-
Bug
-
Resolution: Duplicate
-
Critical
-
None
-
4.13
-
Quality / Stability / Reliability
-
False
-
-
None
-
Important
-
No
-
None
-
None
-
Proposed
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
No IPv4 address for hostnetwork pod in IPv6-primary dual stack
Version-Release number of selected component (if applicable):
4.13.0-0.nightly-2023-04-01-062001
How reproducible:
Always
Steps to Reproduce:
1. Create a hostnetwork pod and then check the pod address
Actual results:
Only IPv6 address is there for this pod. If create a service which having IPv6 and IPv4 and this pod as endpoint, then if curl the service IPv4 address, will not work.
oc get pods -n e2e-test-networking-services-xfpxc -o yaml
apiVersion: v1
items:
- apiVersion: v1
kind: Pod
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Pod","metadata":{"annotations":{},"labels":{"name":"hello-pod"},"name":"hello-pod1","namespace":"e2e-test-networking-services-xfpxc"},"spec":{"containers":[{"image":"quay.io/openshifttest/hello-sdn@sha256:c89445416459e7adea9a5a416b3365ed3d74f2491beb904d61dc8d1eb89a72a4","name":"hello-pod","securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]}}}],"hostNetwork":true,"nodeName":"worker-0.zzhaov6p.qe.devcluster.openshift.com","securityContext":{"runAsNonRoot":false,"seccompProfile":{"type":"RuntimeDefault"}}}}
openshift.io/scc: privileged
seccomp.security.alpha.kubernetes.io/pod: runtime/default
creationTimestamp: "2023-04-06T08:41:45Z"
labels:
name: hello-pod
name: hello-pod1
namespace: e2e-test-networking-services-xfpxc
resourceVersion: "195007"
uid: 6466f031-00ea-46e9-b099-b7384274cd15
spec:
containers:
- image: quay.io/openshifttest/hello-sdn@sha256:c89445416459e7adea9a5a416b3365ed3d74f2491beb904d61dc8d1eb89a72a4
imagePullPolicy: IfNotPresent
name: hello-pod
resources: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /var/run/secrets/kubernetes.io/serviceaccount
name: kube-api-access-9xzl2
readOnly: true
dnsPolicy: ClusterFirst
enableServiceLinks: true
hostNetwork: true
imagePullSecrets:
- name: default-dockercfg-vf4lj
nodeName: worker-0.zzhaov6p.qe.devcluster.openshift.com
preemptionPolicy: PreemptLowerPriority
priority: 0
restartPolicy: Always
schedulerName: default-scheduler
securityContext:
runAsNonRoot: false
seccompProfile:
type: RuntimeDefault
serviceAccount: default
serviceAccountName: default
terminationGracePeriodSeconds: 30
tolerations:
- effect: NoExecute
key: node.kubernetes.io/not-ready
operator: Exists
tolerationSeconds: 300
- effect: NoExecute
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 300
volumes:
- name: kube-api-access-9xzl2
projected:
defaultMode: 420
sources:
- serviceAccountToken:
expirationSeconds: 3607
path: token
- configMap:
items:
- key: ca.crt
path: ca.crt
name: kube-root-ca.crt
- downwardAPI:
items:
- fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
path: namespace
- configMap:
items:
- key: service-ca.crt
path: service-ca.crt
name: openshift-service-ca.crt
status:
conditions:
- lastProbeTime: null
lastTransitionTime: "2023-04-06T08:41:45Z"
status: "True"
type: Initialized
- lastProbeTime: null
lastTransitionTime: "2023-04-06T08:41:46Z"
status: "True"
type: Ready
- lastProbeTime: null
lastTransitionTime: "2023-04-06T08:41:46Z"
status: "True"
type: ContainersReady
- lastProbeTime: null
lastTransitionTime: "2023-04-06T08:41:45Z"
status: "True"
type: PodScheduled
containerStatuses:
- containerID: cri-o://af520e1913a780be0b960d25bd91d4c383f305a96319fa4465e40e623958a0ab
image: quay.io/openshifttest/hello-sdn@sha256:c89445416459e7adea9a5a416b3365ed3d74f2491beb904d61dc8d1eb89a72a4
imageID: quay.io/openshifttest/hello-sdn@sha256:aa4e5b6448e5b38c66505216324ce247fbd14e0a4e8ab3b8c1746c0e49e70234
lastState: {}
name: hello-pod
ready: true
restartCount: 0
started: true
state:
running:
startedAt: "2023-04-06T08:41:45Z"
hostIP: fd2e:6f44:5dd8:c956::17
phase: Running
podIP: fd2e:6f44:5dd8:c956::17
podIPs:
- ip: fd2e:6f44:5dd8:c956::17
qosClass: BestEffort
startTime: "2023-04-06T08:41:45Z"
kind: List
metadata:
resourceVersion: ""
% oc get svc -n e2e-test-networking-services-xfpxc -o yaml
apiVersion: v1
items:
- apiVersion: v1
kind: Service
metadata:
annotations:
kubectl.kubernetes.io/last-applied-configuration: |
{"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"name":"test-service"},"name":"test-service","namespace":"e2e-test-networking-services-xfpxc"},"spec":{"externalTrafficPolicy":"","internalTrafficPolicy":"Local","ipFamilyPolicy":"PreferDualStack","ports":[{"name":"http","port":27017,"protocol":"TCP","targetPort":8080}],"selector":{"name":"hello-pod"},"type":"ClusterIP"}}
creationTimestamp: "2023-04-06T08:43:31Z"
labels:
name: test-service
name: test-service
namespace: e2e-test-networking-services-xfpxc
resourceVersion: "195811"
uid: 2ffb6cfc-66a6-4cb7-ad65-ab5c91ecec52
spec:
clusterIP: fd02::a708
clusterIPs:
- fd02::a708
- 172.30.252.101
internalTrafficPolicy: Local
ipFamilies:
- IPv6
- IPv4
ipFamilyPolicy: PreferDualStack
ports:
- name: http
port: 27017
protocol: TCP
targetPort: 8080
selector:
name: hello-pod
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
kind: List
metadata:
resourceVersion: ""
From another pod on the same node as above pod to curl service
% oc get pods -n e2e-test-networking-services-xfpxc -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
hello-pod1 1/1 Running 0 33m fd2e:6f44:5dd8:c956::17 worker-0.zzhaov6p.qe.devcluster.openshift.com <none> <none>
% oc get svc -n e2e-test-networking-services-xfpxc
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
test-service ClusterIP fd02::a708 <none> 27017/TCP 33m
% oc get pods -n e2e-test-networking-services-mwfw9 -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
hello-pod2 1/1 Running 0 32m fd01:0:0:5::37 worker-0.zzhaov6p.qe.devcluster.openshift.com <none> <none>
hello-pod3 1/1 Running 0 32m fd01:0:0:6::25 worker-1.zzhaov6p.qe.devcluster.openshift.com <none> <none>
% oc rsh -n e2e-test-networking-services-mwfw9 hello-pod2
~ $ curl --connect-timeout 5 172.30.252.101:27017
curl: (7) Failed to connect to 172.30.252.101 port 27017 after 0 ms: Connection refused
~ $
~ $
~ $ curl --connect-timeout 5 [fd02::a708]:27017
Hello OpenShift!
Only IPv6 can be accessed as no IPv4 for the backend pod.
Expected results:
Both IPv4 and IPv6 are there for the pod in dualstack cluster.
Additional info:
