1806376 – [feature][backport-4.3] support SR-IOV NIC partitioning in SR-IOV Operator

Bug 1806376 - [feature][backport-4.3] support SR-IOV NIC partitioning in SR-IOV Operator

Summary: [feature][backport-4.3] support SR-IOV NIC partitioning in SR-IOV Operator

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Networking
Sub Component:
Version:	4.3.z
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	4.3.z
Assignee:	Peng Liu
QA Contact:	zhaozhanqi
Docs Contact:
URL:
Whiteboard:
Depends On:	1806373
Blocks:
TreeView+	depends on / blocked

Reported:	2020-02-24 03:30 UTC by zenghui.shi
Modified:	2020-03-10 23:54 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	1806373
Environment:
Last Closed:	2020-03-10 23:54:09 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	openshift sriov-network-operator pull 156	None	closed	[release-4.3] Bug 1806376: Backport pf partitioning to 4.3	2020-05-12 14:20:58 UTC
Github	openshift sriov-network-operator pull 159	None	closed	[release-4.3] Bug 1806376: Fix api version for daemonsets in operator bundle	2020-05-12 14:20:57 UTC
Red Hat Product Errata	RHBA-2020:0676	None	None	None	2020-03-10 23:54:18 UTC

Comment 6 zhaozhanqi 2020-02-28 07:33:38 UTC

reopen this bug, found RBAC issue 

see logs from config daemon:

 I0228 07:03:50.556351   33907 daemon.go:407] cordoned node "dell-per740"
I0228 07:03:50.624263   33907 daemon.go:403] daemonsets.apps "multus" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-multus": multus-782xb; daemonsets.apps "ovnkube-node" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-ovn-kubernetes": ovnkube-node-5jv7j; daemonsets.apps "tuned" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-cluster-node-tuning-operator": tuned-rz94j; daemonsets.apps "dns-default" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-dns": dns-default-plc8k; daemonsets.apps "machine-config-daemon" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-machine-config-operator": machine-config-daemon-9pd98; daemonsets.apps "node-exporter" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-monitoring": node-exporter-rbd4j
I0228 07:03:50.624334   33907 daemon.go:407] unable to drain node "dell-per740"
I0228 07:03:50.624355   33907 daemon.go:407] there are pending nodes to be drained: dell-per740
I0228 07:03:50.624368   33907 daemon.go:438] drainNode(): Draining failed with: daemonsets.apps "multus" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-multus": multus-782xb; daemonsets.apps "ovnkube-node" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-ovn-kubernetes": ovnkube-node-5jv7j; daemonsets.apps "tuned" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-cluster-node-tuning-operator": tuned-rz94j; daemonsets.apps "dns-default" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-dns": dns-default-plc8k; daemonsets.apps "machine-config-daemon" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-machine-config-operator": machine-config-daemon-9pd98; daemonsets.apps "node-exporter" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-monitoring": node-exporter-rbd4j, retrying

Comment 8 zhaozhanqi 2020-03-02 03:28:55 UTC

Verified this bug on 4.3.5-202002280917

Comment 10 errata-xmlrpc 2020-03-10 23:54:09 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0676

Note You need to log in before you can comment on or make changes to this bug.