Bug 1847523 - "downloads" pod does not work on the node which is disabled IPv6
Summary: "downloads" pod does not work on the node which is disabled IPv6
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Management Console
Version: 4.4
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 4.5.z
Assignee: Daein Park
QA Contact: Yadan Pei
URL:
Whiteboard:
Depends On: 1846922
Blocks: 1847524
TreeView+ depends on / blocked
 
Reported: 2020-06-16 14:39 UTC by OpenShift BugZilla Robot
Modified: 2020-08-17 20:05 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-08-17 20:05:19 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift console-operator pull 441 0 None closed [release-4.5] Bug 1847523: "downloads" pod does not work on the node which is disabled IPv6 2020-09-14 02:17:35 UTC
Red Hat Product Errata RHBA-2020:3330 0 None None None 2020-08-17 20:05:40 UTC

Comment 7 Yanping Zhang 2020-08-11 06:56:36 UTC
Checked on OCP 4.5 cluster with payload 4.5.0-0.nightly-2020-08-08-162221
Verified the bug with steps:

1.Disabled ipv6 on all worker nodes with steps below:
# oc debug node/ip-10-0-130-39.us-east-2.compute.internal
Starting pod/ip-10-0-165-132ap-south-1computeinternal-debug ...
To use host binaries, run `chroot /host`
Pod IP: 10.0.165.132
If you don't see a command prompt, try pressing enter.
sh-4.2# chroot /host
sh-4.4# tail -2 /etc/sysctl.conf         // append these two lines
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
sh-4.4# vi /etc/ssh/sshd_config     // add 'AddressFamily inet' to /etc/ssh/sshd_config
....
AddressFamily inet
....
sh-4.4# cat /etc/ssh/sshd_config | grep AddressFamily
AddressFamily inet
sh-4.4# sysctl -p
sh-4.4# systemctl restart sshd     // restart sshd to take effect
sh-4.4# ip a | grep inet6     // nothing returns

2. Add taint on all worker nodes:
# oc get node ip-10-0-165-132.ap-south-1.compute.internal -o json | jq '.spec.taints'
[
  {
    "effect": "NoSchedule",
    "key": "node",
    "value": "ipv6disabled"
  }
]

3.Add "Toleration" for deployment/downloads in openshift-console project:
  {
    "effect": "NoSchedule",
    "key": "node",
    "operator": "Equal",
    "value": "ipv6disabled"
  }

4.Check new downloads pods are running on worker nodes:
# oc get nodes
NAME                                         STATUS   ROLES    AGE   VERSION
ip-10-0-130-39.us-east-2.compute.internal    Ready    worker   22h   v1.18.3+002a51f
ip-10-0-150-184.us-east-2.compute.internal   Ready    master   22h   v1.18.3+002a51f
ip-10-0-164-201.us-east-2.compute.internal   Ready    master   22h   v1.18.3+002a51f
ip-10-0-168-46.us-east-2.compute.internal    Ready    worker   22h   v1.18.3+002a51f
ip-10-0-208-46.us-east-2.compute.internal    Ready    master   22h   v1.18.3+002a51f
ip-10-0-218-86.us-east-2.compute.internal    Ready    worker   22h   v1.18.3+002a51f

# oc get pods -n openshift-console -o wide|grep download
downloads-5f7cf5bf88-m8s5p   1/1     Running   0          8m15s   10.129.2.23   ip-10-0-168-46.us-east-2.compute.internal    <none>           <none>
downloads-5f7cf5bf88-zpwpc   1/1     Running   0          7m52s   10.131.0.14   ip-10-0-218-86.us-east-2.compute.internal    <none>           <none>

Comment 9 errata-xmlrpc 2020-08-17 20:05:19 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.5.6 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:3330


Note You need to log in before you can comment on or make changes to this bug.