1854244 – Ingress/Egress OVN hybrid-overlay integration with F5 BIG-IP doesn't work after upgrading from 4.4.7 to 4.5.0-rc.5

Bug 1854244 - Ingress/Egress OVN hybrid-overlay integration with F5 BIG-IP doesn't work after upgrading from 4.4.7 to 4.5.0-rc.5

Summary: Ingress/Egress OVN hybrid-overlay integration with F5 BIG-IP doesn't work aft...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Networking
Sub Component:
Version:	4.5
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	---
Target Release:	4.5.z
Assignee:	Ben Bennett
QA Contact:	Yurii Prokulevych
Docs Contact:
URL:
Whiteboard:
Depends On:	1854192
Blocks:
TreeView+	depends on / blocked

Reported:	2020-07-06 22:36 UTC by Ben Bennett
Modified:	2023-09-14 06:03 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:	1854192
Environment:
Last Closed:	2020-08-10 13:50:20 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift cluster-network-operator pull 697	0	None	closed	[release-4.5] Bug 1854736: [metrics] TargetDown alert is always fired in ovnkube-node job	2020-12-14 18:14:23 UTC
Red Hat Product Errata	RHBA-2020:3188	0	None	None	None	2020-08-10 13:50:44 UTC

Comment 1 Ricardo Carrillo Cruz 2020-07-09 14:27:46 UTC

I was pointed about https://github.com/openshift/cluster-network-operator/pull/697 .
This prevents from doing upgrades, as the hybrid overlay is not executed.

Need to monitor the PR, per Dan Williams this will only land for 4.5.1 .

Comment 2 Ricardo Carrillo Cruz 2020-07-15 17:00:08 UTC

Fix landed on 4.5.2 and performed an upgrade to make sure it works:

[ricky@localhost openshift-installer]$ oc get clusterversion
NAME      VERSION   AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.4.13    True        True          46m     Working towards 4.5.2: 87% complete
[ricky@localhost openshift-installer]$ oc get clusterversion
NAME      VERSION   AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.5.2     True        False         7m54s   Cluster version is 4.5.2
[ricky@localhost openshift-installer]$ oc -n openshift-ovn-kubernetes rsh -c ovnkube-node ovnkube-node-d8zqc ovs-ofctl dump-flows br-ext  | head -n10
 cookie=0x0, duration=16.513s, table=0, n_packets=0, n_bytes=0, priority=100,arp,in_port=ext,arp_tpa=10.130.0.3,arp_op=1 actions=move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],mod_dl_src:0a:58:0a:82:00:03,load:0x2->NXM_OF_ARP_OP[],move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[],move:NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[],load:0xa580a820003->NXM_NX_ARP_SHA[],load:0xa820003->NXM_OF_ARP_SPA[],IN_PORT,resubmit(,1)
 cookie=0x0, duration=1466.149s, table=0, n_packets=0, n_bytes=0, priority=100,ip,in_port="ext-vxlan",dl_dst=0a:58:0a:82:00:03,nw_dst=10.130.0.0/23 actions=resubmit(,10)
 cookie=0x0, duration=1466.149s, table=0, n_packets=0, n_bytes=0, priority=10,arp,in_port="ext-vxlan",arp_tpa=10.130.0.0/23,arp_op=1 actions=resubmit(,2)
 cookie=0x0, duration=1466.149s, table=0, n_packets=2, n_bytes=240, priority=0 actions=drop
 cookie=0x0, duration=1466.149s, table=1, n_packets=0, n_bytes=0, priority=0 actions=drop
 cookie=0x0, duration=16.513s, table=2, n_packets=0, n_bytes=0, priority=100,arp,in_port="ext-vxlan",arp_tpa=10.130.0.0/23,arp_op=1 actions=move:NXM_NX_TUN_IPV4_SRC[]->NXM_NX_TUN_IPV4_DST[],load:0x1001->NXM_NX_TUN_ID[0..31],move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],mod_dl_src:0a:58:0a:82:00:03,load:0x2->NXM_OF_ARP_OP[],move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[],load:0xa580a820003->NXM_NX_ARP_SHA[],move:NXM_OF_ARP_TPA[]->NXM_NX_REG0[],move:NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[],move:NXM_NX_REG0[]->NXM_OF_ARP_SPA[],IN_PORT
 cookie=0x0, duration=1466.149s, table=2, n_packets=0, n_bytes=0, priority=0 actions=drop
 cookie=0xa820008, duration=1465.979s, table=10, n_packets=0, n_bytes=0, priority=100,ip,nw_dst=10.130.0.8 actions=mod_dl_src:0a:58:0a:82:00:03,mod_dl_dst:ea:58:76:82:00:09,output:ext
 cookie=0xa820004, duration=1465.979s, table=10, n_packets=0, n_bytes=0, priority=100,ip,nw_dst=10.130.0.4 actions=mod_dl_src:0a:58:0a:82:00:03,mod_dl_dst:ea:58:76:82:00:05,output:ext
 cookie=0xa820006, duration=1465.706s, table=10, n_packets=0, n_bytes=0, priority=100,ip,nw_dst=10.130.0.6 actions=mod_dl_src:0a:58:0a:82:00:03,mod_dl_dst:ea:58:76:82:00:07,output:ext

Comment 7 Ricardo Carrillo Cruz 2020-07-17 14:53:07 UTC

I'd say it's fixed.

The bug description was about br-ext not having any flows after upgrade, which was caused by a broken daemonset script that didn't run hybrid overlay options.
I verified the flows are there after upgrade now (fix is on 4.5.2), but I think Yurii wanted to do more testing on F5 to verify the traffic was going out.

Comment 11 Ricardo Carrillo Cruz 2020-08-03 11:49:59 UTC

Unassigning as I'm on long vacation.

Comment 13 errata-xmlrpc 2020-08-10 13:50:20 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.5.5 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:3188

Comment 14 Red Hat Bugzilla 2023-09-14 06:03:31 UTC

The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days

Note You need to log in before you can comment on or make changes to this bug.