Bug 2012902 - Neutron Ports assigned to Completed Pods are not reused Edit
Summary: Neutron Ports assigned to Completed Pods are not reused Edit
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.9
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.10.0
Assignee: Maysa Macedo
QA Contact: Itay Matza
URL:
Whiteboard:
Depends On:
Blocks: 2013017
TreeView+ depends on / blocked
 
Reported: 2021-10-11 14:48 UTC by Maysa Macedo
Modified: 2022-03-10 16:19 UTC (History)
0 users

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-03-10 16:18:42 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift kuryr-kubernetes pull 577 0 None open Bug 2012902: Include port fix 2021-10-11 14:51:45 UTC
Red Hat Product Errata RHSA-2022:0056 0 None None None 2022-03-10 16:19:10 UTC

Description Maysa Macedo 2021-10-11 14:48:44 UTC
Description of problem:

Currently Kuryr is not reusing the Neutron Port that is assigned to a Pod with status Completed. This results is resource wastage, making the Number of Ports to increase. The issue was caused by Kuryr considering the Pod as not scheduled and consequently making the event to be skipped.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 6 Itay Matza 2021-10-21 06:27:28 UTC
Verified in OCP 4.10.0-0.nightly-2021-10-16-173656 with Kury on top of OSP RHOS-16.1-RHEL-8-20210916.n.0.

Verification steps:

## When a pod is in 'Completed' state, the Neutron port assigned to it remains in 'Active' state:
>$ oc get pods -n openshift-kube-apiserver -o wide | grep "NAME\|Completed" | head -n 2
>NAME                                       READY   STATUS      RESTARTS   AGE     IP              NODE                    NOMINATED NODE   READINESS GATES
>installer-10-ostest-sccdp-master-0         0/1     Completed   0          18h     10.128.89.131   ostest-sccdp-master-0   <none>           <none>

>$ openstack port list | grep "Name\|10.128.89.131"
>| ID                                   | Name                                            | MAC Address       | Fixed IP Addresses                                                                     | Status |
>| 8b6db073-f109-4b9d-b478-6664ffe11aa2 |                                                 | fa:16:3e:ee:f1:c4 | ip_address='10.128.89.131', subnet_id='57b279bc-259e-4a01-832d-581c6f780042'           | ACTIVE |


## Ports are reassigned to a new Pod if the namespace and the node are the same as the 'Completed' Pod:
>$ oc get pods -n openshift-kube-apiserver -o wide | grep "NAME\|10.128.89.131"
>NAME                                       READY   STATUS      RESTARTS   AGE     IP              NODE                    NOMINATED NODE   READINESS GATES
>demo-7897db69cc-d2wlp                      1/1     Running     0          4h50m   10.128.89.131   ostest-sccdp-master-0   <none>           <none>
>installer-10-ostest-sccdp-master-0         0/1     Completed   0          18h     10.128.89.131   ostest-sccdp-master-0   <none>           <none>
>installer-11-ostest-sccdp-master-0         0/1     Completed   0          15h     10.128.89.131   ostest-sccdp-master-0   <none>           <none>
>installer-12-ostest-sccdp-master-0         0/1     Completed   0          13h     10.128.89.131   ostest-sccdp-master-0   <none>           <none>
>installer-8-ostest-sccdp-master-0          0/1     Completed   0          19h     10.128.89.131   ostest-sccdp-master-0   <none>           <none>
>revision-pruner-10-ostest-sccdp-master-0   0/1     Completed   0          18h     10.128.89.131   ostest-sccdp-master-0   <none>           <none>
>revision-pruner-11-ostest-sccdp-master-0   0/1     Completed   0          15h     10.128.89.131   ostest-sccdp-master-0   <none>           <none>
>revision-pruner-12-ostest-sccdp-master-0   0/1     Completed   0          13h     10.128.89.131   ostest-sccdp-master-0   <none>           <none>
>revision-pruner-8-ostest-sccdp-master-0    0/1     Completed   0          19h     10.128.89.131   ostest-sccdp-master-0   <none>           <none>
>revision-pruner-9-ostest-sccdp-master-0    0/1     Completed   0          18h     10.128.89.131   ostest-sccdp-master-0   <none>           <none>


## Verify in several different namespaces - deploy new "demo" pods and make sure that ports of 'Completed' Pods are reassigned. Using the following sh:

```
completed_pods_addresses=$(oc get pods -A -o wide | grep Completed | awk '{print $7}' | grep -v "ago")
running_pods_addresses=$(oc get pods -A -o wide | grep Running | awk '{print $7}' | grep -v "ago")
openstack port list > osp_port_list
for completed_address in $completed_pods_addresses
do
        cat osp_port_list | grep $completed_address
        for running_address in $running_pods_addresses
        do
                if [ "$completed_address" == "$running_address" ]
                then
                        echo "Reused port found! The port with the following ip address - ${completed_address}."
                fi
        done
done
```

Comment 9 errata-xmlrpc 2022-03-10 16:18:42 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056


Note You need to log in before you can comment on or make changes to this bug.