From 71c32a834cbd259099f27a34a7879110a5e5e3fc Mon Sep 17 00:00:00 2001 From: Bob Fournier Date: Wed, 21 Jun 2023 09:17:31 -0400 Subject: [PATCH] OCPBUGS-14877: Validate that number hosts does not exceed replicas A check was added in https://issues.redhat.com//browse/OCPBUGS-10342 to warn when the number of replicas exceeded the configured hosts, however this did not catch the case when the number of configured hosts exceeds the replicas, so it is added here. In addition this validation will now result in an error instead of a warning since this invalid configuration will cause installation failures. --- .../validations/compact_too_many_masters.txt | 114 ++++++++++++++++++ .../validations/compact_too_many_workers.txt | 114 ++++++++++++++++++ pkg/asset/agent/manifests/nmstateconfig.go | 35 ++++-- 3 files changed, 253 insertions(+), 10 deletions(-) create mode 100644 cmd/openshift-install/testdata/agent/image/validations/compact_too_many_masters.txt create mode 100644 cmd/openshift-install/testdata/agent/image/validations/compact_too_many_workers.txt diff --git a/cmd/openshift-install/testdata/agent/image/validations/compact_too_many_masters.txt b/cmd/openshift-install/testdata/agent/image/validations/compact_too_many_masters.txt new file mode 100644 index 00000000000..4d3855378a8 --- /dev/null +++ b/cmd/openshift-install/testdata/agent/image/validations/compact_too_many_masters.txt @@ -0,0 +1,114 @@ +! exec openshift-install agent create image --dir $WORK + +stderr 'the number of master hosts defined \(4\) exceeds the configured ControlPlane replicas \(3\)' + +! exists $WORK/agent.x86_64.iso +! exists $WORK/auth/kubeconfig +! exists $WORK/auth/kubeadmin-password + +-- install-config.yaml -- +apiVersion: v1 +baseDomain: test.metalkube.org +controlPlane: + name: master + replicas: 3 +compute: +- name: worker + replicas: 0 +metadata: + namespace: cluster0 + name: ostest +networking: + clusterNetwork: + - cidr: 10.128.0.0/14 + hostPrefix: 23 + networkType: OVNKubernetes + machineNetwork: + - cidr: 192.168.111.0/24 + serviceNetwork: + - 172.30.0.0/16 +platform: + baremetal: + apiVips: + - 192.168.111.5 + ingressVips: + - 192.168.111.4 +sshKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDK6UTEydcEKzuNdPaofn8Z2DwgHqdcionLZBiPf/zIRNco++etLsat7Avv7yt04DINQd5zjxIFgG8jblaUB5E5C9ClUcMwb52GO0ay2Y9v1uBv1a4WhI3peKktAzYNk0EBMQlJtXPjRMrC9ylBPh+DsBHMu+KmDnfk7PIwyN4efC8k5kSRuPWoNdme1rz2+umU8FSmaWTHIajrbspf4GQbsntA5kuKEtDbfoNCU97o2KrRnUbeg3a8hwSjfh3u6MhlnGcg5K2Ij+zivEsWGCLKYUtE1ErqwfIzwWmJ6jnV66XCQGHf4Q1iIxqF7s2a1q24cgG2Z/iDXfqXrCIfy4P7b/Ztak3bdT9jfAdVZtdO5/r7I+O5hYhF86ayFlDWzZWP/ByiSb+q4CQbfVgK3BMmiAv2MqLHdhesmD/SmIcoOWUF6rFmRKZVFFpKpt5ATNTgUJ3JRowoXrrDruVXClUGRiCS6Zabd1rZ3VmTchaPJwtzQMdfIWISXj+Ig+C4UK0= +pullSecret: '{"auths": {"quay.io": {"auth": "c3VwZXItc2VjcmV0Cg=="}}}' + +-- agent-config.yaml -- +apiVersion: v1alpha1 +metadata: + name: ostest + namespace: cluster0 +rendezvousIP: 192.168.111.20 +hosts: + - hostname: master-0 + role: master + interfaces: + - name: enp1s0 + macAddress: aa:bb:dc:dd:a8:01 + networkConfig: + interfaces: + - name: enp1s0 + type: ethernet + state: up + mac-address: aa:bb:dc:dd:a8:01 + ipv4: + enabled: true + address: + - ip: 10.19.17.126 + prefix-length: 23 + dhcp: false + - hostname: master-1 + role: master + interfaces: + - name: enp1s0 + macAddress: aa:bb:dc:dd:a8:02 + networkConfig: + interfaces: + - name: enp1s0 + type: ethernet + state: up + mac-address: aa:bb:dc:dd:a8:02 + ipv4: + enabled: true + address: + - ip: 10.19.17.127 + prefix-length: 23 + dhcp: false + - hostname: master-2 + role: master + interfaces: + - name: enp1s0 + macAddress: aa:bb:dc:dd:a8:03 + networkConfig: + interfaces: + - name: enp1s0 + type: ethernet + state: up + mac-address: aa:bb:dc:dd:a8:03 + ipv4: + enabled: true + address: + - ip: 10.19.17.128 + prefix-length: 23 + dhcp: false + - hostname: master-3 + role: master + interfaces: + - name: enp1s0 + macAddress: aa:bb:dc:dd:a8:04 + networkConfig: + interfaces: + - name: enp1s0 + type: ethernet + state: up + mac-address: aa:bb:dc:dd:a8:04 + ipv4: + enabled: true + address: + - ip: 10.19.17.129 + prefix-length: 23 + dhcp: false + diff --git a/cmd/openshift-install/testdata/agent/image/validations/compact_too_many_workers.txt b/cmd/openshift-install/testdata/agent/image/validations/compact_too_many_workers.txt new file mode 100644 index 00000000000..5841a4fafc2 --- /dev/null +++ b/cmd/openshift-install/testdata/agent/image/validations/compact_too_many_workers.txt @@ -0,0 +1,114 @@ +! exec openshift-install agent create image --dir $WORK + +stderr 'the number of worker hosts defined \(1\) exceeds the configured Compute replicas \(0\)' + +! exists $WORK/agent.x86_64.iso +! exists $WORK/auth/kubeconfig +! exists $WORK/auth/kubeadmin-password + +-- install-config.yaml -- +apiVersion: v1 +baseDomain: test.metalkube.org +controlPlane: + name: master + replicas: 3 +compute: +- name: worker + replicas: 0 +metadata: + namespace: cluster0 + name: ostest +networking: + clusterNetwork: + - cidr: 10.128.0.0/14 + hostPrefix: 23 + networkType: OVNKubernetes + machineNetwork: + - cidr: 192.168.111.0/24 + serviceNetwork: + - 172.30.0.0/16 +platform: + baremetal: + apiVips: + - 192.168.111.5 + ingressVips: + - 192.168.111.4 +sshKey: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDK6UTEydcEKzuNdPaofn8Z2DwgHqdcionLZBiPf/zIRNco++etLsat7Avv7yt04DINQd5zjxIFgG8jblaUB5E5C9ClUcMwb52GO0ay2Y9v1uBv1a4WhI3peKktAzYNk0EBMQlJtXPjRMrC9ylBPh+DsBHMu+KmDnfk7PIwyN4efC8k5kSRuPWoNdme1rz2+umU8FSmaWTHIajrbspf4GQbsntA5kuKEtDbfoNCU97o2KrRnUbeg3a8hwSjfh3u6MhlnGcg5K2Ij+zivEsWGCLKYUtE1ErqwfIzwWmJ6jnV66XCQGHf4Q1iIxqF7s2a1q24cgG2Z/iDXfqXrCIfy4P7b/Ztak3bdT9jfAdVZtdO5/r7I+O5hYhF86ayFlDWzZWP/ByiSb+q4CQbfVgK3BMmiAv2MqLHdhesmD/SmIcoOWUF6rFmRKZVFFpKpt5ATNTgUJ3JRowoXrrDruVXClUGRiCS6Zabd1rZ3VmTchaPJwtzQMdfIWISXj+Ig+C4UK0= +pullSecret: '{"auths": {"quay.io": {"auth": "c3VwZXItc2VjcmV0Cg=="}}}' + +-- agent-config.yaml -- +apiVersion: v1alpha1 +metadata: + name: ostest + namespace: cluster0 +rendezvousIP: 192.168.111.20 +hosts: + - hostname: master-0 + role: master + interfaces: + - name: enp1s0 + macAddress: aa:bb:dc:dd:a8:01 + networkConfig: + interfaces: + - name: enp1s0 + type: ethernet + state: up + mac-address: aa:bb:dc:dd:a8:01 + ipv4: + enabled: true + address: + - ip: 10.19.17.126 + prefix-length: 23 + dhcp: false + - hostname: master-1 + role: master + interfaces: + - name: enp1s0 + macAddress: aa:bb:dc:dd:a8:02 + networkConfig: + interfaces: + - name: enp1s0 + type: ethernet + state: up + mac-address: aa:bb:dc:dd:a8:02 + ipv4: + enabled: true + address: + - ip: 10.19.17.127 + prefix-length: 23 + dhcp: false + - hostname: master-2 + role: master + interfaces: + - name: enp1s0 + macAddress: aa:bb:dc:dd:a8:03 + networkConfig: + interfaces: + - name: enp1s0 + type: ethernet + state: up + mac-address: aa:bb:dc:dd:a8:03 + ipv4: + enabled: true + address: + - ip: 10.19.17.128 + prefix-length: 23 + dhcp: false + - hostname: worker-0 + role: worker + interfaces: + - name: enp1s0 + macAddress: aa:bb:dc:dd:a8:04 + networkConfig: + interfaces: + - name: enp1s0 + type: ethernet + state: up + mac-address: aa:bb:dc:dd:a8:04 + ipv4: + enabled: true + address: + - ip: 10.19.17.129 + prefix-length: 23 + dhcp: false + diff --git a/pkg/asset/agent/manifests/nmstateconfig.go b/pkg/asset/agent/manifests/nmstateconfig.go index 005875ed50d..bb834d003a9 100644 --- a/pkg/asset/agent/manifests/nmstateconfig.go +++ b/pkg/asset/agent/manifests/nmstateconfig.go @@ -83,7 +83,9 @@ func (n *NMStateConfig) Generate(dependencies asset.Parents) error { if len(agentConfig.Config.Hosts) == 0 { return nil } - checkHostCount(installConfig.Config, agentConfig) + if err := validateHostCount(installConfig.Config, agentConfig); err != nil { + return err + } for i, host := range agentConfig.Config.Hosts { if host.NetworkConfig.Raw != nil { @@ -340,32 +342,45 @@ func buildMacInterfaceMap(nmStateConfig aiv1beta1.NMStateConfig) models.MacInter return macInterfaceMap } -func checkHostCount(installConfig *types.InstallConfig, agentConfig *agentconfig.AgentConfig) { +func validateHostCount(installConfig *types.InstallConfig, agentConfig *agentconfig.AgentConfig) error { numRequiredMasters, numRequiredWorkers := agent.GetReplicaCount(installConfig) - // Check that the number of replicas matches the configured hosts numMasters := int64(0) numWorkers := int64(0) + // Check for hosts explicitly defined for _, host := range agentConfig.Config.Hosts { switch host.Role { case "master": numMasters++ case "worker": numWorkers++ - case "": - // If not defined, the roles will be matched to replicas + } + } + + // If role is not defined it will first be assigned as a master + for _, host := range agentConfig.Config.Hosts { + if host.Role == "" { if numMasters < numRequiredMasters { numMasters++ - } else if numWorkers < numRequiredWorkers { + } else { numWorkers++ } } } - if numMasters != numRequiredMasters { - logrus.Warnf("The number of hosts configured as masters (%d) does not match the master replicas (%d)", numMasters, numRequiredMasters) + if numMasters != 0 && numMasters < numRequiredMasters { + logrus.Warnf("not enough master hosts defined (%v) to support all the configured ControlPlane replicas (%v)", numMasters, numRequiredMasters) } - if numWorkers != numRequiredWorkers { - logrus.Warnf("The number of hosts configured as workers (%d) does not match the worker replicas (%d)", numWorkers, numRequiredWorkers) + if numMasters > numRequiredMasters { + return fmt.Errorf("the number of master hosts defined (%v) exceeds the configured ControlPlane replicas (%v)", numMasters, numRequiredMasters) } + + if numWorkers != 0 && numWorkers < numRequiredWorkers { + logrus.Warnf("not enough worker hosts defined (%v) to support all the configured Compute replicas (%v)", numWorkers, numRequiredWorkers) + } + if numWorkers > numRequiredWorkers { + return fmt.Errorf("the number of worker hosts defined (%v) exceeds the configured Compute replicas (%v)", numWorkers, numRequiredWorkers) + } + + return nil }