Bug 1952914
| Summary: | LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath | |||
|---|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Aravindh Puthiyaparambil <aravindh> | |
| Component: | Windows Containers | Assignee: | Aravindh Puthiyaparambil <aravindh> | |
| Status: | CLOSED ERRATA | QA Contact: | Ronnie Rasouli <rrasouli> | |
| Severity: | high | Docs Contact: | ||
| Priority: | high | |||
| Version: | 4.7 | CC: | aos-bugs, chernand, rrasouli | |
| Target Milestone: | --- | |||
| Target Release: | 4.8.0 | |||
| Hardware: | x86_64 | |||
| OS: | Windows | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | Bug Fix | ||
| Doc Text: |
Cause: empty IP address value in the load balancer ingress IP field is breaking the data path.
Consequence: Kube proxy doesn't honor the ingress IP address being empty and plumbs an invalid HNS policy.
Fix: The fix prevents the plumbing of such invalid HNS policy.
Result: Data path is no longer broken
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 1952917 (view as bug list) | Environment: | ||
| Last Closed: | 2021-08-03 20:29:16 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1952917 | |||
*** Bug 1883628 has been marked as a duplicate of this bug. *** Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: Red Hat OpenShift Container Platform for Windows Containers 3.0.0 security and bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3001 |
Verified on Server Version: 4.8.0-0.nightly-2021-04-24-234710 Service is accessible on port 80 [cloud-user@PSI-VM ~]> get all': oc get all NAME READY STATUS RESTARTS AGE pod/linux-webserver-7bbd7888f9-dhstg 1/1 Running 0 4m24s pod/win-webserver-549cd7495d-27r2z 1/1 Running 0 4m25s pod/windows-machine-config-operator-758d956b55-2kd4n 1/1 Running 0 61m NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/linux-webserver LoadBalancer 172.30.94.81 a58f90c7b7dc24962a45b2bc804a061e-830460262.us-east-2.elb.amazonaws.com 8080:32183/TCP 4m25s service/win-webserver LoadBalancer 172.30.220.105 ad2c56da58c8443d9b1a04bbe71fea4b-1299429112.us-east-2.elb.amazonaws.com 80:30189/TCP 4m25s service/windows-exporter ClusterIP 172.30.197.228 <none> 9182/TCP 61m NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/linux-webserver 1/1 1 1 4m26s deployment.apps/win-webserver 1/1 1 1 4m26s deployment.apps/windows-machine-config-operator 1/1 1 1 61m NAME DESIRED CURRENT READY AGE replicaset.apps/linux-webserver-7bbd7888f9 1 1 1 4m26s replicaset.apps/win-webserver-549cd7495d 1 1 1 4m26s replicaset.apps/windows-machine-config-operator-758d956b55 1 1 1 61m [cloud-user@PSI-VM ~]>curl ad2c56da58c8443d9b1a04bbe71fea4b-1299429112.us-east-2.elb.amazonaws.com <html><body><H1>Windows Container Web Server</H1></body></html>[cloud-user@PSI-VM ~]>oc exec pod/win-webserver-549cd7495d-27r2z -- curl 172.30.220.105 % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 63 100 63 0 0 63 0 0:00:01 --:--:-- 0:00:01 63000<html><body><H1>Windows Container Web Server</H1></body></html> [cloud-user@PSI-VM ~]>oc exec pod/linux-webserver-7bbd7888f9-dhstg -- curl 172.30.220.105 % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 63 100 63 0 0 15750 0 --:--:-- --:--:-- --:--:-- 15750<html><body><H1>Windows Container Web Server</H1></body></html>