Skip to content

Instantly share code, notes, and snippets.

View deads2k's full-sized avatar

David Eads deads2k

  • Red Hat OpenShift
  • Raleigh, NC
View GitHub Profile
@deads2k
deads2k / json
Created September 19, 2024 00:02
{
"apiVersion": "v1",
"items": [
{
"apiVersion": "operator.openshift.io/v1",
"kind": "OpenShiftAPIServer",
"metadata": {
"annotations": {
"include.release.openshift.io/hypershift": "true",
"include.release.openshift.io/ibm-cloud-managed": "true",
@deads2k
deads2k / audit log
Last active September 18, 2024 19:14
deads@fedora:~/workspaces/cluster-debug-tools/src/github.com/openshift/cluster-debug-tools$ ./kubectl-dev_tool audit -f '/home/deads/Downloads/audit-logs(10)/quay-io-openshift-release-dev-ocp-v4-0-art-dev-sha256-f55025d8e6fa790682fec7d7ab788bb062c413a076bb0358ab9df5a71f297ce1/audit_logs/kube-apiserver' --resource=pods --name="pod-network-to-service-disruption-poller-565f9f69c4-nqjgl"
had 35202 line read failures
04:31:28 [CREATE][ 6.25ms] [201] /api/v1/namespaces/e2e-pod-network-disruption-test-wwqv6/pods/pod-network-to-service-disruption-poller-565f9f69c4-nqjgl/binding [system:kube-scheduler]
04:31:28 [UPDATE][ 11.544ms] [200] /api/v1/namespaces/e2e-pod-network-disruption-test-wwqv6/pods/pod-network-to-service-disruption-poller-565f9f69c4-nqjgl/status [system:ovn-node:worker-2]
04:31:28 [ GET][ 2.039ms] [200] /api/v1/namespaces/e2e-pod-network-disruption-test-wwqv6/pods/pod-network-to-service-disruption-poller-565f9f69c4-nqjgl [system:node:worker-2]
{
"apiVersion": "jobset.x-k8s.io/v1alpha2",
"kind": "JobSet",
"metadata": {
"name": "failurepolicy-abcdef",
"creationTimestamp": null
},
"spec": {
"replicatedJobs": [
{
deads@fedora:~/workspaces/kuberentes/src/k8s.io/kubernetes$ oc create -f ../jobset.yaml
The JobSet "failurepolicy" is invalid:
* spec.replicatedJobs[0].template.spec.podFailurePolicy.rules[0].onPodConditions[0].status: Required value
* <nil>: Invalid value: "null": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation
{
"apiVersion": "testing.openshift.io/v1",
"kind": "SSAWithSet",
"metadata": {
"creationTimestamp": "2024-04-24T20:58:42Z",
"generation": 1,
"managedFields": [
{
"apiVersion": "testing.openshift.io/v1",
"fieldsType": "FieldsV1",
{
"GroupVersionResource": {
"Group": "config.openshift.io",
"Version": "v1",
"Resource": "clusteroperators"
},
"RequestCounts": {
"RequestStartedCount": 0,
"RequestFinishedCount": 25256,
"ClientFailedRequestCount": 1716,
how do we ensure only a resource is managed by at most one operator install.
naivest approach: **This one is subpar**
1. in-process controller determines list of all resources to be created
2. check each resource in the controller to see if it is owned by something else
(probably a list across all namespaces of something (extensions?) )
3. if there is another owner, the contorller refuses to create the resource
When I install an app I get a namespaced extension resource
1. extension resource exists in the namespace I installed the app in
apiVersion
kind: NeverCreated
metadata
annotations:
"include.release.openshift.io/ibm-cloud-managed": false
spec:
featureGateTests:
- featureGateName: Example
tests:
- "[sig-arch][OCPFeatureGate:Example] should only run FeatureGated test when enabled"
FeatureGate Default on Hypershift Default on SelfManagedHA Default on SingleNode LatencySensitive on Hypershift LatencySensitive on SelfManagedHA LatencySensitive on SingleNode TechPreviewNoUpgrade on Hypershift TechPreviewNoUpgrade on SelfManagedHA TechPreviewNoUpgrade on SingleNode
BareMetalLoadBalancer Adding as Enabled Adding as Enabled Adding as Enabled Not Available Not Available Not Available Adding as Enabled Adding as Enabled Adding as Enabled
KMSv1
@deads2k
deads2k / cases in the field
Last active March 13, 2024 15:09
featuregates
k8s.io/apiserver
rapid-reset, defaulted to off. In repos vendoring, I needed to enable/disable
k8s.io/client-go
aggregated-discovery - had a bug and needed way for every vendoring binary we cannot recompile to disable. We added env vars.
streaming-list - desire to have different default in kube-controller-manager versus kubelet
kube-controller-manager
client-go/streaming-list - disabled by default in library, kcm wants it enabled by default and controlled via flag.