Bug 1513768

Summary: [3.6] Allow egress router to run on non-default interface
Product: OpenShift Container Platform Reporter: Dan Winship <danw>
Component: NetworkingAssignee: Dan Winship <danw>
Status: CLOSED ERRATA QA Contact: Meng Bo <bmeng>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.6.1CC: aos-bugs, bbennett, bleanhar, bmeng, danw, dyuen, erich, hongli, mcurry, mgarciam, rhowe
Target Milestone: ---   
Target Release: 3.6.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Feature: The "assign-macvlan" pod annotation can now take the name of a network interface rather than just "true" or "false". Reason: Result: egress-routers can now be run on a non-default network interface
 Story Points: ---
Clone Of: 1513764 Environment:
Last Closed: 2017-12-14 21:02:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1513764    
Bug Blocks:    

Description Dan Winship 2017-11-15 22:43:11 UTC 
+++ This bug was initially created as a clone of Bug #1513764 +++

Currently egress-routers always attach themselves to the network interface containing the default route. We need to make it possible to attach one to an alternate interface.

To get this out to a customer quickly, we're doing the simplest possible fix, which is to let the user manually specify a network interface (rather than, say, having OpenShift try to figure out the correct interface automatically based on EGRESS_SOURCE).
Comment 1 Dan Winship 2017-11-17 19:43:49 UTC 
https://github.com/openshift/ose/pull/929
Comment 2 Dan Winship 2017-11-21 21:32:20 UTC 
Merged... how do we get a hotfix built?
Comment 3 Dan Winship 2017-11-29 13:04:17 UTC 
(In reply to Dan Winship from comment #1)
> https://github.com/openshift/ose/pull/929

(plus https://github.com/openshift/ose/pull/936 to fix the build afterward)
Comment 5 Hongan Li 2017-12-06 09:38:47 UTC 
verified in atomic-openshift-3.6.173.0.83-1.git.0.1f70b16.el7.x86_64 and passed.
Comment 9 Ryan Howe 2017-12-07 18:57:45 UTC 
Just for reference:

The annotation will still accept true and false 

    pod.network.openshift.io/assign-macvlan: "true"

this allows it to accept further values like

    pod.network.openshift.io/assign-macvlan: "eth1"
Comment 14 errata-xmlrpc 2017-12-14 21:02:32 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:3438