Description of problem: after adding annotation netnamespace.network.openshift.io/multicast-enabled=true to the netnamespace, it will create one open-flow rule in table 110. But after delete the project (do not remove the annotation) the rule is still there as below: # ovs-ofctl dump-flows br0 -O openflow13 | grep table=110 cookie=0x0, duration=1905.228s, table=110, n_packets=0, n_bytes=0, reg0=0x70aacd actions=goto_table:111 cookie=0x0, duration=1541.088s, table=110, n_packets=0, n_bytes=0, reg0=0xcb8782 actions=goto_table:111 Version-Release number of selected component (if applicable): openshift v3.6.65 kubernetes v1.6.1+5115d708d7 etcd 3.1.0 openvswitch-2.6.1-10.git20161206.el7fdp.x86_64 How reproducible: always Steps to Reproduce: 1. create project u1p1 2. oc annotate netnamespace u1p1 netnamespace.network.openshift.io/multicast-enabled=true 3. delete project u1p1 Actual results: the open-flow rules for the netnamespace which enabled multicast is not removed. if repeating above steps many times, you will found many useless rules are still there until restart openvswitch. Expected results: should remove the stale open-flow rules when delete project/netnamespace which has enabled multicast. Additional info: workaround: remove the annotation before delete the project; or restart openvswitch to clear the stale rules.
Upstream PR: https://github.com/openshift/origin/pull/14231
verified in atomic-openshift-3.6.94-1.git.0.ba4aad2.el7.x86_64 and the issue has been fixed.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2017:1716