Bug 2084289

Summary: OCP 4.10.4, CNI: SDN; Whereabouts IPAM: Duplicate IP address with bond-cni
Product: OpenShift Container Platform Reporter: Douglas Smith <dosmith>
Component: NetworkingAssignee: Douglas Smith <dosmith>
Networking sub component: multus QA Contact: Weibin Liang <weliang>
Status: CLOSED ERRATA Docs Contact:
Severity: high    
Priority: high CC: ffernand, weliang, wrussell
Version: 4.10   
Target Milestone: ---   
Target Release: 4.10.z   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: Bond CNI version was at 1.0 CNI libraries but Multus CNI was not compatible with the CNI 1.0 format. Consequence: Bond CNI IPAM results were not properly populated in the network-status annotation. This caused Whereabouts IP reconciliation to erroneously clean up these addresses, as it relies on the network-status annotation to know if an IP address is in use during reconciliation. Fix: Implement net-attach-def client library fix to support CNI 1.0 IP addressing format (in pre-1.0 releases) Result: Whereabouts IPAM can be used properly with Bond CNI.
 Story Points: ---
Clone Of: 2082360 Environment:
Last Closed: 2022-06-28 11:50:26 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2082360    
Bug Blocks:    

Comment 4 Weibin Liang 2022-06-06 15:50:05 UTC 
Follow same verified steps in https://bugzilla.redhat.com/show_bug.cgi?id=2082360#c14, verification failed in 4.10.0-0.nightly-2022-06-06-030155. There is no IP address shown there (e.g. one in the 192.0.2.0/24 range) after executing "oc describe pod singlepod | grep network-status -A35 | grep -P "network.status|192.0""

#### Test in 4.10.0-0.nightly-2022-06-06-030155
[weliang@weliang ~]$ oc describe pod singlepod | grep network-status -A35
              k8s.v1.cni.cncf.io/network-status:
                [{
                    "name": "ovn-kubernetes",
                    "interface": "eth0",
                    "ips": [
                        "10.129.2.16"
                    ],
                    "mac": "0a:58:0a:81:02:10",
                    "default": true,
                    "dns": {}
                },{
                    "name": "test/firstnet",
                    "interface": "net1",
                    "ips": [
                        "10.10.0.1"
                    ],
                    "mac": "56:53:55:b8:43:18",
                    "dns": {}
                },{
                    "name": "test/secondnet",
                    "interface": "net2",
                    "ips": [
                        "10.10.0.2"
                    ],
                    "mac": "86:59:b3:04:d0:5e",
                    "dns": {}
                },{
                    "name": "test/bond-net",
                    "interface": "bond0",
                    "mac": "56:53:55:b8:43:18",
                    "dns": {}
                }]
              k8s.v1.cni.cncf.io/networks: firstnet@net1,secondnet@net2,bond-net
              k8s.v1.cni.cncf.io/networks-status:
                [{
                    "name": "ovn-kubernetes",
[weliang@weliang ~]$ oc describe pod singlepod | grep network-status -A35 | grep -P "network.status|192.0"
              k8s.v1.cni.cncf.io/network-status:


#### Test in 4.11.0-0.nightly-2022-06-04-014713

[weliang@weliang ~]$ oc describe pod singlepod | grep network-status -A35
              k8s.v1.cni.cncf.io/network-status:
                [{
                    "name": "ovn-kubernetes",
                    "interface": "eth0",
                    "ips": [
                        "10.131.0.16"
                    ],
                    "mac": "0a:58:0a:83:00:10",
                    "default": true,
                    "dns": {}
                },{
                    "name": "test/firstnet",
                    "interface": "net1",
                    "ips": [
                        "10.10.0.1"
                    ],
                    "mac": "96:3f:2d:5f:15:70",
                    "dns": {}
                },{
                    "name": "test/secondnet",
                    "interface": "net2",
                    "ips": [
                        "10.10.0.2"
                    ],
                    "mac": "fe:c0:b2:c4:04:f7",
                    "dns": {}
                },{
                    "name": "test/bond-net",
                    "interface": "net3",
                    "ips": [
                        "192.0.2.1"
                    ],
                    "mac": "96:3f:2d:5f:15:70",
                    "dns": {}
                }]
              k8s.v1.cni.cncf.io/networks: firstnet@net1,secondnet@net2,bond-net
[weliang@weliang ~]$ oc describe pod singlepod | grep network-status -A35 | grep -P "network.status|192.0"
              k8s.v1.cni.cncf.io/network-status:
                        "192.0.2.1"
[weliang@weliang ~]$
Comment 9 Weibin Liang 2022-06-23 13:56:46 UTC 
Tested in verified in 4.10.20

$ oc describe pod singlepod | grep network-status -A35 | grep -P "network.status|192.0"
Annotations:  k8s.v1.cni.cncf.io/network-status:
                        "192.0.2.1"
$ oc get clusterversion
NAME      VERSION   AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.10.20   True        False         19m     Cluster version is 4.10.20
Comment 11 errata-xmlrpc 2022-06-28 11:50:26 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.10.20 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:5172