Bug 1662115 - Failed to create pod which requests macvlan
Summary: Failed to create pod which requests macvlan
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.1.0
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.1.0
Assignee: Casey Callendrello
QA Contact: Meng Bo
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-12-26 09:18 UTC by Meng Bo
Modified: 2019-06-04 10:41 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-06-04 10:41:27 UTC
Target Upstream Version:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2019:0758 0 None None None 2019-06-04 10:41:33 UTC

Description Meng Bo 2018-12-26 09:18:59 UTC 
Description of problem:
Try to create egress-router on the ocp 4.0 cluster which will request the macvlan. The pod creation failed due to the dnsIP value is nil.

https://github.com/openshift/origin/blob/master/cmd/sdn-cni-plugin/openshift-sdn_linux.go#L220

Version-Release number of selected component (if applicable):
oc v4.0.0-0.94.0
kubernetes v1.11.0+3db990d20d
features: Basic-Auth GSSAPI Kerberos SPNEGO

Server https://test1-api.tt.testing:6443
kubernetes v1.11.0+85a0623


How reproducible:
always

Steps to Reproduce:
1. Setup 4.0 ocp cluster
2. Create project and add the correct scc to the service account
3. Try to create egress router pod in the project
---
apiVersion: v1
kind: Pod
metadata:
  annotations:
    pod.network.openshift.io/assign-macvlan: "true"
  generateName: egress-rc-
  labels:
    name: egress-router
spec:
  containers:
  - env:
    - name: EGRESS_SOURCE
      value: 192.168.126.100
    - name: EGRESS_GATEWAY
      value: 192.168.126.1
    - name: EGRESS_DESTINATION
      value: 104.193.88.77
    image: $registry/openshift/ose-egress-router:v4.0
    name: egress-router
    securityContext:
      privileged: true

4. Check the pod status


Actual results:
The pod cannot be running and the error appears in the node log.

  Warning  FailedCreatePodSandBox  20m                 kubelet, test1-master-0  Failed create pod sandbox: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_egress-rc-q7cdw_bmengp1_223c3710-08e8-11e9-af1b-664f163f5f0f_0(657d7963dfa29f929e49a616e8cc5ee37c8a10747f978769b2959791f2aa0f5c): failed to parse dns IP: <nil>


Expected results:
Should be above to create the egress router pod.

Additional info:
More error log in the kubelet:
Dec 26 08:37:57 test1-master-0 hyperkube[94748]: E1226 08:37:57.167057   94748 remote_runtime.go:92] RunPodSandbox from runtime service failed: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_egress-rc-q7cdw_bmengp1_223c3710-08e8-11e9-af1b-664f163f5f0f_0(c5bc1478486f1a9222cdfca036d85b8bb86245e1bf20f9302711bf253977ce75): failed to parse dns IP: <nil>
Dec 26 08:37:57 test1-master-0 hyperkube[94748]: E1226 08:37:57.168097   94748 kuberuntime_sandbox.go:56] CreatePodSandbox for pod "egress-rc-q7cdw_bmengp1(223c3710-08e8-11e9-af1b-664f163f5f0f)" failed: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_egress-rc-q7cdw_bmengp1_223c3710-08e8-11e9-af1b-664f163f5f0f_0(c5bc1478486f1a9222cdfca036d85b8bb86245e1bf20f9302711bf253977ce75): failed to parse dns IP: <nil>
Dec 26 08:37:57 test1-master-0 hyperkube[94748]: E1226 08:37:57.168638   94748 kuberuntime_manager.go:650] createPodSandbox for pod "egress-rc-q7cdw_bmengp1(223c3710-08e8-11e9-af1b-664f163f5f0f)" failed: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_egress-rc-q7cdw_bmengp1_223c3710-08e8-11e9-af1b-664f163f5f0f_0(c5bc1478486f1a9222cdfca036d85b8bb86245e1bf20f9302711bf253977ce75): failed to parse dns IP: <nil>
Dec 26 08:37:57 test1-master-0 hyperkube[94748]: E1226 08:37:57.169467   94748 pod_workers.go:186] Error syncing pod 223c3710-08e8-11e9-af1b-664f163f5f0f ("egress-rc-q7cdw_bmengp1(223c3710-08e8-11e9-af1b-664f163f5f0f)"), skipping: failed to "CreatePodSandbox" for "egress-rc-q7cdw_bmengp1(223c3710-08e8-11e9-af1b-664f163f5f0f)" with CreatePodSandboxError: "CreatePodSandbox for pod \"egress-rc-q7cdw_bmengp1(223c3710-08e8-11e9-af1b-664f163f5f0f)\" failed: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_egress-rc-q7cdw_bmengp1_223c3710-08e8-11e9-af1b-664f163f5f0f_0(c5bc1478486f1a9222cdfca036d85b8bb86245e1bf20f9302711bf253977ce75): failed to parse dns IP: <nil>"



Checked the cniserver config file, there is no dnsIP value
# cat /var/run/openshift-sdn/config.json 
{"mtu":1450,"serviceNetworkCIDR":"172.30.0.0/16","dnsIP":""}


I did not find the dnsIP in /etc/kubernetes/kubelet.conf nor the networkconfigs crd.
Comment 1 Casey Callendrello 2019-02-21 16:21:21 UTC 
I think this is fixed. Can you please re-test?
Comment 3 Meng Bo 2019-03-05 10:24:34 UTC 
Tested with ose-egress-router/images/v4.0.6-1 and 4.0.0-0.nightly-2019-03-04-033148

The egress-router which requires macvlan should be able to create.
Comment 6 errata-xmlrpc 2019-06-04 10:41:27 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0758
Note You need to log in before you can comment on or make changes to this bug.