Bug 1964540
| Summary: | CAPO: It's impossible to make port a trunk when it's defined in `ports` field | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Michał Dulko <mdulko> |
| Component: | Cloud Compute | Assignee: | Adolfo Duarte <adduarte> |
| Cloud Compute sub component: | OpenStack Provider | QA Contact: | Itzik Brown <itbrown> |
| Status: | CLOSED ERRATA | Docs Contact: | |
| Severity: | medium | ||
| Priority: | medium | CC: | adduarte, egarcia, itbrown, m.andre, mbridges, mfedosin, pprinett |
| Version: | 4.8 | Keywords: | Triaged |
| Target Milestone: | --- | ||
| Target Release: | 4.9.0 | ||
| Hardware: | All | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Enhancement | |
| Doc Text: |
Feature:
Allows MachineSet definitions of worker nodes to specify if a spec.Port is to be trunked or not.
Added new field spec.Port.Trunk = bool,
If not specified, spec.Port.Trunk inherits the value of spec.Trunk
Name of trunk created matches the name of the port used.
Reason: UX improvement
Result: The user has more flexibility on which ports result in trunks and which do not.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-10-18 17:31:44 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Confirmed as a bug, i.e. it has to be backported to 4.8. Would Suggested testing: Deploy cluster and test creation of networks with and without trunk settings anabled. Kuryr deployment is suggested for verification. Checked with:
OSP RHOS-16.1-RHEL-8-20210604.n.0
OCP 4.9.0-0.nightly-2021-08-02-145924
After installation with Kuryr created a new worker using the following machineset:
apiVersion: machine.openshift.io/v1beta1
kind: MachineSet
metadata:
annotations:
machine.openshift.io/memoryMb: "16384"
machine.openshift.io/vCPU: "4"
creationTimestamp: "2021-08-03T10:10:30Z"
generation: 1
labels:
machine.openshift.io/cluster-api-cluster: ostest-vq6vz
machine.openshift.io/cluster-api-machine-role: worker
machine.openshift.io/cluster-api-machine-type: worker
name: ostest-vq6vz-worker-100
namespace: openshift-machine-api
resourceVersion: "52886"
uid: 3dbbf7d9-2054-442f-9eb8-802e38bba27b
spec:
replicas: 1
selector:
matchLabels:
machine.openshift.io/cluster-api-cluster: ostest-vq6vz
machine.openshift.io/cluster-api-machineset: ostest-vq6vz-worker-100
template:
metadata:
labels:
machine.openshift.io/cluster-api-cluster: ostest-vq6vz
machine.openshift.io/cluster-api-machine-role: worker
machine.openshift.io/cluster-api-machine-type: worker
machine.openshift.io/cluster-api-machineset: ostest-vq6vz-worker-100
spec:
metadata: {}
providerSpec:
value:
apiVersion: openstackproviderconfig.openshift.io/v1alpha1
cloudName: openstack
cloudsSecret:
name: openstack-cloud-credentials
namespace: openshift-machine-api
flavor: m4.xlarge
image: ostest-vq6vz-rhcos
kind: OpenstackProviderSpec
metadata:
creationTimestamp: null
ports:
- allowedAddressPairs:
- ipAddress: 10.196.0.5
- ipAddress: 10.196.0.7
fixedIPs:
- subnetID: e8f6b8c0-923a-405b-a6d7-165b9a9885da
nameSuffix: nodes
networkID: 4e18aa5a-e0e4-4929-84b7-8a01240770ae
securityGroups:
- 1d58e5ef-7058-4d91-bff6-593f278fb52b
trunk: true
primarySubnet: e8f6b8c0-923a-405b-a6d7-165b9a9885da
securityGroups:
- filter: {}
name: ostest-vq6vz-worker
serverMetadata:
Name: ostest-vq6vz-worker
openshiftClusterID: ostest-vq6vz
tags:
- openshiftClusterID=ostest-vq6vz
trunk: false
userDataSecret:
name: worker-user-data
( Used the following to get the current machineset and modified worker-0 to worker-100 , replaced the networks section with ports section and modifed to trunk: false
$ oc get machineset -n openshift-machine-api $(oc get machineset -n openshift-machine-api |grep worker | awk '{print $1}') -o yaml > worker_machineset.yaml
)
Get the nodes
(shiftstack) [stack@undercloud-0 ~]$ oc get nodes
NAME STATUS ROLES AGE VERSION
ostest-vq6vz-master-0 Ready master 121m v1.21.1+8268f88
ostest-vq6vz-master-1 Ready master 121m v1.21.1+8268f88
ostest-vq6vz-master-2 Ready master 122m v1.21.1+8268f88
ostest-vq6vz-worker-0-dsdg7 Ready worker 106m v1.21.1+8268f88
ostest-vq6vz-worker-0-kggv9 Ready worker 103m v1.21.1+8268f88
ostest-vq6vz-worker-0-z7gvv Ready worker 106m v1.21.1+8268f88
ostest-vq6vz-worker-100-h42tn Ready worker 55m v1.21.1+8268f88
Created the following deployment and service
(shiftstack) [stack@undercloud-0 ~]$ cat deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: demo
labels:
app: demo
spec:
replicas: 4
selector:
matchLabels:
app: demo
template:
metadata:
labels:
app: demo
spec:
containers:
- name: demo
image: kuryr/demo
ports:
- containerPort: 8080
(shiftstack) [stack@undercloud-0 ~]$ cat svc.yaml
apiVersion: v1
kind: Service
metadata:
name: demo
labels:
app: demo
spec:
selector:
app: demo
ports:
- port: 80
protocol: TCP
targetPort: 8080
Check that there is a pod on the new node
$ oc get pods -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
demo-66cdc7b66-95md6 1/1 Running 0 26s 10.128.79.92 ostest-vq6vz-worker-0-dsdg7 <none> <none>
demo-66cdc7b66-v4qpz 1/1 Running 0 26s 10.128.78.249 ostest-vq6vz-worker-0-kggv9 <none> <none>
demo-66cdc7b66-vlrkc 1/1 Running 0 26s 10.128.79.72 ostest-vq6vz-worker-0-z7gvv <none> <none>
demo-66cdc7b66-zhhnm 1/1 Running 0 26s 10.128.78.117 ostest-vq6vz-worker-100-h42tn <none> <none>
Get the service
(shiftstack) [stack@undercloud-0 ~]$ oc get svc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
demo ClusterIP 172.30.229.23 <none> 80/TCP 31s
kubernetes ClusterIP 172.30.0.1 <none> 443/TCP 74m
openshift ExternalName <none> kubernetes.default.svc.cluster.local <none> 65m
Check that the pods on the new worker responds
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-95md6: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-vlrkc: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-v4qpz: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-v4qpz: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-vlrkc: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-vlrkc: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-v4qpz: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-95md6: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-vlrkc: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-95md6: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-vlrkc: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-v4qpz: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-95md6: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-zhhnm: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-zhhnm: HELLO! I AM ALIVE!!!
(shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23
demo-66cdc7b66-95md6: HELLO! I AM ALIVE!!!
Also created a new machineset (After deleting the previous worker)
ports:
- allowedAddressPairs:
- ipAddress: 10.196.0.5
- ipAddress: 10.196.0.7
fixedIPs:
- subnetID: e8f6b8c0-923a-405b-a6d7-165b9a9885da
nameSuffix: nodes
networkID: 4e18aa5a-e0e4-4929-84b7-8a01240770ae
securityGroups:
- 1d58e5ef-7058-4d91-bff6-593f278fb52b
trunk: true
- networkID: 37f2ecac-df2f-4585-a293-5076ba1b1442
nameSuffix: net1
fixedIPs:
- subnetID: f5a61a6c-624a-4b5c-9624-49543d2427e1
trunk: false
Verified that only one trunk was created
(shiftstack) [stack@undercloud-0 ~]$ openstack network trunk list
+--------------------------------------+------------------------------------------------------------------+--------------------------------------+--------------------------------+
| ID | Name | Parent Port | Description |
+--------------------------------------+------------------------------------------------------------------+--------------------------------------+--------------------------------+
| 4219bab4-7fa7-4eff-a91d-30807e055bb5 | ostest-vq6vz-master-trunk-0 | 2003cc24-6015-4450-b35c-03f095e6de0f | Created By OpenShift Installer |
| 4df06d04-9d40-4ebd-8e08-76363eb485b4 | ostest-vq6vz-master-trunk-2 | 728e4cde-539d-48a6-99c7-59fd7b8d6a5b | Created By OpenShift Installer |
| 880f9240-573d-4025-a89c-ca6f4b5a3a99 | ostest-vq6vz-worker-0-dsdg7-e8f6b8c0-923a-405b-a6d7-165b9a9885da | 1497db2f-bebd-4e17-8cf3-e23f96135f04 | |
| b1137145-ab09-4b8d-b93f-a29f004c1241 | ostest-vq6vz-worker-0-z7gvv-e8f6b8c0-923a-405b-a6d7-165b9a9885da | 30f595ce-c02b-46bc-9765-77ba1aacc6d8 | |
| b9b8272c-71c6-4a82-896f-b64475a37ad5 | ostest-vq6vz-master-trunk-1 | 928e56f1-8788-43c2-a2d2-91a1eb0b0882 | Created By OpenShift Installer |
| e1139bfd-de0d-41f1-bdbb-6fcab71daef7 | ostest-vq6vz-worker-101-tvqqw-nodes | ccc3fef4-1fe1-4601-85c3-bf64aa364a2d | |
| efe09839-bfc5-44f7-962e-3ab3ab62ebec | ostest-vq6vz-worker-0-kggv9-e8f6b8c0-923a-405b-a6d7-165b9a9885da | 454f023b-79f0-4bc8-9a76-5a66302fee9d | |
+--------------------------------------+------------------------------------------------------------------+--------------------------------------+--------------------------------+
@itbrown Would you be able to +1 a docs change for this? https://github.com/openshift/openshift-docs/pull/36911 Done Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759 |
Description of problem: When ports are defined in `ports` field you cannot set `trunk: true` on a per-port basis like this: spec: metadata: providerSpec: value: (...) ports: - networkID: foo fixedIPs: - subnetID: bar trunk: true You have to do it using the option related to the whole machine but even then the ports defined on `ports` field won't have a corresponding trunk created. Version-Release number of selected component (if applicable): 4.8 How reproducible: Always Steps to Reproduce: 1. Try creating a Machine specifying `trunk: true` as a port property. 2. Wait for the machine to be created. Actual results: Trunk is not created for that port as that property does not exist in the CRD. Expected results: The property exists and is taken into account. Once this is fixed in 4.8 https://github.com/openshift/installer/pull/4957 can get reverted.