MachineConfiguration generated by KubeletConfig is not matched by MachineConfigPool when pool name != nodeSelector in Red Hat OpenShiftContainer Platform 4
Issue
A MachineConfiguration generated by KubeletConfig is not matched by a MachineConfigPool when the pool name and the pool's nodeSelector do not match.
One can easily reproduce the issue with the following configuration:
cat <<'EOF' | oc apply -f -
apiVersion: machineconfiguration.openshift.io/v1
kind: MachineConfigPool
metadata:
name: infra-bad
spec:
machineConfigSelector:
matchExpressions:
- {key: machineconfiguration.openshift.io/role, operator: In, values: [worker,infra-machine-config-selector]}
nodeSelector:
matchLabels:
node-role.kubernetes.io/infra-node-label: ""
EOF
oc label mcp infra-bad pools.operator.machineconfiguration.openshift.io/infra-bad=
cat <<'EOF' | oc apply -f -
apiVersion: machineconfiguration.openshift.io/v1
kind: KubeletConfig
metadata:
name: infra-bad-kubelet-config
spec:
kubeletConfig:
cpuManagerPolicy: static
machineConfigPoolSelector:
matchLabels:
pools.operator.machineconfiguration.openshift.io/infra-bad: ""
EOF
The resulting MachineConfig will have label "machineconfiguration.openshift.io/role":"infra-bad"
which is derived from the MachineConfigPool name:
$ oc get mc 99-infra-bad-generated-kubelet -o jsonpath='{.metadata.labels}'
{"machineconfiguration.openshift.io/role":"infra-bad"}
However, this will not be matched by the MachineConfigPool as infra-bad
is looking for label: machineconfiguration.openshift.io/role: infra-machine-config-selector
.
Environment
Red Hat OpenShift Container Platform 4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.