1462338 – [3.5] pod-to-pod connectivity lost after rescaling with ovs-multitenant

Bug 1462338 - [3.5] pod-to-pod connectivity lost after rescaling with ovs-multitenant

Summary: [3.5] pod-to-pod connectivity lost after rescaling with ovs-multitenant

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Networking
Sub Component:
Version:	3.5.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	---
Target Release:	3.5.z
Assignee:	Ben Bennett
QA Contact:	Meng Bo
Docs Contact:
URL:
Whiteboard:
Depends On:	1454948
Blocks:	1267746
TreeView+	depends on / blocked

Reported:	2017-06-16 19:05 UTC by Ben Bennett
Modified:	2017-09-21 18:37 UTC (History)
CC List:	19 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	Cause: We were incorrectly removing VNID allow rules before they were really unused. It appears that when containers had startup errors it can cause the tracking to get out of sync. Consequence: The rules that allowed communication for a namespace were removed early, so that if there were still pod in that namespace on the node, they could not communicate with one another. Fix: Change the way that the tracking is done so that we avoid the nasty edge cases around pod creation / deletion failures. Result: The VNID tracking does not fail so traffic flows.
Clone Of:	1454948
Environment:
Last Closed:	2017-07-11 10:47:38 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	openshift ose pull 787	None	None	None	2020-09-05 05:58:21 UTC
Origin (Github)	14092	None	None	None	2017-06-16 19:05:34 UTC
Red Hat Knowledge Base (Solution)	3077711	None	None	None	2017-06-16 19:05:34 UTC
Red Hat Product Errata	RHBA-2017:1640	normal	SHIPPED_LIVE	OpenShift Container Platform 3.5 and 3.4 bug fix update	2017-07-11 14:47:16 UTC

Comment 1 markv 2017-06-19 08:59:38 UTC

Error 404 on github link https://github.com/openshift/ose/pull/787

Comment 2 Ruben Romero Montes 2017-06-19 10:54:54 UTC

@markv this is a private repository, that's why you can't access to it.

Regards
Ruben

Comment 3 Dan Winship 2017-06-19 13:31:35 UTC

It's a backport of https://github.com/openshift/origin/pull/14560

Comment 5 Ben Bennett 2017-06-21 15:53:25 UTC

OSE PR https://github.com/openshift/ose/pull/787

Comment 7 Weibin Liang 2017-06-22 21:23:29 UTC

Do not see network connectivity issue when tested in:
oc v3.5.5.28
kubernetes v1.5.2+43a9be4

Comment 13 errata-xmlrpc 2017-07-11 10:47:38 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1640

Comment 14 Ben Bennett 2017-07-12 15:39:09 UTC

*** Bug 1464657 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.