Description of problem: Using EgressRouter CR[1] to create EgressRouter pod, pod is created but not running state, and found openshift.io/scc: restricted when "oc get pod egress-router-cni-deployment-f8c4998d9-jppkn -o yaml" Before v4.8, we need create NAD and EgressRouter separately, after EgressRouter is Rnning, openshift.io/scc: privileged when "oc get pod egress-router-pod -o yaml" Not sure the setting for openshift.io/scc will cause EgressRouter pod failed. Version-Release number of selected component (if applicable): 4.8.0-0.nightly-2021-06-03-221810 How reproducible: Always Steps to Reproduce: 1. oc create -f https://raw.githubusercontent.com/weliang1/Openshift_Networking/master/Features/EgressRouter/test2.yaml 2. oc get all 3. oc get pod egress-router-cni-deployment-f8c4998d9-jppkn -o yam Actual results: egress-router-cni-deployment-f8c4998d9-jppkn can not be Running Expected results: egress-router-cni-deployment-f8c4998d9-jppkn should be in Running state Additional info: [1] https://github.com/openshift/egress-router-cni/blob/d9d715819fda56a83b0c52f5ff59741786b3bc63/docs/content/post/cno_controller.md
Created attachment 1789379 [details] CRD generated POD
Created attachment 1789380 [details] manual created yaml
Tested and verified in 4.8.0-0.nightly-2021-06-09-095212 [weliang@weliang Config]$ oc get all NAME READY STATUS RESTARTS AGE pod/ovn-egressrouter-redirect-pod 1/1 Running 0 4m48s pod/test-pod-6686bd4977-4trt5 1/1 Running 0 4m29s pod/test-pod-6686bd4977-5f4f9 1/1 Running 0 4m29s pod/test-pod-6686bd4977-5wm2j 1/1 Running 0 4m29s pod/test-pod-6686bd4977-l2p5q 1/1 Running 0 4m29s pod/test-pod-6686bd4977-xx4gh 1/1 Running 0 4m29s pod/test-pod-6686bd4977-zxn4f 1/1 Running 0 4m29s NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/ovn-egressrouter-redirect-svc ClusterIP 172.30.222.10 <none> 80/TCP 4m35s NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/test-pod 6/6 6 6 4m30s NAME DESIRED CURRENT READY AGE replicaset.apps/test-pod-6686bd4977 6 6 6 4m30s [weliang@weliang Config]$
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:2438