Description of problem: master field in NAD is required for multus ipvlan plugin, but not for macvlan and bridge plugins. Version-Release number of selected component (if applicable): 4.6.0-0.nightly-2020-09-15-063156 How reproducible: Always Steps to Reproduce: 1. curl -s https://raw.githubusercontent.com/weliang1/Openshift_Networking/master/test.yaml | sed s/ipam-name/ipvlan-host-local/g | sed s/ipam-type/ipvlan/g | oc create -f- 2. for i in {1..6}; do curl -s https://raw.githubusercontent.com/weliang1/Openshift_Networking/master/Features/multus/pod.yaml | sed s/pod-name/pod-ipvlan-host-local$i/g | sed s/net-attach-def/ipvlan-host-local/g | oc create -f-;done 3. curl -s https://raw.githubusercontent.com/weliang1/Openshift_Networking/master/test.yaml | sed s/ipam-name/bridge-host-local/g | sed s/ipam-type/bridge/g | oc create -f- 4. for i in {1..6}; do curl -s https://raw.githubusercontent.com/weliang1/Openshift_Networking/master/Features/multus/pod.yaml | sed s/pod-name/pod-bridge-host-local$i/g | sed s/net-attach-def/bridge-host-local/g | oc create -f-;done Actual results: [weliang@weliang FILE]$ oc get net-attach-def ipvlan-host-local -o yaml --snip-- spec: config: '{ "cniVersion": "0.3.0", "bridge": "my-bridge", "type": "ipvlan", "ipam": { "type": "host-local", "subnet": "22.2.2.0/24", "rangeStart": "22.2.2.100", "rangeEnd": "22.2.2.200" } }' [weliang@weliang FILE]$ oc get net-attach-def bridge-host-local -o yaml --snip spec: config: '{ "cniVersion": "0.3.0", "bridge": "my-bridge", "type": "bridge", "ipam": { "type": "host-local", "subnet": "22.2.2.0/24", "rangeStart": "22.2.2.100", "rangeEnd": "22.2.2.200" } }' [weliang@weliang FILE]$ oc get pod NAME READY STATUS RESTARTS AGE pod-bridge-host-local1 1/1 Running 0 12m pod-bridge-host-local2 1/1 Running 0 12m pod-bridge-host-local3 1/1 Running 0 12m pod-bridge-host-local4 1/1 Running 0 12m pod-bridge-host-local5 1/1 Running 0 12m pod-bridge-host-local6 1/1 Running 0 12m pod-ipvlan-host-local1 0/1 ContainerCreating 0 10m pod-ipvlan-host-local2 0/1 ContainerCreating 0 10m pod-ipvlan-host-local3 0/1 ContainerCreating 0 10m pod-ipvlan-host-local4 0/1 ContainerCreating 0 10m pod-ipvlan-host-local5 0/1 ContainerCreating 0 10m pod-ipvlan-host-local6 0/1 ContainerCreating 0 10m [weliang@weliang FILE]$ oc describe pod pod-ipvlan-host-local1 --snip-- Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled <unknown> Successfully assigned test1/pod-ipvlan-host-local1 to ip-10-0-215-115.us-east-2.compute.internal Normal AddedInterface 23s multus Add eth0 [10.129.2.20/23] Warning FailedCreatePodSandBox 22s kubelet, ip-10-0-215-115.us-east-2.compute.internal Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_pod-ipvlan-host-local1_test1_6c0d2d6c-ff13-4fbb-8c14-059140e4f20e_0(df092f475552a080533673ac1a72e153bdb18346f09a8847d22bc3f31eb86a6c): [test1/pod-ipvlan-host-local1:ipvlan-host-local]: error adding container to network "ipvlan-host-local": "master" field is required. It specifies the host interface name to virtualize Normal AddedInterface 20s multus Add eth0 [10.129.2.20/23] Warning FailedCreatePodSandBox 20s kubelet, ip-10-0-215-115.us-east-2.compute.internal Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_pod-ipvlan-host-local1_test1_6c0d2d6c-ff13-4fbb-8c14-059140e4f20e_0(9a5f3691e1def990a719c00595fd825d35f951f5aab05ea5c47a50245ed796ed): [test1/pod-ipvlan-host-local1:ipvlan-host-local]: error adding container to network "ipvlan-host-local": "master" field is required. It specifies the host interface name to virtualize Normal AddedInterface 4s multus Add eth0 [10.129.2.20/23] Warning FailedCreatePodSandBox 3s kubelet, ip-10-0-215-115.us-east-2.compute.internal Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_pod-ipvlan-host-local1_test1_6c0d2d6c-ff13-4fbb-8c14-059140e4f20e_0(94c8ec48f6ed14f1568667ffed07cb7e785315ac38e46d60eeec6bd5a5af0633): [test1/pod-ipvlan-host-local1:ipvlan-host-local]: error adding container to network "ipvlan-host-local": "master" field is required. It specifies the host interface name to virtualize Expected results: ipvlan can do the same way as bridge without requiring master field in NAD Additional info:
Upstream PR: https://github.com/containernetworking/plugins/pull/534
Upstream PR merged, have downstream PR pending.
Test still failed, seems like fixed PR merged 8 days ago but still not in the nightly image.
Test still failed in 4.6.0-0.nightly-2020-10-27-011248 and get same errors: Warning FailedCreatePodSandBox 1s kubelet, ip-10-0-155-175.us-east-2.compute.internal Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_pod-ipvlan-host-local1_test_9441be2b-2f4b-47a4-8c39-10f681722bca_0(ac5019971ce3414b7f24269276e66cf3220f076c316cf3b14eac374f3eac2800): [test/pod-ipvlan-host-local1:ipvlan-host-local]: error adding container to network "ipvlan-host-local": "master" field is required. It specifies the host interface name to virtualize
Still pending a replication by me to see why it didn't show up.
Looks like this is indeed now in the 4.7 images... Here's what I did to take a look: Created this net-attach-def (note that it uses ipvlan and does not specify a master field): ``` apiVersion: "k8s.cni.cncf.io/v1" kind: NetworkAttachmentDefinition metadata: name: ipvlan-conf spec: config: '{ "cniVersion": "0.3.0", "type": "ipvlan", "ipam": { "type": "host-local", "subnet": "192.168.1.0/24", "rangeStart": "192.168.1.200", "rangeEnd": "192.168.1.216", "routes": [ { "dst": "0.0.0.0/0" } ], "gateway": "192.168.1.1" } }' ``` And then a pod like so: ``` apiVersion: v1 kind: Pod metadata: name: samplepod annotations: k8s.v1.cni.cncf.io/networks: ipvlan-conf spec: containers: - name: samplepod command: ["/bin/ash", "-c", "trap : TERM INT; sleep infinity & wait"] image: alpine ```
Verified in 4.7.0-0.nightly-2020-12-20-055006
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633