Bug 1969626 - Portfoward stream cleanup can cause kubelet to panic
Summary: Portfoward stream cleanup can cause kubelet to panic
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Node
Version: 4.8
Hardware: Unspecified
OS: Unspecified
urgent
high
Target Milestone: ---
: 4.8.0
Assignee: Elana Hashman
QA Contact: Sunil Choudhary
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-06-08 18:47 UTC by Elana Hashman
Modified: 2021-07-27 23:12 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-07-27 23:12:15 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github kubernetes kubernetes issues 102480 0 None closed kubelet: Panic on portforward streams 2021-06-08 18:47:53 UTC
Github openshift kubernetes pull 796 0 None open Bug 1969626: UPSTREAM: 102587: kubelet: Revert "Cleanup portforward streams after their usage" 2021-06-08 18:51:25 UTC
Red Hat Product Errata RHSA-2021:2438 0 None None None 2021-07-27 23:12:29 UTC

Description Elana Hashman 2021-06-08 18:47:20 UTC
Description of problem: See https://github.com/kubernetes/kubernetes/issues/102480

Backport patch https://github.com/kubernetes/kubernetes/commit/b14bd44f33d93e1ee64c1d68fa7591d79eac5893 from 1.21.1 needs to be reverted (i.e. take https://github.com/kubernetes/kubernetes/pull/102587)


Version-Release number of selected component (if applicable): OpenShift 4.8 as of 1.21.1 rebase


How reproducible:

Not reproducible in OpenShift because CRI-O does not vendor Kubernetes 1.21.1 yet: https://github.com/cri-o/cri-o/blob/478f49d4f5e005226ac7460edcb2ed21d804960f/go.mod#L99

Believe this only affects dockershim currently.

Containerd also has not yet updated code to the affected version: https://github.com/containerd/containerd/blob/261c107ffc4ff681bc73988f64e3f60c32233b37/pkg/cri/streaming/portforward/httpstream.go#L171

We want to back this out ASAP just to be safe.


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Elana Hashman 2021-06-08 19:29:33 UTC
Note: OpenShift 4.7 and 4.6 are not affected, did not take the backports.

Comment 2 Elana Hashman 2021-06-08 19:30:43 UTC
Not a release blocker because as far as we know there's no impact on OpenShift/CRI-O. This is a proactive backport of the upstream fix/revert before 4.8 freeze.

Comment 7 errata-xmlrpc 2021-07-27 23:12:15 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:2438


Note You need to log in before you can comment on or make changes to this bug.