Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-13159

vmware-vsphere-csi-driver-controller" deployment runs with "hostNetwork: true"

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Undefined Undefined
    • None
    • 4.12.z
    • Storage
    • None
    • Important
    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None

      vmware-vsphere-csi-driver-controller" deployment runs with "hostNetwork: true". This is not the case in the upstream vsphere-csi-driver and I don't know why this should be necessary. In fact I'd like all vcenter accesses to originate from one IP address and use EgressIP for this purpose. This approach works fine for the machine-operator but doesn't work for the vsphere csi-driver as it uses hostNetwork.

      This might not be a "bug" in the normal sense but in upstream "csi vsphere provider" the setting is different and there might be a slight confusion about where we actually need to use hostNetwork (for the daemonset vmware-vsphere-csi-driver-node it's actually needed). See https://kubernetes.slack.com/archives/C9PGCDKV5/p1683198355000799?thread_ts=1683038313.875139&cid=C9PGCDKV5 

      How reproducible
      Try to assign EgressIP to the openshift-cluster-csi-drivers. The pods of the vmware-vsphere-csi-driver-controller will run with hostNetwork and per (our) firewall settings the access will not be allowed.

       

              Unassigned Unassigned
              ghilling Gunnar Hilling (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: