Bug 1881979 - Modify CNO ovn-kubernetes gateway args back to local gateway mode
Summary: Modify CNO ovn-kubernetes gateway args back to local gateway mode
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.6
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 4.6.0
Assignee: Tim Rozet
QA Contact: Ross Brattain
URL:
Whiteboard:
Depends On: 1880591
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-09-23 14:16 UTC by Tim Rozet
Modified: 2020-10-27 16:45 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-10-27 16:44:57 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift cluster-network-operator pull 801 0 None closed Bug 1881979: Fixes gateway mode parameters for OVN 2020-10-13 13:38:06 UTC
Red Hat Product Errata RHBA-2020:4196 0 None None None 2020-10-27 16:45:23 UTC

Description Tim Rozet 2020-09-23 14:16:32 UTC
Description of problem:
With the changes to OVN to go back to using a modified version of local gateway mode, we now need CNO to be updated to pass the correct gateway mode when starting OVN-kubernetes. Additionally we need to specify the gateway-interface as "none" so that we do not try to move the NIC to OVS during initial upgrade.

Comment 2 Ross Brattain 2020-09-29 13:12:49 UTC
During upgrade I see the --gateway-interface switch from 'none' to 'br-ex', but the upgrade ultimately fails due to other issues.



up-2/log-ovnkube-node-dpx8f:+ exec /usr/bin/ovnkube --init-node ip-10-0-202-46. --nb-address ssl:10.0.134.82:9641,ssl:10.0.190.218:9641,ssl:10.0.200.115:9641 --sb-address ssl:10.0.134.82:9642,ssl:10.0.190.218:9642,ssl:10.0.200.115:9642 --nb-client-privkey /ovn-cert/tls.key --nb-client-cert /ovn-cert/tls.crt --nb-client-cacert /ovn-ca/ca-bundle.crt --nb-cert-common-name ovn --sb-client-privkey /ovn-cert/tls.key --sb-client-cert /ovn-cert/tls.crt --sb-client-cacert /ovn-ca/ca-bundle.crt --sb-cert-common-name ovn --config-file=/run/ovnkube-config/ovnkube.conf --loglevel 4 --inactivity-probe=30000 --gateway-mode local --gateway-interface none --metrics-bind-address 127.0.0.1:29103
up-3/log-ovnkube-node-dpx8f:+ exec /usr/bin/ovnkube --init-node ip-10-0-202-46. --nb-address ssl:10.0.134.82:9641,ssl:10.0.190.218:9641,ssl:10.0.200.115:9641 --sb-address ssl:10.0.134.82:9642,ssl:10.0.190.218:9642,ssl:10.0.200.115:9642 --nb-client-privkey /ovn-cert/tls.key --nb-client-cert /ovn-cert/tls.crt --nb-client-cacert /ovn-ca/ca-bundle.crt --nb-cert-common-name ovn --sb-client-privkey /ovn-cert/tls.key --sb-client-cert /ovn-cert/tls.crt --sb-client-cacert /ovn-ca/ca-bundle.crt --sb-cert-common-name ovn --config-file=/run/ovnkube-config/ovnkube.conf --loglevel 4 --inactivity-probe=30000 --gateway-mode local --gateway-interface br-ex --metrics-bind-address 127.0.0.1:29103
up-4/log-ovnkube-node-dpx8f:+ exec /usr/bin/ovnkube --init-node ip-10-0-202-46. --nb-address ssl:10.0.134.82:9641,ssl:10.0.190.218:9641,ssl:10.0.200.115:9641 --sb-address ssl:10.0.134.82:9642,ssl:10.0.190.218:9642,ssl:10.0.200.115:9642 --nb-client-privkey /ovn-cert/tls.key --nb-client-cert /ovn-cert/tls.crt --nb-client-cacert /ovn-ca/ca-bundle.crt --nb-cert-common-name ovn --sb-client-privkey /ovn-cert/tls.key --sb-client-cert /ovn-cert/tls.crt --sb-client-cacert /ovn-ca/ca-bundle.crt --sb-cert-common-name ovn --config-file=/run/ovnkube-config/ovnkube.conf --loglevel 4 --inactivity-probe=30000 --gateway-mode local --gateway-interface br-ex --metrics-bind-address 127.0.0.1:29103

up-2/log-ovnkube-node-fcp7k:+ exec /usr/bin/ovnkube --init-node ip-10-0-211-111. --nb-address ssl:10.0.134.82:9641,ssl:10.0.190.218:9641,ssl:10.0.200.115:9641 --sb-address ssl:10.0.134.82:9642,ssl:10.0.190.218:9642,ssl:10.0.200.115:9642 --nb-client-privkey /ovn-cert/tls.key --nb-client-cert /ovn-cert/tls.crt --nb-client-cacert /ovn-ca/ca-bundle.crt --nb-cert-common-name ovn --sb-client-privkey /ovn-cert/tls.key --sb-client-cert /ovn-cert/tls.crt --sb-client-cacert /ovn-ca/ca-bundle.crt --sb-cert-common-name ovn --config-file=/run/ovnkube-config/ovnkube.conf --loglevel 4 --inactivity-probe=30000 --gateway-mode local --gateway-interface none --metrics-bind-address 127.0.0.1:29103
up-3/log-ovnkube-node-fcp7k:+ exec /usr/bin/ovnkube --init-node ip-10-0-211-111. --nb-address ssl:10.0.134.82:9641,ssl:10.0.190.218:9641,ssl:10.0.200.115:9641 --sb-address ssl:10.0.134.82:9642,ssl:10.0.190.218:9642,ssl:10.0.200.115:9642 --nb-client-privkey /ovn-cert/tls.key --nb-client-cert /ovn-cert/tls.crt --nb-client-cacert /ovn-ca/ca-bundle.crt --nb-cert-common-name ovn --sb-client-privkey /ovn-cert/tls.key --sb-client-cert /ovn-cert/tls.crt --sb-client-cacert /ovn-ca/ca-bundle.crt --sb-cert-common-name ovn --config-file=/run/ovnkube-config/ovnkube.conf --loglevel 4 --inactivity-probe=30000 --gateway-mode local --gateway-interface br-ex --metrics-bind-address 127.0.0.1:29103
up-4/log-ovnkube-node-fcp7k:+ exec /usr/bin/ovnkube --init-node ip-10-0-211-111. --nb-address ssl:10.0.134.82:9641,ssl:10.0.190.218:9641,ssl:10.0.200.115:9641 --sb-address ssl:10.0.134.82:9642,ssl:10.0.190.218:9642,ssl:10.0.200.115:9642 --nb-client-privkey /ovn-cert/tls.key --nb-client-cert /ovn-cert/tls.crt --nb-client-cacert /ovn-ca/ca-bundle.crt --nb-cert-common-name ovn --sb-client-privkey /ovn-cert/tls.key --sb-client-cert /ovn-cert/tls.crt --sb-client-cacert /ovn-ca/ca-bundle.crt --sb-cert-common-name ovn --config-file=/run/ovnkube-config/ovnkube.conf --loglevel 4 --inactivity-probe=30000 --gateway-mode local --gateway-interface br-ex --metrics-bind-address 127.0.0.1:29103

Comment 4 zhaozhanqi 2020-10-10 03:47:39 UTC
According to comment 2. this original issue for this bug should be fixed.  since we have another bug 1880591 trace the upgrade issue. 

Move this bug to 'verified', please correct me if I'm wrong.  thanks

Comment 5 Ross Brattain 2020-10-12 00:35:31 UTC
Looks like is actually fixed until after https://github.com/openshift/cluster-network-operator/pull/836 is merged.

Comment 6 Ross Brattain 2020-10-12 00:36:04 UTC
Looks like this is not actually fixed until after https://github.com/openshift/cluster-network-operator/pull/836 is merged.

Comment 8 Ross Brattain 2020-10-12 14:20:45 UTC
Original PR was verified.  Adding qe_test_coverage flag to track continued testing.

Comment 10 errata-xmlrpc 2020-10-27 16:44:57 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:4196


Note You need to log in before you can comment on or make changes to this bug.