Bug 1942856
| Summary: | Unable to assign nodes for EgressIP even if the egress-assignable label is set | |||
|---|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Jonas Nordell <jnordell> | |
| Component: | Networking | Assignee: | Alexander Constantinescu <aconstan> | |
| Networking sub component: | ovn-kubernetes | QA Contact: | huirwang | |
| Status: | CLOSED ERRATA | Docs Contact: | ||
| Severity: | medium | |||
| Priority: | unspecified | CC: | aacostab, aconstan, anbhat, astoycos, cpassare, danw, nchoudhu, oarribas | |
| Version: | 4.6 | |||
| Target Milestone: | --- | |||
| Target Release: | 4.8.0 | |||
| Hardware: | All | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | Bug Fix | ||
| Doc Text: |
Cause:
Fire-walling blocking connectivity on port 9 between master nodes and egress-assigned nodes
Consequence:
Egress IP assignment does not occur since the health check detection in ovnkube-master detects a non-reachable node, due to the firewall.
Fix:
Enable access between master nodes and egress-assignable nodes on port 9
Result:
Egress IP will get assigned.
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 1959737 (view as bug list) | Environment: | ||
| Last Closed: | 2021-07-27 22:55:38 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1959737 | |||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2438 FTR, customers are NOT supposed to have to open port 9, and I have filed a bug about that. https://bugzilla.redhat.com/show_bug.cgi?id=2002657 |
Description of problem: EgressIP fails to be assigned to any node with the error "NoMatchingNodeFound" even if there are nodes that carry the needed label "k8s.ovn.org/egress-assignable" Version-Release number of selected component (if applicable): RHOCP 4.6.19 How reproducible: Only in customer environment Steps to Reproduce: 1. Label nodes "oc label node/<node name> k8s.ovn.org/egress-assignable="" 2. Create EIP object 3. Actual results: Egress should be assigned to a node with the label Expected results: ovnkube-master container logs the following error message I0325 08:02:39.751975 1 event.go:278] Event(v1.ObjectReference{Kind:"EgressIP", Namespace:"", Name:"egress-test-project", UID:"", APIVersion:"", ResourceVersion:"", FieldPath:""}): type: 'Warning' reason: 'NoMatchingNodeFound' no assignable nodes for EgressIP: egress-test-project, please tag at least one node with label: k8s.ovn.org/egress-assignable Additional info: