2004609 – output of "crictl inspectp" is not complete

Bug 2004609 - output of "crictl inspectp" is not complete

Summary: output of "crictl inspectp" is not complete

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Node
Sub Component:
Version:	4.9
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	4.10.0
Assignee:	Peter Hunt
QA Contact:	MinLi
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2004961
TreeView+	depends on / blocked

Reported:	2021-09-15 16:33 UTC by Riccardo Ravaioli
Modified:	2022-03-10 16:11 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Clones:	2004961 (view as bug list)
Environment:
Last Closed:	2022-03-10 16:10:53 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	cri-o cri-o pull 5313	0	None	Merged	server: set spec when dropping infra	2021-09-16 13:49:51 UTC
Red Hat Product Errata	RHSA-2022:0056	0	None	None	None	2022-03-10 16:11:36 UTC

Description Riccardo Ravaioli 2021-09-15 16:33:49 UTC

The output "crictl inspectp" doesn't seem as verbose as in the past. I don't see the full RuntimeSpec defined in https://github.com/cri-o/cri-o/blob/3e1f10b84f648ec90fc5c8b93a9b72db48eafcfa/server/sandbox_status.go#L90. 

In particular, I was looking for linux -> namespaces -> path where type=network, but I only see linux -> namespaces -> options:

$ crictl inspectp e005f65b60fac
{
  "status": {
    "id": "e005f65b60facdc3fc5cf16ce0b12585752e3277167b5331d988ea6f3a321203",
    "metadata": {
      "attempt": 0,
      "name": "client",
      "namespace": "default",
      "uid": "883f2916-ee22-4bc3-bf16-dc0ed7f05421"
    },
    "state": "SANDBOX_READY",
    "createdAt": "2021-09-15T08:48:23.676659042Z",
    "network": {
      "additionalIps": [],
      "ip": "10.128.10.8"
    },
    "linux": {
      "namespaces": {
        "options": {
          "ipc": "POD",
          "network": "POD",
          "pid": "CONTAINER",
          "targetId": ""
        }
      }
    },
    "labels": {
      "app": "client",
      "io.kubernetes.container.name": "POD",
      "io.kubernetes.pod.name": "client",
      "io.kubernetes.pod.namespace": "default",
      "io.kubernetes.pod.uid": "883f2916-ee22-4bc3-bf16-dc0ed7f05421"
    },
    "annotations": {
      "kubectl.kubernetes.io/last-applied-configuration": "{\"apiVersion\":\"v1\",\"kind\":\"Pod\",\"metadata\":{\"annotations\":{},\"labels\":{\"app\":\"client\"},\"name\":\"client\",\"namespace\":\"default\"},\"spec\":{\"containers\":[{\"args\":[\"sleep infinity;\"],\"command\":[\"/bin/bash\",\"-c\",\"--\"],\"image\":\"nicolaka/netshoot\",\"name\":\"mynginx-pod\"}]}}\n",
      "kubernetes.io/config.seen": "2021-09-15T08:48:23.332120046Z",
      "kubernetes.io/config.source": "api"
    },
    "runtimeHandler": ""
  },
  "info": {}
}



On the other hand, I can see the more verbose output I was looking for when running:
- crictl ps  # select then a container ID
- crictl inspect $containerID

If this is indeed a bug, it would be nice to have the full output back when running "crictl inspectp".

Thanks!

Comment 1 Peter Hunt 2021-09-15 17:04:03 UTC

Fixed in the attached PR

Comment 2 Peter Hunt 2021-09-16 13:50:01 UTC

PR merged

Comment 6 MinLi 2021-10-26 03:43:13 UTC

fixed on 4.10.0-0.nightly-2021-10-23-225921

sh-4.4# crictl ps 
CONTAINER           IMAGE                                                                                                                    CREATED             STATE               NAME                                 ATTEMPT             POD ID
d558ff07896f7       docker.io/openshift/hello-openshift@sha256:aaea76ff622d2f8bcb32e538e7b3cd0ef6d291953f3e7c9f556c1ba5baf47e2e              3 minutes ago       Running             hello-openshift                      0                   515a96c198bed

sh-4.4# crictl inspectp 515a96c198bed
...
      "linux": {
        "sysctl": {
          "net.ipv4.ping_group_range": "0 2147483647"
        },
        "resources": {
          "devices": [
            {
              "allow": false,
              "access": "rwm"
            }
          ],
          "cpu": {
            "shares": 2
          }
        },
        "cgroupsPath": "kubepods-besteffort-poddaf7c427_8144_482a_8b17_0d94c4e1ac81.slice:crio:515a96c198bed078eefccd8d4acc005409f479fb9d3b1e888016b86f53be1de1",
        "namespaces": [
          {
            "type": "pid"
          },
          {
            "type": "network",
            "path": "/var/run/netns/4c5fd42e-79a1-489e-9a27-60043f52b042"
          },
          {
            "type": "ipc",
            "path": "/var/run/ipcns/4c5fd42e-79a1-489e-9a27-60043f52b042"
          },
          {
            "type": "uts",
            "path": "/var/run/utsns/4c5fd42e-79a1-489e-9a27-60043f52b042"
          },
          {
            "type": "mount"
          }
        ],
...

Comment 9 errata-xmlrpc 2022-03-10 16:10:53 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056

Note You need to log in before you can comment on or make changes to this bug.