Hide Forgot
Description of problem: When ports are defined in `ports` field you cannot set `trunk: true` on a per-port basis like this: spec: metadata: providerSpec: value: (...) ports: - networkID: foo fixedIPs: - subnetID: bar trunk: true You have to do it using the option related to the whole machine but even then the ports defined on `ports` field won't have a corresponding trunk created. Version-Release number of selected component (if applicable): 4.8 How reproducible: Always Steps to Reproduce: 1. Try creating a Machine specifying `trunk: true` as a port property. 2. Wait for the machine to be created. Actual results: Trunk is not created for that port as that property does not exist in the CRD. Expected results: The property exists and is taken into account. Once this is fixed in 4.8 https://github.com/openshift/installer/pull/4957 can get reverted.
Confirmed as a bug, i.e. it has to be backported to 4.8.
Would
Suggested testing: Deploy cluster and test creation of networks with and without trunk settings anabled. Kuryr deployment is suggested for verification.
Checked with: OSP RHOS-16.1-RHEL-8-20210604.n.0 OCP 4.9.0-0.nightly-2021-08-02-145924 After installation with Kuryr created a new worker using the following machineset: apiVersion: machine.openshift.io/v1beta1 kind: MachineSet metadata: annotations: machine.openshift.io/memoryMb: "16384" machine.openshift.io/vCPU: "4" creationTimestamp: "2021-08-03T10:10:30Z" generation: 1 labels: machine.openshift.io/cluster-api-cluster: ostest-vq6vz machine.openshift.io/cluster-api-machine-role: worker machine.openshift.io/cluster-api-machine-type: worker name: ostest-vq6vz-worker-100 namespace: openshift-machine-api resourceVersion: "52886" uid: 3dbbf7d9-2054-442f-9eb8-802e38bba27b spec: replicas: 1 selector: matchLabels: machine.openshift.io/cluster-api-cluster: ostest-vq6vz machine.openshift.io/cluster-api-machineset: ostest-vq6vz-worker-100 template: metadata: labels: machine.openshift.io/cluster-api-cluster: ostest-vq6vz machine.openshift.io/cluster-api-machine-role: worker machine.openshift.io/cluster-api-machine-type: worker machine.openshift.io/cluster-api-machineset: ostest-vq6vz-worker-100 spec: metadata: {} providerSpec: value: apiVersion: openstackproviderconfig.openshift.io/v1alpha1 cloudName: openstack cloudsSecret: name: openstack-cloud-credentials namespace: openshift-machine-api flavor: m4.xlarge image: ostest-vq6vz-rhcos kind: OpenstackProviderSpec metadata: creationTimestamp: null ports: - allowedAddressPairs: - ipAddress: 10.196.0.5 - ipAddress: 10.196.0.7 fixedIPs: - subnetID: e8f6b8c0-923a-405b-a6d7-165b9a9885da nameSuffix: nodes networkID: 4e18aa5a-e0e4-4929-84b7-8a01240770ae securityGroups: - 1d58e5ef-7058-4d91-bff6-593f278fb52b trunk: true primarySubnet: e8f6b8c0-923a-405b-a6d7-165b9a9885da securityGroups: - filter: {} name: ostest-vq6vz-worker serverMetadata: Name: ostest-vq6vz-worker openshiftClusterID: ostest-vq6vz tags: - openshiftClusterID=ostest-vq6vz trunk: false userDataSecret: name: worker-user-data ( Used the following to get the current machineset and modified worker-0 to worker-100 , replaced the networks section with ports section and modifed to trunk: false $ oc get machineset -n openshift-machine-api $(oc get machineset -n openshift-machine-api |grep worker | awk '{print $1}') -o yaml > worker_machineset.yaml ) Get the nodes (shiftstack) [stack@undercloud-0 ~]$ oc get nodes NAME STATUS ROLES AGE VERSION ostest-vq6vz-master-0 Ready master 121m v1.21.1+8268f88 ostest-vq6vz-master-1 Ready master 121m v1.21.1+8268f88 ostest-vq6vz-master-2 Ready master 122m v1.21.1+8268f88 ostest-vq6vz-worker-0-dsdg7 Ready worker 106m v1.21.1+8268f88 ostest-vq6vz-worker-0-kggv9 Ready worker 103m v1.21.1+8268f88 ostest-vq6vz-worker-0-z7gvv Ready worker 106m v1.21.1+8268f88 ostest-vq6vz-worker-100-h42tn Ready worker 55m v1.21.1+8268f88 Created the following deployment and service (shiftstack) [stack@undercloud-0 ~]$ cat deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: demo labels: app: demo spec: replicas: 4 selector: matchLabels: app: demo template: metadata: labels: app: demo spec: containers: - name: demo image: kuryr/demo ports: - containerPort: 8080 (shiftstack) [stack@undercloud-0 ~]$ cat svc.yaml apiVersion: v1 kind: Service metadata: name: demo labels: app: demo spec: selector: app: demo ports: - port: 80 protocol: TCP targetPort: 8080 Check that there is a pod on the new node $ oc get pods -o wide NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES demo-66cdc7b66-95md6 1/1 Running 0 26s 10.128.79.92 ostest-vq6vz-worker-0-dsdg7 <none> <none> demo-66cdc7b66-v4qpz 1/1 Running 0 26s 10.128.78.249 ostest-vq6vz-worker-0-kggv9 <none> <none> demo-66cdc7b66-vlrkc 1/1 Running 0 26s 10.128.79.72 ostest-vq6vz-worker-0-z7gvv <none> <none> demo-66cdc7b66-zhhnm 1/1 Running 0 26s 10.128.78.117 ostest-vq6vz-worker-100-h42tn <none> <none> Get the service (shiftstack) [stack@undercloud-0 ~]$ oc get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE demo ClusterIP 172.30.229.23 <none> 80/TCP 31s kubernetes ClusterIP 172.30.0.1 <none> 443/TCP 74m openshift ExternalName <none> kubernetes.default.svc.cluster.local <none> 65m Check that the pods on the new worker responds (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-95md6: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-vlrkc: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-v4qpz: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-v4qpz: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-vlrkc: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-vlrkc: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-v4qpz: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-95md6: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-vlrkc: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-95md6: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-vlrkc: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-v4qpz: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-95md6: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-zhhnm: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-zhhnm: HELLO! I AM ALIVE!!! (shiftstack) [stack@undercloud-0 ~]$ oc exec -it demo-66cdc7b66-95md6 -- curl 172.30.229.23 demo-66cdc7b66-95md6: HELLO! I AM ALIVE!!!
Also created a new machineset (After deleting the previous worker) ports: - allowedAddressPairs: - ipAddress: 10.196.0.5 - ipAddress: 10.196.0.7 fixedIPs: - subnetID: e8f6b8c0-923a-405b-a6d7-165b9a9885da nameSuffix: nodes networkID: 4e18aa5a-e0e4-4929-84b7-8a01240770ae securityGroups: - 1d58e5ef-7058-4d91-bff6-593f278fb52b trunk: true - networkID: 37f2ecac-df2f-4585-a293-5076ba1b1442 nameSuffix: net1 fixedIPs: - subnetID: f5a61a6c-624a-4b5c-9624-49543d2427e1 trunk: false Verified that only one trunk was created (shiftstack) [stack@undercloud-0 ~]$ openstack network trunk list +--------------------------------------+------------------------------------------------------------------+--------------------------------------+--------------------------------+ | ID | Name | Parent Port | Description | +--------------------------------------+------------------------------------------------------------------+--------------------------------------+--------------------------------+ | 4219bab4-7fa7-4eff-a91d-30807e055bb5 | ostest-vq6vz-master-trunk-0 | 2003cc24-6015-4450-b35c-03f095e6de0f | Created By OpenShift Installer | | 4df06d04-9d40-4ebd-8e08-76363eb485b4 | ostest-vq6vz-master-trunk-2 | 728e4cde-539d-48a6-99c7-59fd7b8d6a5b | Created By OpenShift Installer | | 880f9240-573d-4025-a89c-ca6f4b5a3a99 | ostest-vq6vz-worker-0-dsdg7-e8f6b8c0-923a-405b-a6d7-165b9a9885da | 1497db2f-bebd-4e17-8cf3-e23f96135f04 | | | b1137145-ab09-4b8d-b93f-a29f004c1241 | ostest-vq6vz-worker-0-z7gvv-e8f6b8c0-923a-405b-a6d7-165b9a9885da | 30f595ce-c02b-46bc-9765-77ba1aacc6d8 | | | b9b8272c-71c6-4a82-896f-b64475a37ad5 | ostest-vq6vz-master-trunk-1 | 928e56f1-8788-43c2-a2d2-91a1eb0b0882 | Created By OpenShift Installer | | e1139bfd-de0d-41f1-bdbb-6fcab71daef7 | ostest-vq6vz-worker-101-tvqqw-nodes | ccc3fef4-1fe1-4601-85c3-bf64aa364a2d | | | efe09839-bfc5-44f7-962e-3ab3ab62ebec | ostest-vq6vz-worker-0-kggv9-e8f6b8c0-923a-405b-a6d7-165b9a9885da | 454f023b-79f0-4bc8-9a76-5a66302fee9d | | +--------------------------------------+------------------------------------------------------------------+--------------------------------------+--------------------------------+
@itbrown Would you be able to +1 a docs change for this? https://github.com/openshift/openshift-docs/pull/36911
Done
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759