Bug 1922146 - Egress Router CNI doesn't have logging support.
Summary: Egress Router CNI doesn't have logging support.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.7
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 4.7.0
Assignee: Ben Bennett
QA Contact: Anurag saxena
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-01-29 10:58 UTC by Daniel Mellado
Modified: 2021-02-24 15:57 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-02-24 15:57:13 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift egress-router-cni pull 28 0 None closed Bug 1922146: Add proper logging to Egress Router CNI 2021-02-04 23:06:07 UTC
Red Hat Product Errata RHSA-2020:5633 0 None None None 2021-02-24 15:57:31 UTC

Description Daniel Mellado 2021-01-29 10:58:30 UTC
Description of problem:
Egress Router CNI is not logging results, so every warning or error gets to CRI-O output.


Expected results:
To have logging to a file or stdout in a specific format, such as 

2021-01-21T16:50:44+01:00 [debug] Called CNI ADD
2021-01-21T16:50:44+01:00 [debug] Gateway: 192.168.10.254
2021-01-21T16:50:44+01:00 [debug] IP Source Addresses: [192.168.10.99/24]
2021-01-21T16:50:44+01:00 [debug] IP Destinations: [10.0.3.0/32]
2021-01-21T16:50:44+01:00 [debug] Created macvlan interface
2021-01-21T16:50:44+01:00 [debug] Renamed macvlan to "net1"
2021-01-21T16:50:44+01:00 [debug] Added iptables rule: iptables -t nat PREROUTING -i eth0 -j DNAT --to-destination 10.0.3.0
2021-01-21T16:50:44+01:00 [debug] Added iptables rule: iptables -t nat -o net1 -j SNAT --to-source 192.168.10.99

Comment 2 Weibin Liang 2021-02-01 19:56:06 UTC
sh-4.4# journalctl -u crio



Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] Called CNI ADD
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] Gateway: 10.0.128.1
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] IP Source Addresses: [10.0.139.75/24]
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] IP Destinations: [172.217.7.206/32]
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] Created macvlan interface
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] Renamed macvlan to "net1"
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] Added iptables rule: iptables -t nat PREROUTING -i eth0 -j DNAT >
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] Added iptables rule: iptables -t nat -o net1 -j SNAT --to-source>
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [verbose] Add: test-ovn-egressrouter-redirect:ovn-egressrouter-redirect->

[weliang@weliang verification-tests]$ oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.7.0-0.nightly-2021-02-01-135829   True        False         21m     Cluster version is 4.7.0-0.nightly-2021-02-01-135829
[weliang@weliang verification-tests]$

Comment 5 errata-xmlrpc 2021-02-24 15:57:13 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5633


Note You need to log in before you can comment on or make changes to this bug.