Bug 1990115

Summary: Multus whereabouts assigns duplicate IP addresses to pods when have large number of replicas
Product: OpenShift Container Platform Reporter: Douglas Smith <dosmith>
Component: NetworkingAssignee: Douglas Smith <dosmith>
Networking sub component: multus QA Contact: Weibin Liang <weliang>
Status: CLOSED ERRATA Docs Contact:
Severity: high    
Priority: high CC: aapark, anbhat, dosmith, ealcaniz, eminguez, pibanezr, tohayash, weliang, xingli, yingwang
Version: 4.7   
Target Milestone: ---   
Target Release: 4.9.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: Telco:Networking
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1990113 Environment:
Last Closed: 2021-10-18 17:44:56 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1990113    

Comment 2 Weibin Liang 2021-08-06 19:10:40 UTC 
Wait for https://bugzilla.redhat.com/show_bug.cgi?id=1989734 get fixed first then come back to verify this bug.
Comment 3 Ying Wang 2021-08-18 09:30:36 UTC 
Verified on version below and the issue is fixed.

lilia@liliadeMacBook-Pro mytest % oc version
Client Version: 4.7.5
Server Version: 4.9.0-0.nightly-2021-08-17-122812
Kubernetes Version: v1.22.0-rc.0+3dfed96


Followed the guide to verify this issue:
https://gist.github.com/dougbtv/b12ae309790c1e7c1fab045cff7f7668#verification
1. create network-attachment-definition

lilia@liliadeMacBook-Pro mytest % oc get network-attachment-definitions.k8s.cni.cncf.io 
NAME                         AGE
macvlan-bridge-whereabouts   27m

yaml file:
apiVersion: "k8s.cni.cncf.io/v1"
kind: NetworkAttachmentDefinition
metadata: 
  name: macvlan-bridge-whereabouts
  namespace: bcd
spec: 
  config: '{
      "cniVersion": "0.3.1",
      "name": "whereabouts",
      "type": "macvlan",
      "master": "br-ex",
      "mode": "bridge",
      "ipam": {
        "type": "whereabouts",
        "range": "192.18.0.0/15"
      }
  }'

2. Create the replica set via yaml as below.

apiVersion: apps/v1
kind: ReplicaSet
metadata:
  name: whereabouts-test
  labels:
    app: whereabouts-test
    tier: whereabouts-test
spec:
  # modify replicas according to your case
  replicas: 200
  selector:
    matchLabels:
      tier: whereabouts-test
  template:
    metadata:
      labels:
        tier: whereabouts-test
      annotations:
        k8s.v1.cni.cncf.io/networks: macvlan-bridge-whereabouts
    spec:
      containers:
      - name: samplepod
        command: ["/bin/ash", "-c", "trap : TERM INT; sleep infinity & wait"]
        image: quay.io/openshifttest/hello-sdn@sha256:d5785550cf77b7932b090fcd1a2625472912fb3189d5973f177a5a2c347a1f95

3. After 200 pods were running, checked ip addresses and found no duplicate ip.

lilia@liliadeMacBook-Pro mytest % oc get pods | grep whereabouts-test | awk '{print $1}' | xargs -I {} oc exec -t {} -- ip a | grep "inet 192" | awk '{print $2}' | sort | uniq | wc -l
     200
Comment 6 errata-xmlrpc 2021-10-18 17:44:56 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:3759