Bug 1806376 - [feature][backport-4.3] support SR-IOV NIC partitioning in SR-IOV Operator
Summary: [feature][backport-4.3] support SR-IOV NIC partitioning in SR-IOV Operator
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.3.z
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.3.z
Assignee: Peng Liu
QA Contact: zhaozhanqi
URL:
Whiteboard:
Depends On: 1806373
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-02-24 03:30 UTC by zenghui.shi
Modified: 2020-03-10 23:54 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1806373
Environment:
Last Closed: 2020-03-10 23:54:09 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift sriov-network-operator pull 156 0 None closed [release-4.3] Bug 1806376: Backport pf partitioning to 4.3 2020-05-12 14:20:58 UTC
Github openshift sriov-network-operator pull 159 0 None closed [release-4.3] Bug 1806376: Fix api version for daemonsets in operator bundle 2020-05-12 14:20:57 UTC
Red Hat Product Errata RHBA-2020:0676 0 None None None 2020-03-10 23:54:18 UTC

Comment 6 zhaozhanqi 2020-02-28 07:33:38 UTC
reopen this bug, found RBAC issue 

see logs from config daemon:

 I0228 07:03:50.556351   33907 daemon.go:407] cordoned node "dell-per740"
I0228 07:03:50.624263   33907 daemon.go:403] daemonsets.apps "multus" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-multus": multus-782xb; daemonsets.apps "ovnkube-node" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-ovn-kubernetes": ovnkube-node-5jv7j; daemonsets.apps "tuned" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-cluster-node-tuning-operator": tuned-rz94j; daemonsets.apps "dns-default" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-dns": dns-default-plc8k; daemonsets.apps "machine-config-daemon" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-machine-config-operator": machine-config-daemon-9pd98; daemonsets.apps "node-exporter" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-monitoring": node-exporter-rbd4j
I0228 07:03:50.624334   33907 daemon.go:407] unable to drain node "dell-per740"
I0228 07:03:50.624355   33907 daemon.go:407] there are pending nodes to be drained: dell-per740
I0228 07:03:50.624368   33907 daemon.go:438] drainNode(): Draining failed with: daemonsets.apps "multus" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-multus": multus-782xb; daemonsets.apps "ovnkube-node" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-ovn-kubernetes": ovnkube-node-5jv7j; daemonsets.apps "tuned" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-cluster-node-tuning-operator": tuned-rz94j; daemonsets.apps "dns-default" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-dns": dns-default-plc8k; daemonsets.apps "machine-config-daemon" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-machine-config-operator": machine-config-daemon-9pd98; daemonsets.apps "node-exporter" is forbidden: User "system:serviceaccount:openshift-sriov-network-operator:sriov-network-config-daemon" cannot get resource "daemonsets" in API group "apps" in the namespace "openshift-monitoring": node-exporter-rbd4j, retrying

Comment 8 zhaozhanqi 2020-03-02 03:28:55 UTC
Verified this bug on 4.3.5-202002280917

Comment 10 errata-xmlrpc 2020-03-10 23:54:09 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0676


Note You need to log in before you can comment on or make changes to this bug.