2016334 – shiftstack: SRIOV nic reported as not supported

Bug 2016334 - shiftstack: SRIOV nic reported as not supported [NEEDINFO]

Summary: shiftstack: SRIOV nic reported as not supported

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Networking
Sub Component:
Version:	4.8
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	medium
Target Milestone:	---
Target Release:	4.10.0
Assignee:	Sebastian Scheinkman
QA Contact:	Ziv Greenberg
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	2016333 (view as bug list)
Depends On:
Blocks:	2049774
TreeView+	depends on / blocked

Reported:	2021-10-21 10:21 UTC by Victor Medina
Modified:	2022-03-10 16:21 UTC (History)
CC List:	12 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	Cause: Sriov webhook was blocking sriov policies on shift-stack environments (openshift on OpenStack) Consequence: the user was not able to create sriov network policies Fix: Fix the sriov webhook to read the OpenStack metadata and validate it with the policy Result: The user is able to create network policies on shift-stack allowing him to use PCI passthrow of virtual functions into the vms and then attach them to pods
Clone Of:
Clones:	2049774 (view as bug list)
Environment:
Last Closed:	2022-03-10 16:21:33 UTC
Target Upstream Version:
Embargoed:
Flags:	zgreenbe: needinfo? (zshi)

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	k8snetworkplumbingwg sriov-network-operator pull 198	None	Merged	Fix webhook for virtual workers	2021-11-10 18:32:33 UTC
Github	openshift sriov-network-operator pull 580	None	Merged	Sync upstream: 2021-11-5	2021-11-24 13:02:32 UTC
Red Hat Product Errata	RHSA-2022:0056	None	None	None	2022-03-10 16:21:54 UTC

Comment 5 zenghui.shi 2021-10-25 01:19:53 UTC

Victor, for the policy cannot be created issue, could you please provide the log of sriov-operator-webhook and sriovnetworknodestate CRs?

Comment 10 zenghui.shi 2021-10-25 12:38:58 UTC

*** Bug 2016333 has been marked as a duplicate of this bug. ***

Comment 21 zhaozhanqi 2021-11-26 01:50:43 UTC

Hi, Ziv
Could you help verify bug on Openshift deployed on openstack cluster ?

Comment 24 Ziv Greenberg 2022-02-02 12:37:33 UTC

Hello,

I was able to verify it and also created a dedicated dut pod with attached Intel X710 SR-IOV VF's:

(shiftstack) [cloud-user@installer-host ~]$ oc get clusterversions.config.openshift.io
NAME      VERSION                              AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.10.0-0.nightly-2022-01-31-012936   True        False         39h     Cluster version is 4.10.0-0.nightly-2022-01-31-012936
(shiftstack) [cloud-user@installer-host ~]$
(shiftstack) [cloud-user@installer-host ~]$
(shiftstack) [cloud-user@installer-host ~]$
(shiftstack) [cloud-user@installer-host ~]$  oc get csv -n openshift-sriov-network-operator
NAME                                         DISPLAY                      VERSION               REPLACES   PHASE
performance-addon-operator.v4.9.5            Performance Addon Operator   4.9.5                            Succeeded
sriov-network-operator.4.10.0-202201310820   SR-IOV Network Operator      4.10.0-202201310820              Succeeded
(shiftstack) [cloud-user@installer-host ~]$
(shiftstack) [cloud-user@installer-host ~]$
(shiftstack) [cloud-user@installer-host ~]$
(shiftstack) [cloud-user@installer-host ~]$ oc get all -n openshift-sriov-network-operator
NAME                                          READY   STATUS    RESTARTS   AGE
pod/network-resources-injector-c4w2r          1/1     Running   0          19m
pod/network-resources-injector-fqhch          1/1     Running   0          19m
pod/network-resources-injector-l9vsl          1/1     Running   0          19m
pod/operator-webhook-bvfl6                    1/1     Running   0          19m
pod/operator-webhook-qr6j9                    1/1     Running   0          19m
pod/operator-webhook-wm4xx                    1/1     Running   0          19m
pod/sriov-device-plugin-qc29t                 1/1     Running   0          11m
pod/sriov-network-config-daemon-cf8gj         3/3     Running   0          19m
pod/sriov-network-config-daemon-csdrh         3/3     Running   0          19m
pod/sriov-network-operator-6d94cbc597-phvxs   1/1     Running   0          20m

NAME                                         TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)   AGE
service/network-resources-injector-service   ClusterIP   172.30.133.207   <none>        443/TCP   19m
service/operator-webhook-service             ClusterIP   172.30.181.240   <none>        443/TCP   19m

NAME                                         DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR                                                 AGE
daemonset.apps/network-resources-injector    3         3         3       3            3           beta.kubernetes.io/os=linux                                   19m
daemonset.apps/operator-webhook              3         3         3       3            3           beta.kubernetes.io/os=linux                                   19m
daemonset.apps/sriov-device-plugin           1         1         1       1            1           beta.kubernetes.io/os=linux,node-role.kubernetes.io/worker=   12m
daemonset.apps/sriov-network-config-daemon   2         2         2       2            2           beta.kubernetes.io/os=linux,node-role.kubernetes.io/worker=   19m

NAME                                     READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/sriov-network-operator   1/1     1            1           20m

NAME                                                DESIRED   CURRENT   READY   AGE
replicaset.apps/sriov-network-operator-6d94cbc597   1         1         1       20m
(shiftstack) [cloud-user@installer-host ~]$
(shiftstack) [cloud-user@installer-host ~]$
(shiftstack) [cloud-user@installer-host ~]$
(shiftstack) [cloud-user@installer-host ~]$ oc get pods
NAME           READY   STATUS    RESTARTS   AGE
dpdk-testpmd   1/1     Running   0          11m
(shiftstack) [cloud-user@installer-host ~]$
(shiftstack) [cloud-user@installer-host ~]$
(shiftstack) [cloud-user@installer-host ~]$
(shiftstack) [cloud-user@installer-host ~]$ oc logs dpdk-testpmd | grep 'Virtual Function'
0000:00:05.0 'Ethernet Virtual Function 700 Series 154c' drv=vfio-pci unused=
0000:00:06.0 'Ethernet Virtual Function 700 Series 154c' drv=vfio-pci unused=
0000:00:05.0 'Ethernet Virtual Function 700 Series 154c' drv=vfio-pci unused=
0000:00:06.0 'Ethernet Virtual Function 700 Series 154c' drv=vfio-pci unused=

Thanks,
Ziv

Comment 27 errata-xmlrpc 2022-03-10 16:21:33 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056

Note You need to log in before you can comment on or make changes to this bug.