Created attachment 1586335 [details] exampleVM.yaml Description of problem: When a VM is created with VM Wizard with 'Pod Networking' NIC in masquerade mode (which is the default one), then exposed NodePort service on such VM is not reachable. service exposed as follows: virtctl expose virtualmachine <vm name> --name <service-name> --port <unique port> --target-port 80 --type NodePort -n <namespace> Version-Release number of selected component (if applicable): HCO-33 kubevirt-web-ui-container-v2.0.0-14.8 How reproducible: 100% Steps to Reproduce: 1. created the example VM with masquerade Pod Networking NIC 2. Expose a service on the VM 3. try to connect to the service port, for example run SimpleHTTPServer on the VM and try to access it through the node port with wget Actual results: connection cannot be established Expected results: Additional info: To w/a the issue, add 'ports' to the VM yaml - masquerade: {} name: testmasquerade ports: - name: http port: 80 protocol: TCP Using 'Bridge' method instead of 'masquerade' works as expected. A fix exists https://github.com/kubevirt/kubevirt/pull/2331, however hasn't been backported to 2.0.
You are correct on all terms. This is tracked in https://jira.coreos.com/browse/KNIP-241 Note that there is another juicy point: masquerade does not work at all with OKD-4.1.
It is my own fault, but we are confusing two things here. One is that via GUI, one cannot define a VM that serves a TCP port. This bug is about this issue, and it going to be fixed in cnv-2.1. There is a much more serious issue https://github.com/kubevirt/kubevirt/issues/2400 that masquerade does not work at all on recent RHCOS8 builds. I would like to fix this ASAP (cnv-2.0.1?) I confirm that both issues would be release-noted: Due to https://github.com/kubevirt/kubevirt/issues/2400 one cannot reliably attach the default (Pod) network to a VM.
Created PR: https://github.com/openshift/openshift-docs/pull/15805
These changes can be reviewed in https://github.com/openshift/openshift-docs/pull/15805. Will hold off on merging until we get the issue re: https://bugzilla.redhat.com/show_bug.cgi?id=1722419 resolved (PR contains multiple Release Notes additions). Thanks, Bob
Hi Everyone, Vikram has given the go-ahead to merge this PR. Here is a link to the test build: http://file.bos.redhat.com/bgaydos/071119/cnv/cnv_release_notes/cnv-release-notes.html Note that this content also contains the note for https://bugzilla.redhat.com/show_bug.cgi?id=1722419 requested by Tomas and approved by Vikram. Putting on_qa along with https://bugzilla.redhat.com/show_bug.cgi?id=1722419. Thanks, Bob
Dan I think now that we manage to merged the "forward all port into the vm if no port was configured" This issue can wait for 2.2 what you think?
In the context of this bug, our changed the default of forwarding all ports into the VM is good enough. The fix is merged https://github.com/kubevirt/kubevirt/pull/2331 and would be available in cnv-2.1.