Bug 2093368
| Summary: | Installer orphans FIPs created for LoadBalancer Services on `cluster destroy` | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Michał Dulko <mdulko> |
| Component: | Installer | Assignee: | Michał Dulko <mdulko> |
| Installer sub component: | OpenShift on OpenStack | QA Contact: | Jon Uriarte <juriarte> |
| Status: | CLOSED ERRATA | Docs Contact: | |
| Severity: | medium | ||
| Priority: | medium | CC: | pprinett |
| Version: | 4.11 | Keywords: | Triaged |
| Target Milestone: | --- | ||
| Target Release: | 4.11.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | No Doc Update | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2022-08-10 11:16:16 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Michał Dulko
2022-06-03 14:24:21 UTC
Verified in 4.11.0-0.nightly-2022-06-14-172335 on top of OSP 16.1.6. Verification steps: 1. Install OCP 4.11 with Kuryr networkType $ oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.11.0-0.nightly-2022-06-14-172335 True False 7h37m Cluster version is 4.11.0-0.nightly-2022-06-14-17233 2. Create a LB type service $ cat <<EOF | oc apply -f - --- apiVersion: project.openshift.io/v1 kind: Project metadata: name: bz2093368-ns labels: kubernetes.io/metadata.name: bz2093368-ns --- apiVersion: apps/v1 kind: Deployment metadata: name: bz2093368-dep namespace: bz2093368-ns labels: app: bz2093368-dep spec: replicas: 2 selector: matchLabels: app: bz2093368-dep template: metadata: labels: app: bz2093368-dep spec: securityContext: runAsNonRoot: true seccompProfile: type: RuntimeDefault containers: - image: quay.io/kuryr/demo securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL name: demo --- apiVersion: v1 kind: Service metadata: name: bz2093368-svc namespace: bz2093368-ns labels: app: bz2093368-dep spec: ports: - port: 80 targetPort: 8080 selector: app: bz2093368-dep type: LoadBalancer EOF 3. Wait until the LB and svc are created $ oc get svc -A NAMESPACE NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE [...] bz2093368-ns bz2093368-svc LoadBalancer 172.30.246.152 10.0.0.181 80:32198/TCP 90s $ openstack loadbalancer list +--------------------------------------+----------------------------+----------------------------------+----------------+---------------------+----------+ | id | name | project_id | vip_address | provisioning_status | provider | +--------------------------------------+----------------------------+----------------------------------+----------------+---------------------+----------+ [...] | a4a47f48-8bd6-4d19-8180-cbd82a15c148 | bz2093368-ns/bz2093368-svc | 42a001f17da442e9a0e894a1a7052603 | 172.30.246.152 | ACTIVE | ovn | +--------------------------------------+----------------------------+----------------------------------+----------------+---------------------+----------+ $ openstack floating ip list #note the LB type svc FIP (id:6e9d6c27-9b4f-4c8e-b628-179ac1aaca86, fip:10.0.0.181) +--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+ | ID | Floating IP Address | Fixed IP Address | Port | Floating Network | +--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+ | 6e9d6c27-9b4f-4c8e-b628-179ac1aaca86 | 10.0.0.181 | 172.30.246.152 | f34a7a44-bf5a-4c1d-a891-9a9e96c44ddd | 4634cf2c-056f-4dee-98de-6b4e68b7af5b | | 7c55fdd3-f102-4508-bc57-29745fe8f9c3 | 10.0.0.202 | 10.196.0.7 | dd707f2e-b504-4dc7-a03b-36d5c28b40d8 | 4634cf2c-056f-4dee-98de-6b4e68b7af5b | | b395ff0e-9fb6-424e-addd-e99e12bcc988 | 10.0.0.232 | 10.196.0.5 | 154a135d-d983-4983-964e-b830b16f16c7 | 4634cf2c-056f-4dee-98de-6b4e68b7af5b | +--------------------------------------+---------------------+------------------+--------------------------------------+--------------------------------------+ 4. Check connectivity to the service $ curl 10.0.0.181 bz2093368-dep-64bc765fb6-xcqgl: HELLO! I AM ALIVE!!! $ curl 10.0.0.181 bz2093368-dep-64bc765fb6-vzjwg: HELLO! I AM ALIVE!!! 5. Destroy the cluster and check the LB fip does not exist $ openshift-install destroy cluster --dir=<dir> [...] time="2022-06-16T02:13:25-04:00" level=debug msg="Deleting Floating IP \"6e9d6c27-9b4f-4c8e-b628-179ac1aaca86\"" [...] time="2022-06-16T02:16:50-04:00" level=info msg="Time elapsed: 3m28s" $ openstack floating ip list +--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+ | ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project | +--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+ | 7c55fdd3-f102-4508-bc57-29745fe8f9c3 | 10.0.0.202 | None | None | 4634cf2c-056f-4dee-98de-6b4e68b7af5b | 42a001f17da442e9a0e894a1a7052603 | | b395ff0e-9fb6-424e-addd-e99e12bcc988 | 10.0.0.232 | None | None | 4634cf2c-056f-4dee-98de-6b4e68b7af5b | 42a001f17da442e9a0e894a1a7052603 | +--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+ Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:5069 |