2028963 – Whereabouts should reconcile stranded IP addresses

Bug 2028963 - Whereabouts should reconcile stranded IP addresses [NEEDINFO]

Summary: Whereabouts should reconcile stranded IP addresses

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Networking
Sub Component:
Version:	4.10
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	---
Target Release:	4.10.0
Assignee:	Douglas Smith
QA Contact:	Weibin Liang
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2028964
TreeView+	depends on / blocked

Reported:	2021-12-03 20:23 UTC by Douglas Smith
Modified:	2022-03-29 06:39 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:	Feature: Implements an IP reconciliation job for Whereabouts IPAM CNI called "ip-reconciler" which runs as a Kubernetes cronjob. Reason: On occasion events occur where the CNI DEL action will not complete for a given pod (for example, a forcefully powered off node), and in such a case stored IP address allocations may be left stranded and unable to be allocated without manual intervention. Result: Stranded IP address allocations are garbage collected automatically on a periodic basis to free unused IP addresses.
Clone Of:
Clones:	2028964 (view as bug list)
Environment:
Last Closed:	2022-03-10 16:31:36 UTC
Target Upstream Version:
Embargoed:
Flags:	gferrazs: needinfo? (dosmith)

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2022:0056	0	None	Closed	openshift-apiserver pod flapping between pending and running mode	2022-04-19 14:02:49 UTC

Description Douglas Smith 2021-12-03 20:23:40 UTC

Description of problem: IP reconciliation is a feature in the latest whereabouts, and due to reports, this feature should be backported all the way to 4.6.z. The feature is in the form of a cron job which reconciles the IP addresses.


Version-Release number of selected component (if applicable): 4.6-4.10


How reproducible: Specialized. Customers often experience this when nodes are rebooted, or pods are force deleted, and therefore CNI DEL calls aren't processed in their entirety by Whereabouts


Steps to Reproduce: (We will produce a procedure which produces orphaned IP addresses)

Actual results: IP addresses will remain stranded, and never utilized again.


Expected results: IP addresses that were stranded become available for use again.


Additional info: 4.10 has the reconciliation code but still requires a bug fix from upstream.

Comment 1 Douglas Smith 2022-01-04 13:50:51 UTC

This can be verified using this procedure: https://gist.github.com/dougbtv/599e8a1a747fde300d46e912f573b40f

Thank you!

Comment 4 errata-xmlrpc 2022-03-10 16:31:36 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056

Note You need to log in before you can comment on or make changes to this bug.