Bug 1909791
Summary: | Update standalone kube-proxy config for EndpointSlice | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Dan Winship <danw> |
Component: | Networking | Assignee: | Dan Winship <danw> |
Networking sub component: | openshift-sdn | QA Contact: | zhaozhanqi <zzhao> |
Status: | CLOSED ERRATA | Docs Contact: | |
Severity: | high | ||
Priority: | high | ||
Version: | 4.7 | ||
Target Milestone: | --- | ||
Target Release: | 4.7.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | No Doc Update | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-02-24 15:47:19 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Dan Winship
2020-12-21 16:20:11 UTC
Verified this bug on 4.7.0-0.nightly-2021-01-04-215816 doh, this was implemented wrong @zhaoazhanqi does QE test Calico or any other other third-party network plugins at all? For the moment, that's the only reliable way of testing that this fix really works. (It has no effect when using openshift-sdn, ovn-kubernetes, or kuryr.) (I'll test it better myself this time before it merges though...) Making this blocker+ since it completely breaks most third-party network plugins. OK, so actually it looks like this was the last piece needed to get hacked-openshift-sdn-with-standalone-kube-proxy to work. So, you could test by doing "openshift-install create manifests", and then adding this to the manifests/ dir before doing "create cluster": --- apiVersion: operator.openshift.io/v1 kind: Network metadata: name: cluster spec: defaultNetwork: type: OpenShiftSDN openshiftSDNConfig: mode: NetworkPolicy enableUnidling: false deployKubeProxy: true --- Then you can confirm that the cluster comes up with a standalone kube-proxy (pods in -n openshift-kube-proxy), and everything still works. Thanks Dan. I should misunderstanding this bug. I try to setup the Calico cluster this time with 4.7.0-0.nightly-2021-01-06-012750, it works well [root@preserve-zzhao calico]# oc get network -o yaml | grep -i networktype: f:networkType: {} f:networkType: {} f:networkType: {} networkType: Calico networkType: Calico [root@preserve-zzhao calico]# oc get pod -n openshift-kube-proxy NAME READY STATUS RESTARTS AGE openshift-kube-proxy-4dhvp 2/2 Running 0 76m openshift-kube-proxy-f8v7m 2/2 Running 0 64m openshift-kube-proxy-h7bvm 2/2 Running 0 65m openshift-kube-proxy-jz7cz 2/2 Running 0 76m openshift-kube-proxy-pczgz 2/2 Running 0 76m openshift-kube-proxy-tl6wf 2/2 Running 0 65m Move this bug to Verified. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633 |