Skip to content

[release-4.13] Switch to rhel-coreos (9) #3603

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
openshift-cherrypick-robot wants to merge 8 commits into from
Closed

[release-4.13] Switch to rhel-coreos (9) #3603

openshift-cherrypick-robot wants to merge 8 commits into from

Conversation

@openshift-cherrypick-robot
Copy link

@openshift-cherrypick-robot openshift-cherrypick-robot commented Mar 10, 2023

This is an automated cherry-pick of #3596

/assign cgwalters

cheesesashimi and others added 8 commits March 10, 2023 01:19
@cheesesashimi
ensures that RHCOS 9 SSH keys are in the right place
a39d540
@cheesesashimi
OKD release controller is out-of-date
bba2cf0
@cheesesashimi
ensures SSH keys get moved to the correct location
3ea8b6d 
When we move from RHCOS 8 -> RHCOS 9, the SSH keys are not being written
to the new location because:

1. When the upgrade configs are written to the node, it is still running RHCOS 8, so the keys are not being written to the new location.
2. The node reboots into RHCOS 9 to complete the upgrade.
3. The "are we on the latest config" functions detect that we are indeed on the latest config and so it does not attempt to perform an update.
@cheesesashimi
teaches TestIgn3Cfg about the new RHCOS 9 key path
85ae4ff
@cheesesashimi
checks perms for SSH key path dirs as well
e3ccab3
@cgwalters
Switch to rhel-coreos (9)
3028a78 
ref: https://issues.redhat.com/browse/COS-1983

We introduced a new `rhel-coreos` that is RHEL 9 to aid having a switch be
an atomic operation.  After design discussion we realized it's easier
to have an "unversioned" image though, so this drops the `-8`.
@cgwalters
daemon: Also override kernel-modules-core
e3e55f1 
Unfortunately rpm-ostree requires this right now; we have an issue
and code to provide a better API in coreos/rpm-ostree#2542
But using that will require shipping the updated rpm-ostree in RHEL 8.6.z
or at least OCP 4.12.z, which is problematic.

Because we know the new MCD will always be upgrading to RHEL9,
for now let's update this hardcoded list.  In the future we can
detect when the running host has `--remove-installed-kernel` and
use it instead.
@cgwalters
openshift-azure-routes: Avoid synchronizing too quickly
963ec9f 
Rapid file changes triggering the path unit can start the
service here frequently, and then this can cause the start
limit to be hit, and then systemd will refuse further
activations (unless we bumped the limit).

I don't think we need to synchronize the iptables
rules more than once every 3 seconds.
@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Mar 10, 2023
Merged
@openshift-ci openshift-ci bot requested review from jkyros and sinnykumari March 10, 2023 01:20
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Mar 10, 2023

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: openshift-cherrypick-robot
Once this PR has been reviewed and has the lgtm label, please assign jkyros for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@cgwalters
Copy link
Member

cgwalters commented Mar 10, 2023

OK so while we merged separate PRs into main...I think what is just going to be way easier is to roll this into both the other two PRs because we really need them all together. I can't seem to push to this PR

To ssh://github.com/openshift-cherrypick-robot/machine-config-operator
 ! [remote rejected]     HEAD -> rhcos9-4.13 (permission denied)

So going to make a different one.

@cgwalters cgwalters closed this Mar 10, 2023
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Mar 10, 2023

@openshift-cherrypick-robot: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/okd-scos-e2e-vsphere-ovn 963ec9f link false /test okd-scos-e2e-vsphere-ovn

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@cgwalters cgwalters mentioned this pull request Mar 10, 2023
Merged
@cgwalters
Copy link
Member

cgwalters commented Mar 10, 2023

This was added to #3604

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jkyros jkyros Awaiting requested review from jkyros

@sinnykumari sinnykumari Awaiting requested review from sinnykumari

Assignees

@cgwalters cgwalters

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@openshift-cherrypick-robot @cgwalters @cheesesashimi