Bug 1719453

Summary: Containers will occasionally receive /etc/resolv.conf with servername as IP from unroutable interface
Product: OpenShift Container Platform Reporter: Chuck Douglas <cdouglas>
Component: NetworkingAssignee: Dan Mace <dmace>
Networking sub component: DNS QA Contact: Hongan Li <hongli>
Status: CLOSED DUPLICATE Docs Contact:
Severity: unspecified    
Priority: unspecified CC: aos-bugs
Version: 3.11.0   
Target Milestone: ---   
Target Release: 3.11.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-10-11 14:44:35 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Chuck Douglas 2019-06-11 20:38:35 UTC 
Customer has 2 interfaces defined on their application node:

bond0 used for node based backups.  This is an unroutable interface that only connects to their SAN for backups.

bond1 primary interface.  Used for actual network traffic both to the node and for connecting to the SDN in OpenShift.

Ideally, when a container is created, it should receive the IP information of the bond1 (routable) interface for its /etc/resolv.conf file.  When this happens, things work as expected.

There are certain times, as yet undefined, where the /etc/resolv.conf contains information from the bond0 (unroutable) interface which breaks SDN connectivity.

We need a way to blacklist an interface to prevent it from being used during container creation.

Customer case:  https://access.redhat.com/support/cases/#/case/02402537
Comment 2 Dan Mace 2019-10-11 01:39:51 UTC 
Chuck, is https://bugzilla.redhat.com/show_bug.cgi?id=1680059 the same?
Comment 3 Chuck Douglas 2019-10-11 14:12:29 UTC 
Hi, Dan

Looks very similar.  We do see a lot of the same issues as noted in that one.  Very likely this is a duplicate.