Description of problem (please be detailed as possible and provide log snippests): Console not accessible /w ovs-multitenant plugin enabled without manually enabling global pod networking Version of all relevant components (if applicable): Seen on OCP/ODF 4.10, but likely all versions apply. Does this issue impact your ability to continue to work with the product (please explain in detail what is the user impact)? Installation of ODF Is there any workaround available to the best of your knowledge? Manually enable global pod networking for ODF project. Example: $ oc adm pod-network make-projects-global openshift-storage Rate from 1 - 5 the complexity of the scenario you performed that caused this bug (1 - very simple, 5 - very complex)? 2 Can this issue reproducible? Unknown Steps to Reproduce: 1. Setup OCP cluster with ovs-multitenant plugin enabled. 2. Install ODF operator. Actual results: Console unavailble and errors in console pod logs. GET request for "odf-console" plugin failed: Get "https://odf-console-service.openshift-storage.svc.cluster.local:9001/locales/en/plugin__odf-console.json": context deadline exceeded (Client.Timeout exceeded while awaiting headers) Expected results: Operator likely should be aware of this and automatically set global pod networking for openshift-storage project, or this likely should be documented somewhere. Additional info: None.
Hi, In OCP when "ovs-multitenant" plugin is used for SDN, Pods from different projects cannot send packets to or receive packets from pods and services of a different project, meaning by default pods can not communicate between namespaces/projects (https://docs.openshift.com/container-platform/3.11/architecture/networking/sdn.html). OCP's "console" pod in the "openshift-console" namespace needs to connect with the ODF's "odf-console" pod in the "openshift-storage" namespace in order to fetch the UI assets and display them as a part of OCP. This is by design and can happen for any dynamic plugin (odf-console is just one example of a dynamic plugin). So, for starters this should be documented in Openshift docs as well (if not already). We already have KCS guide: https://access.redhat.com/solutions/6988169 so we are good here. Last part is ODF docs @olakra can you please take a look, is this something which can we added to our (ODF) docs ?? Also, @Anton just clarity sake, can you please confirm that customer was only facing issue with "odf-console" pod in "openshift-storage" namespace and all other ODF pieces like OCS/Rook/Noobaa were up and running successfully (before applying the workaorund) ??
I am moving this to documentation side ! Thanks.
Added relevant section to doc "Chapter 14. Accessing odf-console with the ovs-multitenant plugin by manually enabling global pod networking" https://dxp-docp-prod.apps.ext-waf.spoke.prod.us-west-2.aws.paas.redhat.com/documentation/en-us/red_hat_openshift_data_foundation/4.10/html-single/troubleshooting_openshift_data_foundation/index?lb_target=preview#accessing-odf-console-with-ovs-multitenant-plugin-by-manually-enabling-global-pod-networking_rhodf