2193333 – Service created using virtctl expose vmi doesn't works if the VM is migrated

Bug 2193333 - Service created using virtctl expose vmi doesn't works if the VM is migrated

Summary: Service created using virtctl expose vmi doesn't works if the VM is migrated

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Container Native Virtualization (CNV)
Classification:	Red Hat
Component:	Networking
Sub Component:
Version:	4.12.2
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	4.14.0
Assignee:	Petr Horáček
QA Contact:	Nir Rozen
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2023-05-05 09:27 UTC by nijin ashok
Modified:	2023-11-08 14:05 UTC (History)
CC List:	1 user (show)
Fixed In Version:	v4.14.0.rhel9-809
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2023-11-08 14:05:31 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	kubevirt kubevirt pull 9330	None	Merged	virtctl, expose: Ignore migration target	2023-05-05 14:53:06 UTC
Red Hat Issue Tracker	CNV-28587	None	None	None	2023-05-05 09:28:48 UTC
Red Hat Knowledge Base (Solution)	7011374	None	None	None	2023-05-05 10:08:42 UTC
Red Hat Product Errata	RHSA-2023:6817	None	None	None	2023-11-08 14:05:41 UTC

Description nijin ashok 2023-05-05 09:27:07 UTC

Description of problem:

If the VM is migrated, the virctl expose command is also copying the `migrationTargetNodeName` from the VMI to the service definition:

~~~
# oc get vmi rhel8-kynp0ho84lqqk8bd -o yaml |yq -y '.metadata.labels'
kubevirt.io/domain: rhel8-kynp0ho84lqqk8bd
kubevirt.io/migrationTargetNodeName: master-2.ocp4.shiftvirt.com <<<
kubevirt.io/nodeName: master-2.ocp4.shiftvirt.com
kubevirt.io/size: small

# virtctl expose vm rhel8-kynp0ho84lqqk8bd --port=22 --name=rhel8-kynp0ho84lqqk8bd --type=NodePort

# oc get svc rhel8-kynp0ho84lqqk8bd -o yaml|yq -y '.spec.selector'
kubevirt.io/domain: rhel8-kynp0ho84lqqk8bd
kubevirt.io/migrationTargetNodeName: master-2.ocp4.shiftvirt.com <<<
kubevirt.io/size: small
~~~

The virt-launcher pod doesn't have this label and the service will not match any pods.  

~~~
oc get pod virt-launcher-rhel8-kynp0ho84lqqk8bd-9zd85 -o yaml |yq -y '.metadata.labels'
kubevirt.io: virt-launcher
kubevirt.io/created-by: 4e182af4-94d2-4df8-8bbd-384128165af5
kubevirt.io/domain: rhel8-kynp0ho84lqqk8bd
kubevirt.io/migrationJobUID: 6056f4d7-e8de-4718-b5d1-c58e8ac34494
kubevirt.io/nodeName: worker-1.ocp4.shiftvirt.com
kubevirt.io/size: small
vm.kubevirt.io/name: rhel8-kynp0ho84lqqk8bd

oc get endpoints |grep rhel8-kynp0ho84lqqk8bd
rhel8-kynp0ho84lqqk8bd      <none>                                                     3m53s
~~~

So the service will not work.

Version-Release number of selected component (if applicable):

OpenShift Virtualization   4.12.2

How reproducible:

100%

Steps to Reproduce:

1. Migrate a VM.
2. Use virtctl expose vmi to expose the VM service.
3. Check the label of service. It will be having migrationTargetNodeName and will not be having endpoints. 

Actual results:

Service created using virtctl expose vmi doesn't works if the VM is migrated.

Expected results:

Service created using virtctl expose vmi should work.

Additional info:

Looks to be already fixed upstream https://github.com/kubevirt/kubevirt/pull/9330. Opening BZ since we got a customer who had the same problem.

Comment 1 Petr Horáček 2023-05-05 14:53:06 UTC

Hey Nijin, thanks for opening this. This issue should be resolved in 4.14 through the PR you linked. Is it important for the customer to be available earlier? It would cost us QE capacity, but it should be quite a simple backport, so I won't resist too much.

Comment 2 nijin ashok 2023-05-08 03:33:26 UTC

(In reply to Petr Horáček from comment #1)
> Hey Nijin, thanks for opening this. This issue should be resolved in 4.14
> through the PR you linked. Is it important for the customer to be available
> earlier? It would cost us QE capacity, but it should be quite a simple
> backport, so I won't resist too much.

`virttcl expose vm` works. Also enabling the ssh service from UI works. So 4.14 is ok.

Comment 3 Yossi Segev 2023-10-04 10:58:21 UTC

Verified on CNV 4.14.0 (brew.registry.redhat.io/rh-osbs/iib:588459)

Comment 5 errata-xmlrpc 2023-11-08 14:05:31 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: OpenShift Virtualization 4.14.0 Images security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2023:6817

Note You need to log in before you can comment on or make changes to this bug.