Bug 1877060 - Whereabouts IPAM CNI IPv6 addresses with single colon aren't properly converted to DNS-1123 name in OCP 4.5
Summary: Whereabouts IPAM CNI IPv6 addresses with single colon aren't properly convert...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.6
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.6.0
Assignee: Douglas Smith
QA Contact: Weibin Liang
URL:
Whiteboard:
Depends On:
Blocks: 1877065
TreeView+ depends on / blocked
 
Reported: 2020-09-08 18:53 UTC by Douglas Smith
Modified: 2020-10-27 16:39 UTC (History)
0 users

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 1877065 (view as bug list)
Environment:
Last Closed: 2020-10-27 16:38:59 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2020:4196 0 None None None 2020-10-27 16:39:02 UTC

Description Douglas Smith 2020-09-08 18:53:34 UTC
This particular problem was found and fixed in 4.6 during a feature enhancement, however, we didn't identify that this was still a problem in 4.5.

Basically, when using any IPv6 address with a single colon, the CR name wouldn't be properly converted from IPv6 address into DNS-1123 name for the CR.


---------------------- Original report

oc edit networks.operator.openshift.io cluster 

 additionalNetworks: 
  - name: test-network-1
    namespace: dieter
    rawCNIConfig: '{ "cniVersion": "0.3.0", "name": "test-network-1", "type": "ipvlan",
      "master": "ens9", "mode": "l2", "ipam": { "type": "whereabouts", "range": "fd00:0:0:10:0:0:3:1-fd00:0:0:10:0:0:3:6/64"
      } , "log_file" : "/tmp/whereabouts.log", "log_level" : "debug"}'
    type: Raw

Creates the network-attachment-definition with the correct range, but when creating the pod, I get following error:

Error assigning IP: k8s create error: IPPool.whereabouts.cni.cncf.io "fd00:0:0:10--64" is invalid: metadata.name: Invalid value: "fd00:0:0:10--64": a DNS-1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')

Comment 4 Weibin Liang 2020-09-10 14:20:12 UTC
Tested and verified in 4.6.0-0.nightly-2020-09-10-082657


[weliang@weliang ~]$ oc describe pod | grep fd00
                        "fd00:dead:beef::1"
                        "fd00:dead:beef::1"
  Normal  AddedInterface  3m56s      multus                                               Add net1 [fd00:dead:beef::1/64] from test/macvlan-bridge-whereabouts
                        "fd00:dead:beef::2"
                        "fd00:dead:beef::2"
  Normal  AddedInterface  2m34s      multus                                               Add net1 [fd00:dead:beef::2/64] from test/macvlan-bridge-whereabouts
                        "fd00:dead:beef::3"
                        "fd00:dead:beef::3"
  Normal  AddedInterface  2m28s      multus                                               Add net1 [fd00:dead:beef::3/64] from test/macvlan-bridge-whereabouts
                        "fd00:dead:beef::4"
                        "fd00:dead:beef::4"
  Normal  AddedInterface  2m23s      multus                                               Add net1 [fd00:dead:beef::4/64] from test/macvlan-bridge-whereabouts
                        "fd00:dead:beef::5"
                        "fd00:dead:beef::5"
  Normal  AddedInterface  2m17s      multus                                               Add net1 [fd00:dead:beef::5/64] from test/macvlan-bridge-whereabouts
                        "fd00:dead:beef::6"
                        "fd00:dead:beef::6"

Comment 6 errata-xmlrpc 2020-10-27 16:38:59 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:4196


Note You need to log in before you can comment on or make changes to this bug.