Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1908570

Summary: Host network will lost the connection to api service when enable the ovs-HW-offload
Product: OpenShift Container Platform Reporter: zhaozhanqi <zzhao>
Component: NetworkingAssignee: zenghui.shi <zshi>
Networking sub component: ovn-kubernetes QA Contact: zhaozhanqi <zzhao>
Status: CLOSED DUPLICATE Docs Contact:
Severity: high    
Priority: high CC: aconstan, anbhat, bbennett, dosmith, mleitner, pliu, zshi
Version: 4.7   
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-01-11 04:37:23 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
ovs-vswitchd logs none

Description zhaozhanqi 2020-12-17 03:54:42 UTC 
Created attachment 1739861 [details]
ovs-vswitchd logs

Description of problem:
When enable the feature ovs-hw-offload, the worker will cannot access the kube api (172.30.0.1:443)

Version-Release number of selected component (if applicable):
4.7.0-0.nightly-2020-12-14-165231
sriov-network-operator.4.7.0-202012161545.p0

How reproducible:
always

Steps to Reproduce:
1. Setup the baremetal cluster and make the Mallanox cx5 card nic as the default network api
2. install 4.7 sriov operator
3. Enable the ovs-hw-offload feature by
oc patch -n openshift-sriov-network-operator sriovoperatorconfigs.sriovnetwork.openshift.io default --type='merge' --patch '{"spec":{"enableOvsOffload":true}}'
4. Create the following policy

piVersion: sriovnetwork.openshift.io/v1
kind: SriovNetworkNodePolicy
metadata:
  name: policy-mlx
  namespace: openshift-sriov-network-operator
spec:
  deviceType: netdevice
  mtu: 1500
  nicSelector:
    deviceID: "1017"
    rootDevices:
    - 0000:b0:00.0
    vendor: "15b3"
    pfNames:
    - ens801f0
  nodeSelector:
    feature.node.kubernetes.io/network-sriov.capable: "true"
  eSwitchMode: "switchdev"
  numVfs: 4
  priority: 5
  resourceName: mlxnics

5. check the node will be always scheduledisable and node cannot be accessed to 172.30.0.1:443
6. Check the ovs-vswitch logs 

Actual results:

please see the attachment for ovs-vswitch logs

Expected results:


Additional info:
Comment 5 zhaozhanqi 2021-01-07 10:34:58 UTC 
remove 'testblocker' keyword since this feature can be tested on version 4.7.0-202101051754.p0 by workaround
Comment 6 zenghui.shi 2021-01-19 02:14:56 UTC 
*** Bug 1914065 has been marked as a duplicate of this bug. ***
Comment 8 zenghui.shi 2022-01-11 04:37:23 UTC 
This issue was fixed in kernel with bz#1992230, additional information can be found in bz#1961063
marking duplicated to bz#1961063.

*** This bug has been marked as a duplicate of bug 1961063 ***