Description of problem: With the changes to OVN to go back to using a modified version of local gateway mode, we now need CNO to be updated to pass the correct gateway mode when starting OVN-kubernetes. Additionally we need to specify the gateway-interface as "none" so that we do not try to move the NIC to OVS during initial upgrade.
During upgrade I see the --gateway-interface switch from 'none' to 'br-ex', but the upgrade ultimately fails due to other issues. up-2/log-ovnkube-node-dpx8f:+ exec /usr/bin/ovnkube --init-node ip-10-0-202-46. --nb-address ssl:10.0.134.82:9641,ssl:10.0.190.218:9641,ssl:10.0.200.115:9641 --sb-address ssl:10.0.134.82:9642,ssl:10.0.190.218:9642,ssl:10.0.200.115:9642 --nb-client-privkey /ovn-cert/tls.key --nb-client-cert /ovn-cert/tls.crt --nb-client-cacert /ovn-ca/ca-bundle.crt --nb-cert-common-name ovn --sb-client-privkey /ovn-cert/tls.key --sb-client-cert /ovn-cert/tls.crt --sb-client-cacert /ovn-ca/ca-bundle.crt --sb-cert-common-name ovn --config-file=/run/ovnkube-config/ovnkube.conf --loglevel 4 --inactivity-probe=30000 --gateway-mode local --gateway-interface none --metrics-bind-address 127.0.0.1:29103 up-3/log-ovnkube-node-dpx8f:+ exec /usr/bin/ovnkube --init-node ip-10-0-202-46. --nb-address ssl:10.0.134.82:9641,ssl:10.0.190.218:9641,ssl:10.0.200.115:9641 --sb-address ssl:10.0.134.82:9642,ssl:10.0.190.218:9642,ssl:10.0.200.115:9642 --nb-client-privkey /ovn-cert/tls.key --nb-client-cert /ovn-cert/tls.crt --nb-client-cacert /ovn-ca/ca-bundle.crt --nb-cert-common-name ovn --sb-client-privkey /ovn-cert/tls.key --sb-client-cert /ovn-cert/tls.crt --sb-client-cacert /ovn-ca/ca-bundle.crt --sb-cert-common-name ovn --config-file=/run/ovnkube-config/ovnkube.conf --loglevel 4 --inactivity-probe=30000 --gateway-mode local --gateway-interface br-ex --metrics-bind-address 127.0.0.1:29103 up-4/log-ovnkube-node-dpx8f:+ exec /usr/bin/ovnkube --init-node ip-10-0-202-46. --nb-address ssl:10.0.134.82:9641,ssl:10.0.190.218:9641,ssl:10.0.200.115:9641 --sb-address ssl:10.0.134.82:9642,ssl:10.0.190.218:9642,ssl:10.0.200.115:9642 --nb-client-privkey /ovn-cert/tls.key --nb-client-cert /ovn-cert/tls.crt --nb-client-cacert /ovn-ca/ca-bundle.crt --nb-cert-common-name ovn --sb-client-privkey /ovn-cert/tls.key --sb-client-cert /ovn-cert/tls.crt --sb-client-cacert /ovn-ca/ca-bundle.crt --sb-cert-common-name ovn --config-file=/run/ovnkube-config/ovnkube.conf --loglevel 4 --inactivity-probe=30000 --gateway-mode local --gateway-interface br-ex --metrics-bind-address 127.0.0.1:29103 up-2/log-ovnkube-node-fcp7k:+ exec /usr/bin/ovnkube --init-node ip-10-0-211-111. --nb-address ssl:10.0.134.82:9641,ssl:10.0.190.218:9641,ssl:10.0.200.115:9641 --sb-address ssl:10.0.134.82:9642,ssl:10.0.190.218:9642,ssl:10.0.200.115:9642 --nb-client-privkey /ovn-cert/tls.key --nb-client-cert /ovn-cert/tls.crt --nb-client-cacert /ovn-ca/ca-bundle.crt --nb-cert-common-name ovn --sb-client-privkey /ovn-cert/tls.key --sb-client-cert /ovn-cert/tls.crt --sb-client-cacert /ovn-ca/ca-bundle.crt --sb-cert-common-name ovn --config-file=/run/ovnkube-config/ovnkube.conf --loglevel 4 --inactivity-probe=30000 --gateway-mode local --gateway-interface none --metrics-bind-address 127.0.0.1:29103 up-3/log-ovnkube-node-fcp7k:+ exec /usr/bin/ovnkube --init-node ip-10-0-211-111. --nb-address ssl:10.0.134.82:9641,ssl:10.0.190.218:9641,ssl:10.0.200.115:9641 --sb-address ssl:10.0.134.82:9642,ssl:10.0.190.218:9642,ssl:10.0.200.115:9642 --nb-client-privkey /ovn-cert/tls.key --nb-client-cert /ovn-cert/tls.crt --nb-client-cacert /ovn-ca/ca-bundle.crt --nb-cert-common-name ovn --sb-client-privkey /ovn-cert/tls.key --sb-client-cert /ovn-cert/tls.crt --sb-client-cacert /ovn-ca/ca-bundle.crt --sb-cert-common-name ovn --config-file=/run/ovnkube-config/ovnkube.conf --loglevel 4 --inactivity-probe=30000 --gateway-mode local --gateway-interface br-ex --metrics-bind-address 127.0.0.1:29103 up-4/log-ovnkube-node-fcp7k:+ exec /usr/bin/ovnkube --init-node ip-10-0-211-111. --nb-address ssl:10.0.134.82:9641,ssl:10.0.190.218:9641,ssl:10.0.200.115:9641 --sb-address ssl:10.0.134.82:9642,ssl:10.0.190.218:9642,ssl:10.0.200.115:9642 --nb-client-privkey /ovn-cert/tls.key --nb-client-cert /ovn-cert/tls.crt --nb-client-cacert /ovn-ca/ca-bundle.crt --nb-cert-common-name ovn --sb-client-privkey /ovn-cert/tls.key --sb-client-cert /ovn-cert/tls.crt --sb-client-cacert /ovn-ca/ca-bundle.crt --sb-cert-common-name ovn --config-file=/run/ovnkube-config/ovnkube.conf --loglevel 4 --inactivity-probe=30000 --gateway-mode local --gateway-interface br-ex --metrics-bind-address 127.0.0.1:29103
According to comment 2. this original issue for this bug should be fixed. since we have another bug 1880591 trace the upgrade issue. Move this bug to 'verified', please correct me if I'm wrong. thanks
Looks like is actually fixed until after https://github.com/openshift/cluster-network-operator/pull/836 is merged.
Looks like this is not actually fixed until after https://github.com/openshift/cluster-network-operator/pull/836 is merged.
Original PR was verified. Adding qe_test_coverage flag to track continued testing.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:4196