-
Bug
-
Resolution: Done-Errata
-
Major
-
None
-
4.14
-
None
-
Quality / Stability / Reliability
-
False
-
-
None
-
None
-
No
-
None
-
Rejected
-
SDN Sprint 239
-
1
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
https://bugzilla.redhat.com/show_bug.cgi?id=1944121 is back, see errors in on one of the two nodes on which the pods are running.
Version-Release number of selected component (if applicable):
How reproducible:
Most of the time - automated test failed and also see it for manual
Steps to Reproduce:
1. Create a project test
2. Create two pods in the project
oc create -f https://raw.githubusercontent.com/openshift/verification-tests/master/testdata/networking/list_for_pods.json
replicationcontroller/test-rc created
oc get pods -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
test-rc-brhgw 1/1 Running 0 3m2s 10.131.0.173 ip-10-0-174-101.us-east-2.compute.internal <none> <none>
test-rc-zlfjr 1/1 Running 0 3m2s 10.129.2.115 ip-10-0-146-11.us-east-2.compute.internal <none>
<none>
3. Create two policies
cat policy.yaml
---
# Source: networkpolicies-config-values/charts/networkpolicies-config/templates/networkpolicies.yaml
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: stex-rd-networkpolicies-config-default-deny
spec:
podSelector: {}
policyTypes:
- Ingress
---
# Source: networkpolicies-config-values/charts/networkpolicies-config/templates/networkpolicies.yaml
kind: NetworkPolicy
apiVersion: networking.k8s.io/v1
metadata:
name: stex-rd-networkpolicies-config-allow-dns
spec:
podSelector: {}
egress:
- to:
- namespaceSelector: {}
ports:
- protocol: TCP
port: 53
- protocol: UDP
port: 53
- protocol: TCP
port: 5353
- protocol: UDP
port: 5353
policyTypes:
- Egress
4.Delete the project
oc delete project test
project.project.openshift.io "test" deleted
5. Check the logs of ovn-controller container
oc -n openshift-ovn-kubernetes get pods -owide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
ovnkube-master-b4jb4 6/6 Running 1 (4h31m ago) 6h48m 10.0.184.209 ip-10-0-184-209.us-east-2.compute.internal <none> <none>
ovnkube-master-cwkwj 6/6 Running 0 6h48m 10.0.210.77 ip-10-0-210-77.us-east-2.compute.internal <none> <none>
ovnkube-master-vs5nm 6/6 Running 0 6h48m 10.0.154.174 ip-10-0-154-174.us-east-2.compute.internal <none> <none>
ovnkube-node-cv77d 5/5 Running 0 3h12m 10.0.184.209 ip-10-0-184-209.us-east-2.compute.internal <none> <none>
ovnkube-node-gmrzt 5/5 Running 0 3h14m 10.0.204.155 ip-10-0-204-155.us-east-2.compute.internal <none> <none>
ovnkube-node-h6fgt 5/5 Running 0 3h14m 10.0.154.174 ip-10-0-154-174.us-east-2.compute.internal <none> <none>
ovnkube-node-hzxwp 5/5 Running 0 3h13m 10.0.210.77 ip-10-0-210-77.us-east-2.compute.internal <none> <none>
ovnkube-node-m9c8x 5/5 Running 0 3h13m 10.0.146.11 ip-10-0-146-11.us-east-2.compute.internal <none> <none>
ovnkube-node-tmxlg 5/5 Running 0 31m 10.0.174.101 ip-10-0-174-101.us-east-2.compute.internal <none> <none>
oc -n openshift-ovn-kubernetes logs ovnkube-node-tmxlg -c ovn-controller | grep error
2023-07-11T19:33:22.644Z|00022|lflow|WARN|error parsing match "reg0[8] == 1 && (ip4.dst == {$a7002566606771883999} && tcp && tcp.dst==5353 && inport == @a3610057472070096017)": Syntax error at `$a7002566606771883999' expecting address set name.
oc -n openshift-ovn-kubernetes logs ovnkube-node-m9c8x -c ovn-controller | grep error
No errors
Actual results:
Expected results:
Additional info:
- is cloned by
-
-
- Closed
-
- is depended on by
-
-
- Closed
-
- links to
-
RHEA-2023:5006
rpm