NO-JIRA: limit fencing credentials to master nodes only.#1885
NO-JIRA: limit fencing credentials to master nodes only.#1885fracappa wants to merge 1 commit intoopenshift-metal3:masterfrom
Conversation
|
Hi @fracappa. Thanks for your PR. I'm waiting for a openshift-metal3 member to verify that this patch is reasonable to test. If it is, they should reply with Regular contributors should join the org to skip this step. Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/ok-to-test |
| fencing: | ||
| credentials: | ||
| {% for hostname in hostnames %} | ||
| {% for hostname in hostnames[:num_masters|int] %} |
There was a problem hiding this comment.
There's a long chain but IINW this derives from AGENT_NODES_HOSTNAMES. As a quick fix it could work, but I won't give it for granted the ordering (first masters, then workers), so I'd evaluate also a more robust solution
There was a problem hiding this comment.
Hi @andfasano, thanks for the feedback!
I agree with you that the previous solution worked as a quick fix but it requires granted ordering in the node evaluation. Just pushed a commit that introduces dedicated master-only BMC arrays.
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: andfasano The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
f95f786 to
fbb93f9
Compare
The agent install config-template iterated over all BMH nodes when generating fencing credentials. With NUM_WORKERS now customizable in TNA/TNF scenario, this produces credentials for worker nodes too, causing install validation failures.
9420ac8 to
5e32a77
Compare
The agent install config-template iterated over all BMH nodes when generating fencing credentials. With NUM_WORKERS now customizable in TNA/TNF scenario, this produces credentials for worker nodes too, causing install validation failures.