Skip to content

OCPNODE-1501: add protectKernelDefaults to kubelet config#3556

Merged
openshift-merge-robot merged 1 commit intoopenshift:masterfrom
rphillips:add_protect_kernel_defaults
Feb 21, 2023
Merged

OCPNODE-1501: add protectKernelDefaults to kubelet config#3556
openshift-merge-robot merged 1 commit intoopenshift:masterfrom
rphillips:add_protect_kernel_defaults

Conversation

@rphillips
Copy link
Copy Markdown
Contributor

@rphillips rphillips commented Feb 15, 2023
edited
Loading

- What I did
Enables protectKernelDefaults by default.

- How to verify it

- Description for the changelog

@openshift-ci openshift-ci Bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Feb 15, 2023
@openshift-ci openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 15, 2023
@rphillips rphillips changed the title WIP: add protectKerneLDefaults WIP: add protectKernelDefaults Feb 15, 2023
@rphillips
Copy link
Copy Markdown
Contributor Author

rphillips commented Feb 15, 2023

/hold

@openshift-ci openshift-ci Bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 15, 2023
@rphillips rphillips mentioned this pull request Feb 15, 2023
Merged
@rphillips rphillips changed the title WIP: add protectKernelDefaults add protectKernelDefaults to kubelet config Feb 20, 2023
@openshift-ci openshift-ci Bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Feb 20, 2023
@rphillips rphillips force-pushed the add_protect_kernel_defaults branch from 69dbf63 to 6be8c03 Compare February 20, 2023 17:34
@rphillips
Copy link
Copy Markdown
Contributor Author

rphillips commented Feb 20, 2023

/hold cancel

@openshift-ci openshift-ci Bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 20, 2023
@rphillips
Copy link
Copy Markdown
Contributor Author

rphillips commented Feb 20, 2023

/test ci/prow/unit

@openshift-ci
Copy link
Copy Markdown
Contributor

openshift-ci Bot commented Feb 20, 2023

@rphillips: The specified target(s) for /test were not found.
The following commands are available to trigger required jobs:

  • /test 4.12-upgrade-from-stable-4.11-images
  • /test cluster-bootimages
  • /test e2e-aws-ovn
  • /test e2e-aws-ovn-upgrade
  • /test e2e-gcp-op
  • /test images
  • /test okd-scos-images
  • /test unit
  • /test verify

The following commands are available to trigger optional jobs:

  • /test 4.12-upgrade-from-stable-4.11-e2e-aws-ovn-upgrade
  • /test bootstrap-unit
  • /test e2e-alibabacloud-ovn
  • /test e2e-aws-disruptive
  • /test e2e-aws-ovn-fips
  • /test e2e-aws-ovn-fips-op
  • /test e2e-aws-ovn-workers-rhel8
  • /test e2e-aws-proxy
  • /test e2e-aws-serial
  • /test e2e-aws-single-node
  • /test e2e-aws-upgrade-single-node
  • /test e2e-aws-workers-rhel8
  • /test e2e-azure
  • /test e2e-azure-ovn-upgrade
  • /test e2e-azure-upgrade
  • /test e2e-gcp-op-single-node
  • /test e2e-gcp-rt
  • /test e2e-gcp-rt-op
  • /test e2e-gcp-single-node
  • /test e2e-gcp-upgrade
  • /test e2e-hypershift
  • /test e2e-metal-assisted
  • /test e2e-metal-ipi
  • /test e2e-metal-ipi-ovn-dualstack
  • /test e2e-metal-ipi-ovn-ipv6
  • /test e2e-openstack
  • /test e2e-openstack-parallel
  • /test e2e-ovirt
  • /test e2e-ovirt-upgrade
  • /test e2e-ovn-step-registry
  • /test e2e-vsphere
  • /test e2e-vsphere-upgrade
  • /test e2e-vsphere-upi
  • /test okd-e2e-aws
  • /test okd-e2e-gcp-op
  • /test okd-e2e-upgrade
  • /test okd-e2e-vsphere
  • /test okd-images
  • /test okd-scos-e2e-aws-ovn
  • /test okd-scos-e2e-gcp-op
  • /test okd-scos-e2e-gcp-ovn-upgrade
  • /test okd-scos-e2e-vsphere

Use /test all to run the following jobs that were automatically triggered:

  • pull-ci-openshift-machine-config-operator-master-e2e-alibabacloud-ovn
  • pull-ci-openshift-machine-config-operator-master-e2e-aws-ovn
  • pull-ci-openshift-machine-config-operator-master-e2e-aws-ovn-upgrade
  • pull-ci-openshift-machine-config-operator-master-e2e-gcp-op
  • pull-ci-openshift-machine-config-operator-master-e2e-hypershift
  • pull-ci-openshift-machine-config-operator-master-images
  • pull-ci-openshift-machine-config-operator-master-okd-images
  • pull-ci-openshift-machine-config-operator-master-okd-scos-e2e-aws-ovn
  • pull-ci-openshift-machine-config-operator-master-okd-scos-e2e-gcp-ovn-upgrade
  • pull-ci-openshift-machine-config-operator-master-okd-scos-images
  • pull-ci-openshift-machine-config-operator-master-unit
  • pull-ci-openshift-machine-config-operator-master-verify
Details

In response to this:

/test ci/prow/unit

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@rphillips
Copy link
Copy Markdown
Contributor Author

rphillips commented Feb 20, 2023

/test unit

@rphillips rphillips changed the title add protectKernelDefaults to kubelet config OCPNODE-1501: add protectKernelDefaults to kubelet config Feb 20, 2023
@openshift-ci-robot openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Feb 20, 2023
@openshift-ci-robot
Copy link
Copy Markdown
Contributor

openshift-ci-robot commented Feb 20, 2023
edited by openshift-ci Bot
Loading

@rphillips: This pull request references OCPNODE-1501 which is a valid jira issue.

Details

In response to this:

This will fail until openshift/kubernetes#1475 merges

- What I did

- How to verify it

- Description for the changelog

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@rphillips
Copy link
Copy Markdown
Contributor Author

rphillips commented Feb 20, 2023

/hold for a new rhcos release in 4.13

@openshift-ci openshift-ci Bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 20, 2023
@rphillips
Copy link
Copy Markdown
Contributor Author

rphillips commented Feb 21, 2023

/retest-required

@openshift-ci-robot
Copy link
Copy Markdown
Contributor

openshift-ci-robot commented Feb 21, 2023
edited by openshift-ci Bot
Loading

@rphillips: This pull request references OCPNODE-1501 which is a valid jira issue.

Details

In response to this:

- What I did
Enables protectKernelDefaults by default.

- How to verify it

- Description for the changelog

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@rphillips
Copy link
Copy Markdown
Contributor Author

rphillips commented Feb 21, 2023

/hold cancel

@openshift-ci openshift-ci Bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 21, 2023
sairameshv
sairameshv approved these changes Feb 21, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@sairameshv sairameshv left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sairameshv
Copy link
Copy Markdown
Member

sairameshv commented Feb 21, 2023

/lgtm

@openshift-ci openshift-ci Bot added the lgtm Indicates that a PR is ready to be merged. label Feb 21, 2023
@openshift-ci
Copy link
Copy Markdown
Contributor

openshift-ci Bot commented Feb 21, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rphillips, sairameshv

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci
Copy link
Copy Markdown
Contributor

openshift-ci Bot commented Feb 21, 2023

@rphillips: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/okd-scos-e2e-gcp-ovn-upgrade 6be8c03 link false /test okd-scos-e2e-gcp-ovn-upgrade
ci/prow/e2e-hypershift 6be8c03 link false /test e2e-hypershift
ci/prow/okd-scos-e2e-aws-ovn 6be8c03 link false /test okd-scos-e2e-aws-ovn
ci/prow/e2e-alibabacloud-ovn 6be8c03 link false /test e2e-alibabacloud-ovn

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@openshift-merge-robot openshift-merge-robot merged commit 8671aa4 into openshift:master Feb 21, 2023
@vrutkovs
Copy link
Copy Markdown
Contributor

vrutkovs commented Feb 22, 2023

This breaks OKD:

Feb 22 00:55:29 ip-10-0-130-89 kubenswrapper[10917]: I0222 00:55:29.556090   10917 state_mem.go:35] "Initializing new in-memory state store"
Feb 22 00:55:29 ip-10-0-130-89 kubenswrapper[10917]: E0222 00:55:29.557737   10917 kubelet.go:1479] "Failed to start ContainerManager" err="[invalid kernel flag: kernel/panic, expected value: 10, actual value: 0, invalid kernel flag: kernel/panic_on_oops, expected value: 1, actual value: 0, invalid kernel flag: vm/overcommit_memory, expected value: 1, actual value: 0]"
Feb 22 00:55:29 ip-10-0-130-89 systemd[1]: kubelet.service: Main process exited, code=exited, status=1/FAILURE
Feb 22 00:55:29 ip-10-0-130-89 systemd[1]: kubelet.service: Failed with result 'exit-code'.

Do we need to set some kernel args?

@rphillips
Copy link
Copy Markdown
Contributor Author

rphillips commented Feb 22, 2023

@vrutkovs openshift/kubernetes#1475 merged to add the default sysctls to the rpm.

@vrutkovs
Copy link
Copy Markdown
Contributor

vrutkovs commented Feb 22, 2023

Thanks! openshift/okd-machine-os#533 should fix OKD's machine-os-content

@sairameshv sairameshv mentioned this pull request Jun 8, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cgwalters cgwalters Awaiting requested review from cgwalters

@cheesesashimi cheesesashimi Awaiting requested review from cheesesashimi

1 more reviewer

@sairameshv sairameshv sairameshv approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@sairameshv sairameshv

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@rphillips @openshift-ci-robot @sairameshv @vrutkovs @openshift-merge-robot