Uploaded image for project: 'OpenShift Virtualization'
  1. OpenShift Virtualization
  2. CNV-40241

Don't allow default VM container-disk images in DPDK checkup

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • CNV Network
    • 0.42
    • False
    • Hide

      None

      Show
      None
    • False
    • v4.16.0-120
    • ---
    • ---
    • No

      Description of problem:

      In DPDK checkup, if the user doesn'r specify either trafficGenContainerDiskImage or vmUnderTestContainerDiskImage, a default image is used. This should be avoided due to the risk of pulling an image version which doesn't fit the cluster/CNV verions.

      Version-Release number of selected component (if applicable):

      OCP 4.16.0-ec.4
CNV 4.16.0 (brew.registry.redhat.io/rh-osbs/iib:697727)
kubevirt-dpdk-checkup-rhel9:v4.16.0-100

      How reproducible:

      100%

      Steps to Reproduce:

      1.
The cluster should be configured for DPDK checkup, including SR-IOV, MCP, PerformanceProfile and permissions.
If needed - follow the instructions in https://docs.openshift.com/container-platform/4.15/virt/vm_networking/virt-using-dpdk-with-sriov.html#virt-configuring-cluster-dpdk_virt-using-dpdk-with-sriov

2.
Apply a DPDK checkup ConfigMap without specifying the traffic-gen VM and the VM under-test images:

apiVersion: v1
kind: ConfigMap
metadata:
  name: dpdk-checkup-config
data:
  spec.timeout: 20m
  spec.param.testDuration: 120s
  spec.param.networkAttachmentDefinitionName: default/sriov-network
  spec.param.verbose: "true"
  spec.param.trafficGenPacketsPerSecond: 7m

3. Start the job by applying the Job resource:

apiVersion: batch/v1
kind: Job
metadata:
  name: dpdk-checkup
spec:
  backoffLimit: 0
  template:
    spec:
      serviceAccountName: dpdk-checkup-sa
      restartPolicy: Never
      containers:
        - name: dpdk-checkup
          image: registry.redhat.io/container-native-virtualization/kubevirt-dpdk-checkup-rhel9@sha256:e15e9e38ae8d501e1783a0e463a4c1cfab30842bedb9e27ba86227fad5d4cf0b
          imagePullPolicy: Always
          securityContext:
            allowPrivilegeEscalation: false
            capabilities:
              drop: ["ALL"]
            runAsNonRoot: true
            seccompProfile:
              type: "RuntimeDefault"
          env:
            - name: CONFIGMAP_NAMESPACE
              value: dpdk-checkup-ns
            - name: CONFIGMAP_NAME
              value: dpdk-checkup-config
            - name: POD_UID
              valueFrom:
                fieldRef:
                  fieldPath: metadata.uid

      Actual results:

      The job starts (and can end successfully)

      Expected results:

      The job should immediately fail due to the absence of the absence of the spec.param.trafficGenContainerDiskImage and spec.param.vmUnderTestContainerDiskImage parameters in the ConfigMap).

      Additional info:

       

       

              omisan@redhat.com Orel Misan
              ysegev@redhat.com Yossi Segev
              Yossi Segev Yossi Segev
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: