Description of problem: CNI binaries are special - we build them as part of the container build pipeline, then "leak" them out to the host. Unfortunately, we *also* have special build tooling that injects openssl in to our release binaries. We're seeing occasional situations where our binaries coredump repeatedly - this is tracked in 1725832. In the mean time, any CNI binaries must be built with cgo disabled in the dockerfile.
https://github.com/openshift/sdn/pull/34 is the corresponding PR for openshift-sdn. This bug is just about ovn-kubernetes's CNI plugin. I think Casey already did everything else.
https://github.com/openshift/ovn-kubernetes/pull/24
from build http://download.eng.bos.redhat.com/brewroot/packages/ose-ovn-kubernetes-container/v4.2.0/201909172311/data/logs/x86_64-build.log Verified this bug
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:2922