DescriptionPablo Alonso Rodriguez
2022-01-20 13:04:31 UTC
Description of problem:
One concrete pod is completely unable to reach the cluster IP of kubernetes.default.svc.cluster.local. The error is like this:
2022-01-20T11:08:48.475043081Z F0120 11:08:48.474981 1 cmd.go:72] unable to load configmap based request-header-client-ca-file: Get "https://172.30.0.1:443/api/v1/namespaces/kube-system/configmaps/extension-apiserver-authentication?timeout=10s": dial tcp 172.30.0.1:443: connect: no route to host
Analysis on the OVN data, comparing the wrong pod with a new one, didn't show anything obviously wrong.
Version-Release number of selected component (if applicable):
4.7.40
How reproducible:
Sometimes (not clear)
Steps to Reproduce:
(not clear)
Actual results:
One pod cannot reach kubernetes.default.svc.cluster.local
Expected results:
kubernetes.default.svc.cluster.local to be reachable
Additional info:
PLEASE BE CAREFUL WHILE CONSIDERING POTENTIAL DUPLICATES OF THIS BUG. We have already rolled out some known issues (like BZ#2019809) by installing the right backport. This is why it is crucial to not mark this as duplicate of any bug whose 4.7.z backport is already included in 4.7.40.
Detailed information will follow in attachments
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://access.redhat.com/errata/RHSA-2022:5069