Uploaded image for project: 'OpenShift Virtualization'
  1. OpenShift Virtualization
  2. CNV-76425

[cnv network] KubeMacPool should not be enfroced on masquerade interface

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • CNV Network
    • Quality / Stability / Reliability
    • 0.42
    • False
    • Hide

      None

      Show
      None
    • False
    • None
    • None

      Description of problem:

      Currently KubeMacPool range is applied on all VM interfaces, regardless of its binding type - masquerade, bridge, etc.
The pod masquerade interface is used only internally, i.e. to connect to the virt-launcher, and it "hides" behind the pod's interface. Therefore, it's redundant to apply the KMP it, as it consumes available MACs from the pool for no reason, and derives MAC conflict enforcement, which is also not needed.

      Version-Release number of selected component (if applicable):

      CNV 4.21.0
container-native-virtualization-kubemacpool-rhel9:v4.21.0-31

      How reproducible:

      100%

      Steps to Reproduce:

      1.
On your cluster - check the configured KubeMacPool range (currently it appears in a dedicated ConfigMap, and supposed to be available in HCO later on):
$ oc get cm -n openshift-cnv kubemacpool-mac-range-config -o jsonpath={.data} | jq
{
  "RANGE_END": "02:a2:4f:ff:ff:ff",
  "RANGE_START": "02:a2:4f:00:00:00"
}

2.
Create a basic VM with only the default masquerade interface explicitly mentioned:
$ cat << EOF | oc apply -f -
> apiVersion: kubevirt.io/v1
kind: VirtualMachine
metadata:
metadata:
  name: vma
spec:
  runStrategy: Halted
  template:
    spec:
      domain:
        devices:
          disks:
            - name: containerdisk
              disk:
                bus: virtio
            - name: cloudinitdisk
              disk:
                bus: virtio
          interfaces:
            - name: default
              masquerade: {}
        resources:
          requests:
            memory: 1G
        cpu:
          cores: 2
      networks:
        - name: default
          pod: {}
      volumes:
        - name: containerdisk
          containerDisk:
            image: quay.io/openshift-cnv/qe-cnv-tests-fedora:41
        - name: cloudinitdisk
          cloudInitNoCloud:
            userData: |-
              #cloud-config
              password: password
              chpasswd: { expire: False }
EOF
virtualmachine.kubevirt.io/vma created

3.
No need to start the VM.
Check the MAC address that was assigned to the VM resource object:
$ oc get vm vma -o jsonpath={.spec.template.spec.domain.devices.interfaces[0]} | jq
{
  "macAddress": "02:a2:4f:d6:d4:93",
  "masquerade": {},
  "name": "default"
}

      Actual results:

      Assigned MAC is withing the MAC pool range.

      Expected results:

      Default masquerade VM interfaces can and should be assigned an arbitrary MAC address, which can also be similar in several (all) VMs, and not exhaust the MAC pool.

      Additional info:

              phoracek@redhat.com Petr Horacek
              ysegev@redhat.com Yoss Segev
              Yoss Segev Yoss Segev
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: