Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OCPBUGS-11110: [release-4.11] Batch potentially big transaction on egress firewall ACLs migration #1629

Merged
merged 3 commits into from Apr 13, 2023
Merged

OCPBUGS-11110: [release-4.11] Batch potentially big transaction on egress firewall ACLs migration #1629

merged 3 commits into from Apr 13, 2023

Conversation

npinaeva
Copy link
Member

@npinaeva npinaeva commented Apr 5, 2023

Backport of #1617
Includes error wrapping fix from #1610

Conflicts:
go-controller/pkg/ovn/egressfirewall.go -
egressFirewallACLPriorityKey is not used in 4.11, because logging
for egress firewall is not implemented

@openshift-ci-robot openshift-ci-robot added the jira/severity-critical Referenced Jira bug's severity is critical for the branch this PR is targeting. label Apr 5, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Apr 5, 2023

@npinaeva: No Bugzilla bug is referenced in the title of this pull request.
To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

In response to this:

OCPBUGS-11110: [release-4.11] Batch potentially big transaction on egress firewall ACLs migration

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci-robot openshift-ci-robot added jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Apr 5, 2023
@openshift-ci-robot
Copy link
Contributor

@npinaeva: This pull request references Jira Issue OCPBUGS-11110, which is invalid:

  • expected Jira Issue OCPBUGS-11110 to depend on a bug targeting a version in 4.12.0, 4.12.z and in one of the following states: VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), but no dependents were found

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

In response to this:

Backport of #1617
Includes error wrapping fix from #1610

Conflicts:
go-controller/pkg/ovn/egressfirewall.go -
egressFirewallACLPriorityKey is not used in 4.11, because logging
for egress firewall is not implemented

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci openshift-ci bot requested review from abhat and tssurya April 5, 2023 20:15
@npinaeva
Copy link
Member Author

npinaeva commented Apr 6, 2023

/jira refresh

@openshift-ci-robot openshift-ci-robot added jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. and removed jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Apr 6, 2023
@openshift-ci-robot
Copy link
Contributor

@npinaeva: This pull request references Jira Issue OCPBUGS-11110, which is valid. The bug has been moved to the POST state.

6 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.11.z) matches configured target version for branch (4.11.z)
  • bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST)
  • dependent bug Jira Issue OCPBUGS-11109 is in the state Verified, which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE))
  • dependent Jira Issue OCPBUGS-11109 targets the "4.12.z" version, which is one of the valid target versions: 4.12.0, 4.12.z
  • bug has dependents

Requesting review from QA contact:
/cc @huiran0826

In response to this:

/jira refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci openshift-ci bot requested a review from huiran0826 April 6, 2023 12:53
@trozet
Copy link
Contributor

trozet commented Apr 6, 2023

/lgtm
/label backport-risk-assessed

@openshift-ci openshift-ci bot added the backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. label Apr 6, 2023
@openshift-ci openshift-ci bot added lgtm Indicates that a PR is ready to be merged. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Apr 6, 2023
@huiran0826
Copy link

/label cherry-pick-approved

@openshift-ci openshift-ci bot added the cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. label Apr 7, 2023
@openshift-ci-robot
Copy link
Contributor

/retest-required

Remaining retests: 0 against base HEAD e22640f and 2 for PR HEAD 95c2254 in total

@openshift-ci-robot
Copy link
Contributor

/retest-required

Remaining retests: 0 against base HEAD 51e880b and 1 for PR HEAD 95c2254 in total

@huiran0826
Copy link

/label qe-approved

@openshift-ci openshift-ci bot added the qe-approved Signifies that QE has signed off on this PR label Apr 10, 2023
@npinaeva
Batch potentially big transaction on egress firewall ACLs migration.
5a64c5b 
The default transaction timeout is 10 seconds, it can be reached
when we delete all egress firewall acls during migration to port groups
from switches.

Signed-off-by: Nadia Pinaeva <npinaeva@redhat.com>
(cherry picked from commit 1896e16)
(cherry picked from commit 7fb527e)
(cherry picked from commit 88ecd8b)

Conflicts:
	go-controller/pkg/ovn/egressfirewall.go -
egressFirewallACLPriorityKey is not used in 4.11, because logging
for egress firewall is not implemented
@npinaeva
fix multiple error aggregation: errors.Wrapf always returns nil if the
6173c7b 
first argument is nil.

Signed-off-by: Nadia Pinaeva <npinaeva@redhat.com>
(cherry picked from commit 11283d6)
(cherry picked from commit 74f95e9)
(cherry picked from commit 8ce4aa4)
@npinaeva
Optimize egress firewall cleanup to only select switches that have
dc46aa9 
stale acls.

Signed-off-by: Nadia Pinaeva <npinaeva@redhat.com>
(cherry picked from commit 81acdc2)
(cherry picked from commit 34eb562)

Conflict; egressfirewall.go - update apimachinery.sets to the previous
version

(cherry picked from commit 0bc8f14)
@openshift-ci openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. label Apr 11, 2023
@npinaeva
Copy link
Member Author

/retest-required

@trozet
Copy link
Contributor

trozet commented Apr 11, 2023

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Apr 11, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Apr 11, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: npinaeva, trozet

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci-robot
Copy link
Contributor

/retest-required

Remaining retests: 0 against base HEAD 51e880b and 2 for PR HEAD dc46aa9 in total

@openshift-ci-robot
Copy link
Contributor

/retest-required

Remaining retests: 0 against base HEAD 5a9f04b and 1 for PR HEAD dc46aa9 in total

@npinaeva
Copy link
Member Author

/retest-required

1 similar comment
@npinaeva
Copy link
Member Author

/retest-required

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Apr 12, 2023
edited

@npinaeva: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/e2e-vsphere-windows dc46aa9 link false /test e2e-vsphere-windows
ci/prow/e2e-azure-ovn dc46aa9 link false /test e2e-azure-ovn
ci/prow/e2e-hypershift dc46aa9 link false /test e2e-hypershift
ci/prow/4.11-upgrade-from-stable-4.10-local-gateway-e2e-aws-ovn-upgrade dc46aa9 link false /test 4.11-upgrade-from-stable-4.10-local-gateway-e2e-aws-ovn-upgrade

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@npinaeva
Copy link
Member Author

/retest-required

@openshift-merge-robot openshift-merge-robot merged commit 7d28d16 into openshift:release-4.11 Apr 13, 2023
23 of 27 checks passed
@openshift-ci-robot
Copy link
Contributor

@npinaeva: Jira Issue OCPBUGS-11110: All pull requests linked via external trackers have merged:

Jira Issue OCPBUGS-11110 has been moved to the MODIFIED state.

In response to this:

Backport of #1617
Includes error wrapping fix from #1610

Conflicts:
go-controller/pkg/ovn/egressfirewall.go -
egressFirewallACLPriorityKey is not used in 4.11, because logging
for egress firewall is not implemented

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@npinaeva npinaeva deleted the ocpbugs-11110 branch April 13, 2023 13:21
@npinaeva
Copy link
Member Author

/cherry-pick release-4.10

@openshift-cherrypick-robot
Copy link

@npinaeva: #1629 failed to apply on top of branch "release-4.10":

Applying: Batch potentially big transaction on egress firewall ACLs migration. The default transaction timeout is 10 seconds, it can be reached when we delete all egress firewall acls during migration to port groups from switches.
Using index info to reconstruct a base tree...
M	go-controller/pkg/ovn/egressfirewall.go
Falling back to patching base and 3-way merge...
Auto-merging go-controller/pkg/ovn/egressfirewall.go
CONFLICT (content): Merge conflict in go-controller/pkg/ovn/egressfirewall.go
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 Batch potentially big transaction on egress firewall ACLs migration. The default transaction timeout is 10 seconds, it can be reached when we delete all egress firewall acls during migration to port groups from switches.
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

In response to this:

/cherry-pick release-4.10

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@npinaeva npinaeva mentioned this pull request Apr 14, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@trozet trozet trozet approved these changes

@abhat abhat Awaiting requested review from abhat

@tssurya tssurya Awaiting requested review from tssurya

@huiran0826 huiran0826 Awaiting requested review from huiran0826

Assignees

@mffiedler mffiedler

@rbbratta rbbratta

@zhaozhanqi zhaozhanqi

@weliang1 weliang1

@anuragthehatter anuragthehatter

@huiran0826 huiran0826

@asood-rh asood-rh

@jechen0648 jechen0648

@yingwang-0320 yingwang-0320

@qiowang721 qiowang721

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. cherry-pick-approved Indicates a cherry-pick PR into a release branch has been approved by the release branch manager. jira/severity-critical Referenced Jira bug's severity is critical for the branch this PR is targeting. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged. qe-approved Signifies that QE has signed off on this PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet