Bug 1725089

Summary: KubeMacPool causes many issues due to certificate handling
Product: Container Native Virtualization (CNV) Reporter: Petr Horáček <phoracek>
Component: NetworkingAssignee: Petr Horáček <phoracek>
Status: CLOSED ERRATA QA Contact: Meni Yakove <myakove>
Severity: high Docs Contact:
Priority: high    
Version: 2.0CC: cnv-qe-bugs, danken, mgoldboi, ncredi, sscheink
Target Milestone: ---   
Target Release: 2.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: hco-bundle-registry:v2.0.0-36 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-07-24 20:16:06 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Petr Horáček 2019-06-28 11:57:56 UTC 
Description of problem:
We recently observed multiple issues with KubeMacPool. It causes VMIs to fail while being created or migrated due to timeouts calling KubeMacPool admission webhook.

By removing KubeMacPool, we risk that two VMIs using secondary bridge network interfaces would end up with the same MAC address (although it is unlikely).

Since this bug is not limited to subset of VMI operations, but affects everyone (even when a VMI uses only the default network, it is in risk), we decided to drop KubeMacPool from CNV 2.0 in favor of stability.

This bug should be used to get acks and track PR disabling the feature.
Comment 1 Moran Goldboim 2019-07-01 12:39:20 UTC 
acking on the request to remove mac-pool functionality out of the 2.0 release. mostly due to the fact that it didn't meet the done definition of done and pushed for 2.1
Comment 2 Meni Yakove 2019-07-08 12:42:23 UTC 
hco-bundle-registry:v2.0.0-36
Comment 4 errata-xmlrpc 2019-07-24 20:16:06 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2019:1850