Bug 1772154 - CRI-O incorrectly setting PodIP breaks baremetal IPI platform
Summary: CRI-O incorrectly setting PodIP breaks baremetal IPI platform
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 4.3.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.3.0
Assignee: Stephen Benjamin
QA Contact: Johnny Liu
Depends On:
TreeView+ depends on / blocked
Reported: 2019-11-13 18:55 UTC by Stephen Benjamin
Modified: 2020-02-06 11:43 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2020-01-23 11:12:45 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift installer pull 2666 0 'None' closed Bug 1772154: RHCOS: Bump to 43.81.201911192044.0 for CRI-O bug fix 2020-06-04 09:26:51 UTC
Red Hat Product Errata RHBA-2020:0062 0 None None None 2020-01-23 11:13:03 UTC

Description Stephen Benjamin 2019-11-13 18:55:07 UTC
Typically, the PodIP for a pod using host networking is set to the node's IP. The node IP is on the baremetal network (192.168.111.x). However, the container runtime can override that, and a bug in CRI-O is causing this to happen, and it was picking the IP on a provisioning interface:

[core@master-0 ~]$ sudo crictl inspectp 1a8c9a6d3d05a
  "status": {
    "id": "1a8c9a6d3d05a162340d018cec7146d8881987784afce607f9c0d277519a65bf",
    "metadata": {
      "attempt": 0,
      "name": "kube-apiserver-master-0",
      "namespace": "openshift-kube-apiserver",
      "uid": "d842b9a1988d8656c555a333e12c2200"
    "state": "SANDBOX_READY",
    "createdAt": "2019-11-12T00:15:47.881389131Z",
    "network": {
      "ip": ""

This is fixed in cri-o/cri-o#2944 and should restore the previous behavior. This fix is present in 43.81.201911131545.0.

Comment 2 Johnny Liu 2019-11-21 02:12:26 UTC
From https://github.com/openshift/installer/blob/release-4.3/data/data/rhcos.json, boot image rhcos version is bumped to "rhcos-43.81.201911192044", so move this bug to verified.

BTW, baremetal ipi install is not in OCP QE test scope, if this issue still reproduced, pls reopen.

Comment 4 errata-xmlrpc 2020-01-23 11:12:45 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.