OCPBUGS-8464,OCPBUGS-8222,OCPBUGS-8397: [DownstreamMerge] 7 Mar 2023#1556
OCPBUGS-8464,OCPBUGS-8222,OCPBUGS-8397: [DownstreamMerge] 7 Mar 2023#1556openshift-merge-robot merged 18 commits intoopenshift:masterfrom
Conversation
Signed-off-by: Yun Zhou <yunz@nvidia.com>
Signed-off-by: Yun Zhou <yunz@nvidia.com>
ovn-k master to start watching every resource. Add scale metrics for network policies, rename existing enable-eip-scale-metrics flag to more general enable-scale-metrics, and use it for network policy metric too. Signed-off-by: Nadia Pinaeva <npinaeva@redhat.com>
Signed-off-by: Nadia Pinaeva <npinaeva@redhat.com>
Taken from https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/types/pod_update.go Adds the required functions and related code to check if a pod is a static pod Signed-off-by: Ben Pickard <bpickard@redhat.com> Correct START and END comment Signed-off-by: Ben Pickard <bpickard@redhat.com>
When a user creates a static pod on a running cluster, it will get stuck in containerCreating due to this check. The uid on the pod will not match the UID on mirror pod in the apiserver. We check the UID on the pod in checkOrUpdatePodUID, and in the case we always exit early, thinking that the pod was deleted and recreated, which we should not do here. We can ignore this check for static pods The OVN controller will not bind the ovs port if the iface-id-ver from the node does not match what we expect in master. This introduces logic to check if pod is static, then uses the UID in the pods metadata instead of the UID in the interface, which will not match what the apiserver has in the case of static pods Signed-off-by: Ben Pickard <bpickard@redhat.com>
add e2e multihoming tests for localnet network
Add e2e test for creating static pods on cluster Signed-off-by: Ben Pickard <bpickard@redhat.com>
Node dpu test is currently mocking podNameSpaceLister incorrectly. podNameSpaceLister is expecting a pointer to a pod, not a real pod object. This fix corrects this Signed-off-by: Ben Pickard <bpickard@redhat.com>
Add performance metrics for initial sync and netpol
when the acl name is cropped. That happens when namespace name is longer than 43 symbols. Signed-off-by: Nadia Pinaeva <npinaeva@redhat.com>
Add egress firewall external id to make name+externalIDs unique
This commit adds a test to showcase that since syncEgressFirewall isn't calling libovsdbops.BuildACL directly, we are not truncating ACL names. Note that we really need https://github.com/ovn-org/libovsdb/issues/338 for our test server to start screaming for long names. Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com>
This commit ensures we truncate names as a precaution also in CreateOrUpdateACLsOps so that our bases are covered since not all code snippets call BuildACL directly Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com>
Static pod creation
npinaeva
changed the title
openshift-ci-robot
added
jira/valid-reference
|
@npinaeva: This pull request references Jira Issue OCPBUGS-8397, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/jira refresh |
openshift-ci-robot
added
jira/valid-bug
|
@npinaeva: This pull request references Jira Issue OCPBUGS-8397, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
In SetupMaster, we always call CreateOrUpdatePortGroupsOps with empty ACLs and PGs for the cluster-wide port group and cluster-wide-router-PG. This is disruptive during upgrades since momentarily all efw ACLs and multicast ACLs will be wiped out. This commit changes this to first check if the PG already exists, if then no need to do anything. Each of those features are responsible for ensuring ACLs, Ports are good on those PGs they own. NOTE: This bug was an issue for multicast and started being an issue for egf from ovn-kubernetes/ovn-kubernetes@bd29f41 Before that we didn't have ACLs on cluster wide PG. Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com>
Fix syncEgressFirewall (truncate ACL names) and SetupMaster (stop recreating cluster-wide PGs)
|
/retitle OCPBUGS-8464, OCPBUGS-8222, OCPBUGS-8397: [DownstreamMerge] 7 Mar 2023] |
|
/retitle OCPBUGS-8464, OCPBUGS-8222, OCPBUGS-8397: [DownstreamMerge] 7 Mar 2023 |
openshift-ci
bot
changed the title
openshift-ci
bot
changed the title
|
/jira-refresh |
|
/jira refresh |
|
@tssurya: This pull request references Jira Issue OCPBUGS-8397, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/retitle OCPBUGS-8464,OCPBUGS-8222,OCPBUGS-8397: [DownstreamMerge] 7 Mar 2023 |
openshift-ci
bot
changed the title
|
/jira refresh |
|
@tssurya: Jira Issue OCPBUGS-8222 is in a security level that is not in the allowed security levels for this repo.
DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/jira refresh |
openshift-ci-robot
added
the
jira/severity-moderate
|
@tssurya: This pull request references Jira Issue OCPBUGS-8464, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
Requesting review from QA contact: The bug has been updated to refer to the pull request using the external bug tracker. This pull request references Jira Issue OCPBUGS-8222, which is valid. The bug has been moved to the POST state. 3 validation(s) were run on this bug
Requesting review from QA contact: The bug has been updated to refer to the pull request using the external bug tracker. This pull request references Jira Issue OCPBUGS-8397, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/cc @anuragthehatter For verifying https://issues.redhat.com/browse/OCPBUGS-8222; Let's ensure we test fresh installs and upgrades. |
|
/test all |
|
LGTM. |
|
/retest |
|
/approve |
openshift-ci
bot
added
the
approved
|
@npinaeva: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dcbw, npinaeva, tssurya The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@npinaeva: Jira Issue OCPBUGS-8464: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-8464 has been moved to the MODIFIED state. Jira Issue OCPBUGS-8222: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-8222 has been moved to the MODIFIED state. Jira Issue OCPBUGS-8397: All pull requests linked via external trackers have merged: Jira Issue OCPBUGS-8397 has been moved to the MODIFIED state. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
9 participants
no conflicts
/cc @jcaamano