-
Bug
-
Resolution: Done-Errata
-
Normal
-
None
-
None
-
Quality / Stability / Reliability
-
3
-
False
-
-
False
-
CNV v4.18.0.rhel9-505, CNV v4.99.0.rhel9-1892
-
-
Storage Core Sprint 263
-
None
Description of problem:
When there is no default StorageClass and no virt default StorageClass, creating a PVC with no StorageClass specified will cause a segfault in the webhook.
Version-Release number of selected component (if applicable):
4.16.0 and above
How reproducible:
Always
Steps to Reproduce:
1. Enable the CDI WebhookPvcRendering feature gate 2. Update the storage classes so there is no default or virt default 3. Create a PVC using webhook rendering: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc-test labels: cdi.kubevirt.io/applyStorageProfile: "true" spec: resources: requests: storage: 1Gi
Actual results:
$ k create -f test_yamls/pvc_render.yaml
Error from server (InternalError): error when creating "test_yamls/pvc_render.yaml": Internal error occurred: failed calling webhook "pvc-mutate.cdi.kubevirt.io": failed to call webhook: Post "https://cdi-api.cdi.svc:443/pvc-mutate?timeout=10s": EOF
$ k logs -n cdi cdi-apiserver-85c5c647d9-p2ntj
I1126 16:30:33.686723 1 handler.go:122] handling request: {"kind":"AdmissionReview","apiVersion":"admission.k8s.io/v1","request":{"uid":"692e56e9-3468-4c4f-8910-e32af71b3692","kind":{"group":"","version":"v1","kind":"PersistentVolumeClaim"},"resource":{"group":"","v
ersion":"v1","resource":"persistentvolumeclaims"},"requestKind":{"group":"","version":"v1","kind":"PersistentVolumeClaim"},"requestResource":{"group":"","version":"v1","resource":"persistentvolumeclaims"},"name":"pvc-test","namespace":"default","operation":"CREATE","userI
nfo":{"username":"kubernetes-admin","groups":["kubeadm:cluster-admins","system:authenticated"]},"object":{"kind":"PersistentVolumeClaim","apiVersion":"v1","metadata":{"name":"pvc-test","namespace":"default","creationTimestamp":null,"labels":{"cdi.kubevirt.io/applyStorageP
rofile":"true"},"finalizers":["kubernetes.io/pvc-protection"],"managedFields":[{"manager":"kubectl-create","operation":"Update","apiVersion":"v1","time":"2024-11-26T16:30:33Z","fieldsType":"FieldsV1","fieldsV1":{"f:metadata":{"f:labels":{".":{},"f:cdi.kubevirt.io/applySto
rageProfile":{}}},"f:spec":{"f:resources":{"f:requests":{".":{},"f:storage":{}}},"f:volumeMode":{}}}}]},"spec":{"resources":{"requests":{"storage":"1Gi"}},"volumeMode":"Filesystem"},"status":{"phase":"Pending"}},"oldObject":null,"dryRun":false,"options":{"kind":"CreateOpt
ions","apiVersion":"meta.k8s.io/v1","fieldManager":"kubectl-create","fieldValidation":"Strict"}}}
I1126 16:30:33.688821 1 reflector.go:296] Starting reflector *v1.StorageClass (10h40m57.995454181s) from pkg/cache/internal/informers.go:106
I1126 16:30:33.688832 1 reflector.go:332] Listing and watching *v1.StorageClass from pkg/cache/internal/informers.go:106
I1126 16:30:33.689915 1 reflector.go:359] Caches populated for *v1.StorageClass from pkg/cache/internal/informers.go:106
2024/11/26 16:30:33 http: panic serving 192.168.66.101:61625: runtime error: invalid memory address or nil pointer dereference
goroutine 15701 [running]:
net/http.(*conn).serve.func1()
GOROOT/src/net/http/server.go:1898 +0xbe
panic({0x1b49360?, 0x3295550?})
GOROOT/src/runtime/panic.go:770 +0x132
kubevirt.io/containerized-data-importer/pkg/controller/datavolume.renderPvcSpecVolumeModeAndAccessModesAndStorageClass({0x2164d00, 0xc000156090}, {0x0, 0x0}, 0x0?, 0x0, 0xc0002e86a8, {0x1e09ed8?, 0xc0002e8530?})
pkg/controller/datavolume/util.go:162 +0xb37
kubevirt.io/containerized-data-importer/pkg/controller/datavolume.RenderPvc({0x21583b0, 0x332a3e0}, {0x2164d00, 0xc000156090}, 0xc0002e85a0)
pkg/controller/datavolume/util.go:73 +0x15f
kubevirt.io/containerized-data-importer/pkg/apiserver/webhooks.(*pvcMutatingWebhook).Admit(0xc000520e70, {{{0xc000788480, 0xf}, {0xc0007d0570, 0x13}}, 0xc000305860, 0x0})
pkg/apiserver/webhooks/pvc-mutate.go:61 +0x553
kubevirt.io/containerized-data-importer/pkg/apiserver/webhooks.(*admissionHandler).ServeHTTP(0xc000520e80, {0x214d4f8, 0xc0008e5c00}, 0xc0006678c0?)
pkg/apiserver/webhooks/handler.go:144 +0x405
net/http.(*ServeMux).ServeHTTP(0xc0009a5b38?, {0x214d4f8, 0xc0008e5c00}, 0xc0006678c0)
GOROOT/src/net/http/server.go:2683 +0x1ad
kubevirt.io/containerized-data-importer/vendor/github.com/emicklei/go-restful/v3.(*Container).ServeHTTP(0x414165?, {0x214d4f8?, 0xc0008e5c00?}, 0xc0008e5c01?)
vendor/github.com/emicklei/go-restful/v3/container.go:316 +0x1cd
net/http.serverHandler.ServeHTTP({0x2140dc8?}, {0x214d4f8?, 0xc0008e5c00?}, 0x6?)
GOROOT/src/net/http/server.go:3137 +0x8e
net/http.(*conn).serve(0xc0006f59e0, {0x2158628, 0xc0001a5b00})
GOROOT/src/net/http/server.go:2039 +0x5e8
created by net/http.(*Server).Serve in goroutine 102
GOROOT/src/net/http/server.go:3285 +0x4b4
Expected results:
PVC creation should be rejected with message: Error from server: error when creating "test_yamls/pvc_render.yaml": admission webhook "pvc-mutate.cdi.kubevirt.io" denied the request: PVC spec is missing accessMode and no storageClass to choose profile
Additional info:
- is duplicated by
-
-
- Closed
-
- links to
-
RHEA-2024:139653
OpenShift Virtualization 4.18.0 Images
- mentioned on
