Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1922146

Summary: Egress Router CNI doesn't have logging support.
Product: OpenShift Container Platform Reporter: Daniel Mellado <dmellado>
Component: NetworkingAssignee: Ben Bennett <bbennett>
Networking sub component: ovn-kubernetes QA Contact: Anurag saxena <anusaxen>
Status: CLOSED ERRATA Docs Contact:
Severity: medium    
Priority: unspecified CC: weliang
Version: 4.7   
Target Milestone: ---   
Target Release: 4.7.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-02-24 15:57:13 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Daniel Mellado 2021-01-29 10:58:30 UTC 
Description of problem:
Egress Router CNI is not logging results, so every warning or error gets to CRI-O output.


Expected results:
To have logging to a file or stdout in a specific format, such as 

2021-01-21T16:50:44+01:00 [debug] Called CNI ADD
2021-01-21T16:50:44+01:00 [debug] Gateway: 192.168.10.254
2021-01-21T16:50:44+01:00 [debug] IP Source Addresses: [192.168.10.99/24]
2021-01-21T16:50:44+01:00 [debug] IP Destinations: [10.0.3.0/32]
2021-01-21T16:50:44+01:00 [debug] Created macvlan interface
2021-01-21T16:50:44+01:00 [debug] Renamed macvlan to "net1"
2021-01-21T16:50:44+01:00 [debug] Added iptables rule: iptables -t nat PREROUTING -i eth0 -j DNAT --to-destination 10.0.3.0
2021-01-21T16:50:44+01:00 [debug] Added iptables rule: iptables -t nat -o net1 -j SNAT --to-source 192.168.10.99
Comment 2 Weibin Liang 2021-02-01 19:56:06 UTC 
sh-4.4# journalctl -u crio



Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] Called CNI ADD
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] Gateway: 10.0.128.1
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] IP Source Addresses: [10.0.139.75/24]
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] IP Destinations: [172.217.7.206/32]
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] Created macvlan interface
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] Renamed macvlan to "net1"
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] Added iptables rule: iptables -t nat PREROUTING -i eth0 -j DNAT >
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [debug] Added iptables rule: iptables -t nat -o net1 -j SNAT --to-source>
Feb 01 19:42:30 ip-10-0-139-74 crio[1626]: 2021-02-01T19:42:30Z [verbose] Add: test-ovn-egressrouter-redirect:ovn-egressrouter-redirect->

[weliang@weliang verification-tests]$ oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.7.0-0.nightly-2021-02-01-135829   True        False         21m     Cluster version is 4.7.0-0.nightly-2021-02-01-135829
[weliang@weliang verification-tests]$
Comment 5 errata-xmlrpc 2021-02-24 15:57:13 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:5633