Bug 1811139

Summary: [4.4] backport kubelet "--node-ip ::" fix
Product: OpenShift Container Platform Reporter: Dan Winship <danw>
Component: Machine Config OperatorAssignee: Antonio Murdaca <amurdaca>
Status: CLOSED ERRATA QA Contact: Michael Nguyen <mnguyen>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 4.4CC: amurdaca, mnguyen
Target Milestone: ---   
Target Release: 4.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1811137 Environment:
Last Closed: 2020-05-04 11:45:08 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1811137    

Description Dan Winship 2020-03-06 17:06:42 UTC 
+++ This bug was initially created as a clone of Bug #1811137 +++

In 4.4 we added code to pass "--node-ip ::" to kubelet on single-stack IPv6 non-bare-metal to tell it to advertise an IPv6 node address rather than an IPv4 one. This accidentally never got backported.

(This doesn't affect bare-metal, where we pass an explicit --node-ip to ensure that it doesn't pick the wrong IPv6 address.)
Comment 4 Dan Winship 2020-03-09 15:34:28 UTC 
This only affects cloud platforms, not bare metal, and we still don't have working Azure IPv6 so I'm going to verify this myself:

danw@p50:installer (master)> openshift-install version
openshift-install 4.4.0-0.nightly-2020-03-09-120006
built from commit f371355517f9da267c295e11c01cd3dfc54b39d4
release image registry.svc.ci.openshift.org/ocp/release@sha256:d4e0843bd7b24a593aea24738bcbd5ba4d4cac4ed145d16f84fc98b8be2c197e

danw@p50:installer (master)> oc debug node/dwinship-ipv6-cqscb-master-0
Starting pod/dwinship-ipv6-cqscb-master-0-debug ...
To use host binaries, run `chroot /host`
chroot /host
Pod IP: fc00::6
If you don't see a command prompt, try pressing enter.
chroot /host
sh-4.4# ps wwaux|grep kubelet
root        1355  2.9  0.2 2160996 96544 ?       Ssl  15:25   0:05 kubelet --config=/etc/kubernetes/kubelet.conf --bootstrap-kubeconfig=/etc/kubernetes/kubeconfig --kubeconfig=/var/lib/kubelet/kubeconfig --container-runtime=remote --container-runtime-endpoint=/var/run/crio/crio.sock --node-labels=node-role.kubernetes.io/master,node.openshift.io/os_id=rhcos --node-ip :: --minimum-container-ttl-duration=6m0s --cloud-provider=azure --volume-plugin-dir=/etc/kubernetes/kubelet-plugins/volume/exec --cloud-config=/etc/kubernetes/cloud.conf --register-with-taints=node-role.kubernetes.io/master=:NoSchedule --v=3


"--node-ip ::" appears in kubelet command line as expected

(Note that this is testing a commit that merged to 4.4 months ago so there's no need to verify "doesn't break IPv4", since IPv4 would have been broken months ago if it did.)
Comment 6 errata-xmlrpc 2020-05-04 11:45:08 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0581