Description of problem: "*/networks:" annotations should allow referring to the "openshift-multus" namespace. How reproducible: always. Steps to Reproduce: 1. Create a net-attach-def in openshift-multus 2. Create a pod in the default namespace with an annotation that refers to */networks: openshift-multus/foo Actual results: Pod doesn't create, cannot access net-attach-def. Expected results: Pod created successfully. Reasoning: It's untenable to have all net-attach-defs as managed by operators living in the default namespace.
Verified this bug on 4.8.0-0.nightly-2021-05-10-002052 # oc get net-attach-def -n openshift-multus NAME AGE mlx277-netdevice 25h cat pod.yaml apiVersion: v1 kind: Pod metadata: generateName: testpod1 namespace: z1 labels: env: test annotations: k8s.v1.cni.cncf.io/networks: openshift-multus/mlx277-netdevice spec: containers: - name: test-pod image: quay.io/openshifttest/hello-sdn@sha256:d5785550cf77b7932b090fcd1a2625472912fb3189d5973f177a5a2c347a1f95 Create pod with above yaml Check the pod can be running # oc get pod -n z1 testpod1thswz -o yaml apiVersion: v1 kind: Pod metadata: annotations: k8s.ovn.org/pod-networks: '{"default":{"ip_addresses":["10.131.0.33/23"],"mac_address":"0a:58:0a:83:00:21","gateway_ips":["10.131.0.1"],"ip_address":"10.131.0.33/23","gateway_ip":"10.131.0.1"}}' k8s.v1.cni.cncf.io/network-status: |- [{ "name": "", "interface": "eth0", "ips": [ "10.131.0.33" ], "mac": "0a:58:0a:83:00:21", "default": true, "dns": {} },{ "name": "openshift-multus/mlx277-netdevice", "interface": "net1", "ips": [ "10.56.217.171" ], "mac": "2e:57:f6:8a:e8:8b", "dns": {}, "device-info": { "type": "pci", "version": "1.0.0", "pci": { "pci-address": "0000:5e:01.7" } } }] k8s.v1.cni.cncf.io/networks: openshift-multus/mlx277-netdevice k8s.v1.cni.cncf.io/networks-status: |- [{ "name": "", "interface": "eth0", "ips": [ "10.131.0.33" ], "mac": "0a:58:0a:83:00:21", "default": true, "dns": {} },{ "name": "openshift-multus/mlx277-netdevice", "interface": "net1", "ips": [ "10.56.217.171" ], "mac": "2e:57:f6:8a:e8:8b", "dns": {}, "device-info": { "type": "pci", "version": "1.0.0", "pci": { "pci-address": "0000:5e:01.7" } } }]
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2438