Bug 1974430

Summary:	Dangling lr-route with ICNI 2.0 even after deletion of ICNI router namespace (including the pod with the required annotations) and the application namespace
Product:	OpenShift Container Platform	Reporter:	Andreas Karis <akaris>
Component:	Networking	Assignee:	Jaime Caamaño Ruiz <jcaamano>
Networking sub component:	ovn-kubernetes	QA Contact:	Anurag saxena <anusaxen>
Status:	CLOSED DUPLICATE	Docs Contact:
Severity:	unspecified
Priority:	unspecified	CC:	dansmall, dblack, vpickard
Version:	4.7
Target Milestone:	---
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2021-07-03 07:34:47 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Andreas Karis 2021-06-21 16:41:26 UTC

Description of problem:

Dangling lr-route with ICNI 2.0 even after deletion of ICNI router namespace (including the pod with the required annotations) and the application namespace

I pushed an unrelated MCP modification and MCP reconfigured and restarted my servers. After a few days, I came back to my environment and my ICNI 2.0 setup had stopped working. I tried to reprovision the application by completely deleting the router and application namespace but to no avail. 

The cluster is on 4.7.13:
~~~
[root@openshift-jumpserver-0 ~]# oc get clusterversion
NAME      VERSION   AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.7.13    True        False         11d     Cluster version is 4.7.13
~~~

After I deleted my ICNI 2.0 router and the application (both the router and the application namespace were completely removed), I still saw some dangling routes:
~~~
[root@openshift-jumpserver-0 ~]# oc exec -n openshift-ovn-kubernetes -it $POD -- ovn-nbctl lr-route-list GR_openshift-worker-1
Defaulting container name to ovn-controller.
Use 'oc describe pod/ovnkube-node-7s2kh -n openshift-ovn-kubernetes' to see all of the containers in this pod.
IPv4 Routes
              172.25.2.18           192.168.123.120 src-ip ecmp-symmetric-reply    # <--- here
             172.25.3.171           192.168.123.120 src-ip ecmp-symmetric-reply    # <--- here
            172.24.0.0/14                100.64.0.1 dst-ip
                0.0.0.0/0             192.168.123.1 dst-ip rtoe-GR_openshift-worker-1
~~~

The application pods did not exist any more:
~~~
[root@openshift-jumpserver-0 ~]# oc get pods -A -o wide | grep 172.25.2.18
[root@openshift-jumpserver-0 ~]# oc get pods -A -o wide | grep 172.25.3.171
openshift-monitoring                               thanos-querier-7668d5d5f8-pvhqk                                   5/5     Running     0          5d20h   172.25.3.171      openshift-worker-1   <none>           <none>
~~~


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Further details in my private comment.

Comment 6 Andreas Karis 2021-07-03 07:34:47 UTC


*** This bug has been marked as a duplicate of bug 1978797 ***