[release-4.15] OCPBUGS-25251: Changed OKD/FCOS workaround to also support Agent-based Installer #7830
Conversation
…d Installer
OKD/FCOS uses FCOS as its bootimage, i.e. when booting cluster nodes
the first time during installation. FCOS does not provide tools such
as OpenShift Client (oc) or crio.service which Agent-based Installer
uses at the rendezvous host, e.g. to launch the bootstrap control
plane.
RHCOS and SCOS include these tools, but FCOS has to pivot the root fs
[1] to okd-machine-os [2] first in order to make those tools available.
Pivoting uses 'rpm-ostree rebase' but the rendezvous host is booted
the first time the node boots from a FCOS Live ISO where the root fs
and /sysroot are mounted read-only. Thus 'rpm-ostree rebase' fails and
necessary tools will not be available, causing the setup to stall.
Until rpm-ostree has implemented support for rebasing Live ISOs [3],
this patch adapts the workaround for SNO installations [4] to also
support Agent-based Installer.
In particular, the Go conditional {{- if .BootstrapInPlace }} which
is used to mark a SNO install has been replaced with a shell if-else
which checks at runtime whether the system is launched from are on a
Live ISO.
Most code in the OpenShift ecosystem is written with RHCOS in mind
and often assumes that tools like oc or crio.service are available.
These assumptions can be satisfied by applying this workaround to all
Live ISO boots. It will not remove functionality or overwrite
configuration files in /etc and thus side effects should be minimal.
The Go conditional {{- if .BootstrapInPlace }} in the release-image-\
pivot.service has been dropped completely. This service is only used
in OKD only, so OCP will not be impacted at all. The 'Before=' option
will not cause systemd to fail if a service does not exist. So, in
case bootkube.service or kubelet.service do not exist, the option will
have no effect.
When bootkube.service or kubelet.service do exist, it must always be
ensured that release-image-pivot.service is started first because it
might reboot the system or change /usr in the Live ISO use case.
So it is safe to drop the Go conditional and ask systemd to always
launch release-image-pivot.service before bootkube.service and
kubelet.service.
[0] https://github.com/openshift/installer/blob/master/data/data/bootstrap/files/usr/local/bin/bootkube.sh.template
[1] https://github.com/openshift/installer/blob/master/data/data/bootstrap/files/usr/local/bin/bootstrap-pivot.sh.template
[2] https://github.com/openshift/okd-machine-os
[3] coreos/rpm-ostree#4547
[4] openshift#7445
|
@openshift-cherrypick-robot: Jira Issue OCPBUGS-19303 has been cloned as Jira Issue OCPBUGS-25251. Will retitle bug to link to clone. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci
bot
changed the title
openshift-ci-robot
added
jira/valid-reference
|
@openshift-cherrypick-robot: This pull request references Jira Issue OCPBUGS-25251, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/test okd-e2e-agent-compact-ipv4 |
1 similar comment
|
/test okd-e2e-agent-compact-ipv4 |
|
agent compact/ha are fine. @vrutkovs @LorbusChris IINW to make the sno job green, I think we'll need to back openshift/okd-machine-os#706 as well |
Build still not landed |
|
/test okd-e2e-agent-sno-ipv6 |
1 similar comment
|
/test okd-e2e-agent-sno-ipv6 |
|
/test okd-e2e-agent-sno-ipv6 |
1 similar comment
|
/test okd-e2e-agent-sno-ipv6 |
|
/test okd-e2e-agent-sno-ipv6 (last run failed due to ci issues) |
|
/test okd-e2e-agent-sno-ipv6 (still CI issues) |
|
/test okd-e2e-agent-sno-ipv6 |
|
/jira refresh |
|
@barbacbd: This pull request references Jira Issue OCPBUGS-25251, which is invalid:
Comment DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira refresh |
openshift-ci-robot
added
jira/valid-bug
|
@vrutkovs: This pull request references Jira Issue OCPBUGS-25251, which is valid. The bug has been moved to the POST state. 6 validation(s) were run on this bug
Requesting review from QA contact: DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/lgtm |
|
/test okd-e2e-agent-sno-ipv6 |
|
@openshift-cherrypick-robot: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
Local tests for agent sno job worked for both plain ipv4/ipv6 version (without ztp manifests). We can go on with this patch, and defer to a separate bug the issue with the ztp manifests /approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: andfasano The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
How do we get the missing labels backport-risk-assessed, cherry-pick-approved? |
@patrickdillon or @sadasu for the backport label. QE for the cherry-pick one. Maybe @gpei ? |
|
/label cherry-pick-approved |
openshift-ci
bot
added
the
cherry-pick-approved
|
/label backport-risk-assessed |
openshift-ci
bot
added
the
backport-risk-assessed
|
@openshift-cherrypick-robot: Jira Issue OCPBUGS-25251: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-25251 has been moved to the MODIFIED state. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
[ART PR BUILD NOTIFIER] This PR has been included in build ose-installer-altinfra-container-v4.15.0-202401241750.p0.g3465f9e.assembly.stream for distgit ose-installer-altinfra. |
|
Fix included in accepted release 4.15.0-0.nightly-2024-01-25-051548 |
12 participants
This is an automated cherry-pick of #7484
/assign LorbusChris