available to trigger required jobs:

  • /test 4.12-upgrade-from-stable-4.11-images
  • /test cluster-bootimages
  • /test e2e-aws-ovn
  • /test e2e-aws-ovn-upgrade
  • /test e2e-gcp-op
  • /test e2e-hypershift
  • /test images
  • /test okd-scos-images
  • /test unit
  • /test verify

The following commands are available to trigger optional jobs:

  • /test 4.12-upgrade-from-stable-4.11-e2e-aws-ovn-upgrade
  • /test bootstrap-unit
  • /test e2e-alibabacloud-ovn
  • /test e2e-aws-disruptive
  • /test e2e-aws-ovn-fips
  • /test e2e-aws-ovn-fips-op
  • /test e2e-aws-ovn-workers-rhel8
  • /test e2e-aws-proxy
  • /test e2e-aws-serial
  • /test e2e-aws-single-node
  • /test e2e-aws-upgrade-single-node
  • /test e2e-aws-workers-rhel8
  • /test e2e-azure
  • /test e2e-azure-ovn-upgrade
  • /test e2e-azure-upgrade
  • /test e2e-gcp-op-single-node
  • /test e2e-gcp-ovn-rt-upgrade
  • /test e2e-gcp-rt
  • /test e2e-gcp-rt-op
  • /test e2e-gcp-single-node
  • /test e2e-gcp-upgrade
  • /test e2e-metal-assisted
  • /test e2e-metal-ipi
  • /test e2e-metal-ipi-ovn-dualstack
  • /test e2e-metal-ipi-ovn-ipv6
  • /test e2e-openstack
  • /test e2e-openstack-externallb
  • /test e2e-openstack-parallel
  • /test e2e-ovirt
  • /test e2e-ovirt-upgrade
  • /test e2e-ovn-step-registry
  • /test e2e-vsphere
  • /test e2e-vsphere-upgrade
  • /test e2e-vsphere-upi
  • /test e2e-vsphere-upi-zones
  • /test e2e-vsphere-zones
  • /test okd-e2e-aws
  • /test okd-e2e-gcp-op
  • /test okd-e2e-upgrade
  • /test okd-e2e-vsphere
  • /test okd-images
  • /test okd-scos-e2e-aws-ovn
  • /test okd-scos-e2e-gcp-op
  • /test okd-scos-e2e-gcp-ovn-upgrade
  • /test okd-scos-e2e-vsphere

Use /test all to run the following jobs that were automatically triggered:

  • pull-ci-openshift-machine-config-operator-master-bootstrap-unit
  • pull-ci-openshift-machine-config-operator-master-e2e-aws-ovn
  • pull-ci-openshift-machine-config-operator-master-e2e-aws-ovn-upgrade
  • pull-ci-openshift-machine-config-operator-master-e2e-gcp-op
  • pull-ci-openshift-machine-config-operator-master-e2e-gcp-op-single-node
  • pull-ci-openshift-machine-config-operator-master-e2e-hypershift
  • pull-ci-openshift-machine-config-operator-master-images
  • pull-ci-openshift-machine-config-operator-master-okd-images
  • pull-ci-openshift-machine-config-operator-master-okd-scos-e2e-aws-ovn
  • pull-ci-openshift-machine-config-operator-master-okd-scos-images
  • pull-ci-openshift-machine-config-operator-master-unit
  • pull-ci-openshift-machine-config-operator-master-verify

In response to this:

/test ?

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@sairameshv
Copy link
Member Author

/test unit
/test e2e-gcp-op
/test verify

@sairameshv sairameshv marked this pull request as ready for review June 9, 2023 09:19
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jun 9, 2023
@sairameshv
Copy link
Member Author

/cc @rphillips @yuqi-zhang @harche @QiWang19

@QiWang19
Copy link
Member

QiWang19 commented Jun 9, 2023

/test e2e-hypershift

@sinnykumari
Copy link
Contributor

e2e-hypershift is broken, should be hopefully fixed by openshift/hypershift#2664

@sairameshv
Copy link
Member Author

/retest

@sairameshv
Minor fix to support protectKernelDefaults field in Kubelet Config
4daf7bf 
`protectKernelDefaults` field is an upstream, optional boolean field in the Kubelet Configuration
Recently, this has been defaulted to `true` in the OCP
So, even if the user inputs the field to `false`, this gets omitted due to the tag
Added a minor workaround to detect if the user has set the field to `false`

Signed-off-by: Sai Ramesh Vanka <svanka@redhat.com>
@sairameshv
Copy link
Member Author

/retest

2 similar comments
@sairameshv
Copy link
Member Author

/retest

@sairameshv
Copy link
Member Author

/retest

sinnykumari
sinnykumari approved these changes Jun 22, 2023
View reviewed changes
Copy link
Contributor

@sinnykumari sinnykumari left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM
Needs lgtm from node team
/assign @rphillips

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 22, 2023
@harche
Copy link
Contributor

harche commented Jun 22, 2023

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Jun 22, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jun 22, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: harche, sairameshv, sinnykumari

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@harche
Copy link
Contributor

harche commented Jun 22, 2023

/retest-required

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jun 22, 2023

@sairameshv: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/okd-scos-e2e-aws-ovn 4daf7bf link false /test okd-scos-e2e-aws-ovn

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@openshift-merge-robot openshift-merge-robot merged commit 16969b5 into openshift:master Jun 22, 2023
12 of 13 checks passed
@sairameshv
Copy link
Member Author

/jira refresh

@sairameshv
Copy link
Member Author

/cherry-pick release-4.13

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Jun 26, 2023
Merged
@openshift-cherrypick-robot
Copy link

@sairameshv: new pull request created: #3757

In response to this:

/cherry-pick release-4.13

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@sairameshv sairameshv changed the title OCPBUGS-14399 : Minor fix to support protectKernelDefaults field in Kubelet Config OCPBUGS-14399: Minor fix to support protectKernelDefaults field in Kubelet Config Jun 27, 2023
@sairameshv
Copy link
Member Author

/jira refresh

@openshift-ci-robot
Copy link
Contributor

@sairameshv: Jira Issue OCPBUGS-14399 is in a security level that is not in the allowed security levels for this repo.
Allowed security levels for this repo are:

  • Red Hat Employee
  • default

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@rphillips
Copy link
Contributor

/jira refresh

@openshift-ci-robot
Copy link
Contributor

@rphillips: Jira Issue OCPBUGS-14399: Some pull requests linked via external trackers have merged:

The following pull requests linked via external trackers have not merged:

These pull request must merge or be unlinked from the Jira bug in order for it to move to the next state. Once unlinked, request a bug refresh with /jira refresh.

Jira Issue OCPBUGS-14399 has not been moved to the MODIFIED state.

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@rphillips
Copy link
Contributor

/jira refresh

@openshift-ci-robot
Copy link
Contributor

@rphillips: Jira Issue OCPBUGS-14399: All pull requests linked via external trackers have merged:

Jira Issue OCPBUGS-14399 has been moved to the MODIFIED state.

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sinnykumari sinnykumari sinnykumari approved these changes

@cheesesashimi cheesesashimi Awaiting requested review from cheesesashimi

@jkyros jkyros Awaiting requested review from jkyros

@harche harche Awaiting requested review from harche

@QiWang19 QiWang19 Awaiting requested review from QiWang19

@rphillips rphillips Awaiting requested review from rphillips

@yuqi-zhang yuqi-zhang Awaiting requested review from yuqi-zhang

Assignees

@rphillips rphillips

@harche harche

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
8 participants
@sairameshv @QiWang19 @sinnykumari @harche @openshift-cherrypick-robot @openshift-ci-robot @rphillips @openshift-merge-robot