Document URL: https://docs.openshift.com/container-platform/4.4/networking/multiple_networks/configuring-bridge.html#nw-multus-create-network_configuring-bridge Section Number and Name: Procedure, step 2 Describe the issue: In a customer case, he creates the exact configuration as described in the doc's example: ~~~ additionalNetworks: - name: test-network-1 namespace: default rawCNIConfig: '{ "cniVersion": "0.3.1", "name": "test-network-1", "type": "bridge", "ipam": { "type": "static", "addresses": [ { "address": "191.168.1.7" } ] } }' type: Raw ~~~ but it fails with error: ~~~ message: 'Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_bridge-pod-1_default_f7912f37-249e-4cae-865e-5c3e4f29b322_0(f579e0734e405142e1d3c28e190ef36794dc03bf713e1fe6fe8ac1497e80e5b4): Multus: [default/bridge-pod-1]: error adding container to network "test-network-1": delegateAdd: error invoking DelegateAdd - "bridge": error in getting result from AddNetwork: invalid CIDR 191.168.1.7: invalid CIDR address: 191.168.1.7' ~~~ witch makes sense as "191.168.1.7" lacks netmask prefix and doesn't qualify as a CIDR. Suggestions for improvement: - Correct this error by adding the CIDR - Not sure if this applies to openshift but in upstream multus it looks like there are more options and parameters (like ranges) that can be defined and that are not present in openshift documentation: https://github.com/intel/multus-cni/blob/master/doc/configuration.md e.g.: config: '{ "cniVersion": "0.3.0", "type": "macvlan", "master": "eth0", "mode": "bridge", "ipam": { "type": "host-local", "subnet": "192.168.1.0/24", "rangeStart": "192.168.1.200", "rangeEnd": "192.168.1.216", "routes": [ { "dst": "0.0.0.0/0" } ], "gateway": "192.168.1.1" } }' Additional information:
Hi, Where does the log message originate from? What command produces that output? Thanks!
It's a message from the kubelet (Failed to create pod sandbox..) because on Cluster network operator the static address is missing a netmask prefix
Hi, Customer followed this link [1] to add an additional network and failed with this message: Error message: Warning FailedCreatePodSandBox <invalid> kubelet, cluster-X-worker-Y Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_example-pod_default_352084f8-5774-41c6-ae2c-e73e65fb1e9a_0(91ae091936157fe280fdf022bf257ce9c851e05388d402cbc5885e64ab26e45f): Multus: [default/example-pod]: error adding container to network "test-network-1": delegateAdd: error invoking DelegateAdd - "bridge": error in getting result from AddNetwork: invalid CIDR 191.168.1.7: invalid CIDR address: 191.168.1.7 Then, i suggested the customer to modify "oc edit networks.operator.openshift.io cluster" the way described in this BZ and it has reported to be working that way. [1] https://access.redhat.com/documentation/en-us/openshift_container_platform/4.4/html-single/networking/index#nw-multus-create-network_configuring-bridge
Great, thanks! So I'm digging around on this, and in this context the CIDR is the IP address for the additional network and the subnet mask for the network. So you should be able to specify a network prefix other than /24, but as you've discovered, you must specify some (correct) prefix. How the prefix is put to use depends on the CNI plug-in, so the complete update for this is probably much more expansive. I'll fix the immediate issue, and then work on resolving the larger gap here.
I've created the following PR to address this: https://github.com/openshift/openshift-docs/pull/27134