Bug 1896320
Summary: | ovirt-csi-driver-operator pod crashes upon OCP upgrade from 4.5 to 4.6 on RHV platform | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Oren Cohen <ocohen> |
Component: | Storage | Assignee: | Benny Zlotnik <bzlotnik> |
Storage sub component: | oVirt CSI Driver | QA Contact: | Lucie Leistnerova <lleistne> |
Status: | CLOSED WONTFIX | Docs Contact: | |
Severity: | medium | ||
Priority: | medium | CC: | aos-bugs, danken, ellorent, gzaidman, hpopal, phoracek, ychoukse |
Version: | 4.6 | ||
Target Milestone: | --- | ||
Target Release: | 4.8.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-02-25 14:46:26 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Oren Cohen
2020-11-10 09:38:18 UTC
So the logs are extremely confusing, but the relevant error is: E1110 09:21:15.641660 1 starter.go:36] yaml: line 3: found character that cannot start any token Ultimately the issue is caused by the ovirt-api password starting with a reserved character, this can be resolved by editing the ovirt-credentials object and wrap the password with quotes. I created a PR to fail earlier so the logs aren't as difficult to read It turned out that ovirt-csi-driver-node DaemonSet's pods are colliding with nmstate-handler DaemonSet's pods (part of CNV). They are both listening to port 8080 on the host level. Meaning, the issue is reproducing only on OCP-over-RHV clusters, version 4.6, with OpenShift Virtualization installed, at least from version 2.4. From what I gathered from CNV network team, this port on nmstate is used for metrics and can be disabled. Hi, we are trying to release CNAO https://github.com/kubevirt/cluster-network-addons-operator/pull/667 but looks like we have some issues in the CI, it includes the fixes at kubernetes-nmstate to close port 8080. (In reply to Benny Zlotnik from comment #1) > So the logs are extremely confusing, but the relevant error is: > E1110 09:21:15.641660 1 starter.go:36] yaml: line 3: found character > that cannot start any token > > Ultimately the issue is caused by the ovirt-api password starting with a > reserved character, this can be resolved by editing the ovirt-credentials > object and wrap the password with quotes. > > I created a PR to fail earlier so the logs aren't as difficult to read Thanks for making the logs more readable. However the important thing is that the ovirt_password secret must accept any printable character. It is encrypted in base64 armor exactly to allow this. After ovirt-csi-driver reads it, it should quote it according to the destination. From what you say it seems that I cannot have a password that starts with quotes, either. due to capacity constraints we will be revisiting this bug in the upcoming sprint Moving this Bug to https://bugzilla.redhat.com/show_bug.cgi?id=1933028 |