Bug 1953257 - Multiple EgressIPs per node for one namespace when "oc get hostsubnet"
Summary: Multiple EgressIPs per node for one namespace when "oc get hostsubnet"
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.8
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
: 4.8.0
Assignee: Alexander Constantinescu
QA Contact: huirwang
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-04-25 02:00 UTC by huirwang
Modified: 2021-07-27 23:03 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-07-27 23:03:30 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift sdn pull 295 0 None open Bug 1953257: Fix invalid egress IP assignments in sdn-controller 2021-04-29 13:03:14 UTC
Red Hat Product Errata RHSA-2021:2438 0 None None None 2021-07-27 23:03:47 UTC

Description huirwang 2021-04-25 02:00:10 UTC
Description of problem:
There are multiple EgressIPs displaying when "oc get hostsubnet", per one namespace per one node

Version-Release number of selected component (if applicable):
4.8.0-0.nightly-2021-04-24-175929

How reproducible:
Always

Steps to Reproduce:
1. Patch two EgressCIDRs to two nodes.

2. Patch 3 EgressIPs to one namespace

3. Check result for "oc get hostsubnet"

Actual results:

For node hrw-0425a-79mdc-worker-sbfdg, there are two EgressIPs displaying and both of them are for same namespace test.
oc get netnamespace test
NAME   NETID     EGRESS IPS
test   5451022   ["172.31.249.201","172.31.249.202","172.31.249.203"]

oc get hostsubnet
NAME                           HOST                           HOST IP          SUBNET          EGRESS CIDRS          EGRESS IPS
hrw-0425a-79mdc-master-0       hrw-0425a-79mdc-master-0       172.31.249.158   10.129.0.0/23                         
hrw-0425a-79mdc-master-1       hrw-0425a-79mdc-master-1       172.31.249.222   10.130.0.0/23                         
hrw-0425a-79mdc-master-2       hrw-0425a-79mdc-master-2       172.31.249.196   10.128.0.0/23                         
hrw-0425a-79mdc-worker-2866m   hrw-0425a-79mdc-worker-2866m   172.31.249.165   10.131.0.0/23                         
hrw-0425a-79mdc-worker-8gm9m   hrw-0425a-79mdc-worker-8gm9m   172.31.249.238   10.128.2.0/23   ["172.31.249.0/24"]   ["172.31.249.203"]
hrw-0425a-79mdc-worker-sbfdg   hrw-0425a-79mdc-worker-sbfdg   172.31.249.94    10.129.2.0/23   ["172.31.249.0/24"]   ["172.31.249.201","172.31.249.202"]

Expected results:
Should only display one EgressIP per node per namespace.

Additional info:

Note: If debug to the node, actually it is only one EgressIP assigned which is expected. But above displaying issue will also cause confusion.

oc debug node/hrw-0425a-79mdc-worker-sbfdg
Starting pod/hrw-0425a-79mdc-worker-sbfdg-debug ...
To use host binaries, run `chroot /host`
Pod IP: 172.31.249.94
If you don't see a command prompt, try pressing enter.
sh-4.4# ip a show ens192
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:50:56:ac:17:7d brd ff:ff:ff:ff:ff:ff
    inet 172.31.249.94/23 brd 172.31.249.255 scope global dynamic noprefixroute ens192
       valid_lft 4816sec preferred_lft 4816sec
    inet 172.31.249.201/23 brd 172.31.249.255 scope global secondary ens192:eip
       valid_lft forever preferred_lft forever
    inet6 fe80::ae93:5582:6477:5654/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

Comment 5 errata-xmlrpc 2021-07-27 23:03:30 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:2438


Note You need to log in before you can comment on or make changes to this bug.