Bug 1449058

Summary: should remove the stale open-flow rules when delete project which has enabled multicast
Product: OpenShift Container Platform Reporter: Hongan Li <hongli>
Component: NetworkingAssignee: Dan Williams <dcbw>
Status: CLOSED ERRATA QA Contact: Meng Bo <bmeng>
Severity: low Docs Contact:
Priority: medium    
Version: 3.6.0CC: aos-bugs, smunilla
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-08-10 05:23:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Hongan Li 2017-05-09 07:38:06 UTC 
Description of problem:
after adding annotation netnamespace.network.openshift.io/multicast-enabled=true  to the netnamespace, it will create one open-flow rule in table 110. But after delete the project (do not remove the annotation) the rule is still there as below:

# ovs-ofctl dump-flows br0 -O openflow13 | grep table=110
 cookie=0x0, duration=1905.228s, table=110, n_packets=0, n_bytes=0, reg0=0x70aacd actions=goto_table:111
 cookie=0x0, duration=1541.088s, table=110, n_packets=0, n_bytes=0, reg0=0xcb8782 actions=goto_table:111



Version-Release number of selected component (if applicable):
openshift v3.6.65
kubernetes v1.6.1+5115d708d7
etcd 3.1.0
openvswitch-2.6.1-10.git20161206.el7fdp.x86_64

How reproducible:
always

Steps to Reproduce:
1. create project u1p1
2. oc annotate netnamespace u1p1 netnamespace.network.openshift.io/multicast-enabled=true
3. delete project u1p1

Actual results:
the open-flow rules for the netnamespace which enabled multicast is not removed. if repeating above steps many times, you will found many useless rules are still there until restart openvswitch.


Expected results:
should remove the stale open-flow rules when delete project/netnamespace which has enabled multicast.

Additional info:
workaround: remove the annotation before delete the project; or restart openvswitch to clear the stale rules.
Comment 1 Dan Williams 2017-05-21 04:24:09 UTC 
Upstream PR: https://github.com/openshift/origin/pull/14231
Comment 3 Hongan Li 2017-06-05 05:24:18 UTC 
verified in atomic-openshift-3.6.94-1.git.0.ba4aad2.el7.x86_64 and the issue has been fixed.
Comment 5 errata-xmlrpc 2017-08-10 05:23:08 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2017:1716