Bug 1846228 - [Kuryr] LB sg update not skipped when no endpoint is found
Summary: [Kuryr] LB sg update not skipped when no endpoint is found
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.5
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 4.3.z
Assignee: Maysa Macedo
QA Contact: GenadiC
URL:
Whiteboard:
Depends On: 1839023
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-06-11 07:20 UTC by OpenShift BugZilla Robot
Modified: 2020-07-01 15:02 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-07-01 15:02:34 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github openshift kuryr-kubernetes pull 275 None closed [release-4.3] [release-4.4] Bug 1846228:Skip LB sg update when no endpoint is found 2020-06-26 14:22:26 UTC
Red Hat Product Errata RHBA-2020:2628 None None None 2020-07-01 15:02:49 UTC

Comment 3 rlobillo 2020-06-23 07:51:41 UTC
verified on OCP4.3.0-0.nightly-2020-06-20-130223 on OSP13 (2020-06-09.2) with OVS.

NP tests run with parallelsim set to 3 and without observing mentioned backtrace.

Manual testing: after enabling DEBUG logs on kuryr-controller, run:

# 1- Set environment:

$ oc new-project test && oc run server --image=kuryr/demo
$ oc expose pod/server-1-xzp5b --port 80
$ oc apply -f np.yaml

(where np.yaml is:

kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
 name: api-allow
spec:
 podSelector:
   matchLabels:
     run: server
 ingress:
 - from:
     - podSelector:
         matchLabels:
           run: client
)

$ oc get all
ocNAME                  READY   STATUS      RESTARTS   AGE
pod/server-1-deploy   0/1     Completed   0          2m9s
pod/server-1-xzp5b    1/1     Running     0          97s

NAME                             DESIRED   CURRENT   READY   AGE
replicationcontroller/server-1   1         1         1       2m9s

NAME                     TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)   AGE
service/server-1-xzp5b   ClusterIP   172.30.246.96   <none>        80/TCP    75s

NAME                                        REVISION   DESIRED   CURRENT   TRIGGERED BY
deploymentconfig.apps.openshift.io/server   1          1         1         config

# 2- Remove endpoints and trigger SG recalculation:

$ oc delete endpoints server-1-xzp5b
endpoints "server-1-xzp5b" deleted
$ oc run client --image=kuryr/demo
deploymentconfig.apps.openshift.io/client created

# 3- Check that condition is hit and no restarts observed:

$ oc logs -n openshift-kuryr $(oc get pods -n openshift-kuryr -l app=kuryr-controller -o NAME) | grep "Endpoint not Found"
2020-06-23 06:53:00.709 1 DEBUG kuryr_kubernetes.controller.drivers.lbaasv2 [-] Endpoint not Found. Skipping LB SG update fortest/server-1-xzp5b as the LB resources are not present update_lbaas_sg /usr/lib/python3.6/site-packages/kuryr_kubernetes/controller/drivers/lbaasv2.py:1111
2020-06-23 06:53:03.591 1 DEBUG kuryr_kubernetes.controller.drivers.lbaasv2 [-] Endpoint not Found. Skipping LB SG update fortest/server-1-xzp5b as the LB resources are not present update_lbaas_sg /usr/lib/python3.6/site-packages/kuryr_kubernetes/controller/drivers/lbaasv2.py:1111
2020-06-23 06:53:07.053 1 DEBUG kuryr_kubernetes.controller.drivers.lbaasv2 [-] Endpoint not Found. Skipping LB SG update fortest/server-1-xzp5b as the LB resources are not present update_lbaas_sg /usr/lib/python3.6/site-packages/kuryr_kubernetes/controller/drivers/lbaasv2.py:1111

$ oc get pods -n openshift-kuryr
NAME                                   READY   STATUS    RESTARTS   AGE
kuryr-cni-88xt5                        1/1     Running   0          13h
kuryr-cni-bppxz                        1/1     Running   1          14h
kuryr-cni-cltwr                        1/1     Running   0          13h
kuryr-cni-djq4k                        1/1     Running   1          13h
kuryr-cni-mw97k                        1/1     Running   0          14h
kuryr-cni-scrbk                        1/1     Running   0          14h
kuryr-controller-8585668bdf-x64fx      1/1     Running   0          25m
kuryr-dns-admission-controller-54cvc   1/1     Running   0          14h
kuryr-dns-admission-controller-s29gg   1/1     Running   0          14h
kuryr-dns-admission-controller-w2nnm   1/1     Running   0          14h

Comment 5 errata-xmlrpc 2020-07-01 15:02:34 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:2628


Note You need to log in before you can comment on or make changes to this bug.