-
Bug
-
Resolution: Done-Errata
-
Major
-
4.14
-
None
-
Critical
-
No
-
SDN Sprint 242
-
1
-
Rejected
-
False
-
This is a clone of issue OCPBUGS-18003. The following is the description of the original issue:
—
Description of problem:
Found auto case OCP-42340 failed in ci job which version is 4.14.0-ec.4 and then reproduced issue in 4.14.0-0.nightly-2023-08-22-221456
Version-Release number of selected component (if applicable):
4.14.0-ec.4 4.14.0-0.nightly-2023-08-22-221456
How reproducible:
Always
Steps to Reproduce:
1. Deploy egressrouter on baremetal with
{
"kind": "List",
"apiVersion": "v1",
"metadata": {},
"items": [
{
"apiVersion": "network.operator.openshift.io/v1",
"kind": "EgressRouter",
"metadata": {
"name": "egressrouter-42430",
"namespace": "e2e-test-networking-egressrouter-l4xgx"
},
"spec": {
"addresses": [
{
"gateway": "192.168.111.1",
"ip": "192.168.111.55/24"
}
],
"mode": "Redirect",
"networkInterface": {
"macvlan": {
"mode": "Bridge"
}
},
"redirect": {
"redirectRules": [
{
"destinationIP": "142.250.188.206",
"port": 80,
"protocol": "TCP"
},
{
"destinationIP": "142.250.188.206",
"port": 8080,
"protocol": "TCP",
"targetPort": 80
},
{
"destinationIP": "142.250.188.206",
"port": 8888,
"protocol": "TCP",
"targetPort": 80
}
]
}
}
}
]
}
% oc get pods -n e2e-test-networking-egressrouter-l4xgx -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
egress-router-cni-deployment-c4bff88cf-skv9j 1/1 Running 0 69m 10.131.0.26 worker-0 <none> <none>
2. Create service which point to egressrouter
% oc get svc -n e2e-test-networking-egressrouter-l4xgx -o yaml
apiVersion: v1
items:
- apiVersion: v1
kind: Service
metadata:
creationTimestamp: "2023-08-23T05:58:30Z"
name: ovn-egressrouter-multidst-svc
namespace: e2e-test-networking-egressrouter-l4xgx
resourceVersion: "50383"
uid: 07341ff1-6df3-40a6-b27e-59102d56e9c1
spec:
clusterIP: 172.30.10.103
clusterIPs:
- 172.30.10.103
internalTrafficPolicy: Cluster
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
- name: con1
port: 80
protocol: TCP
targetPort: 80
- name: con2
port: 5000
protocol: TCP
targetPort: 8080
- name: con3
port: 6000
protocol: TCP
targetPort: 8888
selector:
app: egress-router-cni
sessionAffinity: None
type: ClusterIP
status:
loadBalancer: {}
kind: List
metadata:
resourceVersion: ""
3. create a test pod to access the service or curl the egressrouter IP:port directly
oc rsh -n e2e-test-networking-egressrouter-l4xgx hello-pod1
~ $ curl 172.30.10.103:80 --connect-timeout 5
curl: (28) Connection timeout after 5001 ms
~ $ curl 10.131.0.26:80 --connect-timeout 5
curl: (28) Connection timeout after 5001 ms
$ curl 10.131.0.26:8080 --connect-timeout 5
curl: (28) Connection timeout after 5001 ms
Actual results:
connection failed
Expected results:
connection succeed
Additional info:
Note, the issue didn't exist in 4.13. It passed in 4.13 latest nightly build 4.13.0-0.nightly-2023-08-11-101506
08-23 15:26:16.955 passed: (1m3s) 2023-08-23T07:26:07 "[sig-networking] SDN ConnectedOnly-Author:huirwang-High-42340-Egress router redirect mode with multiple destinations."
- clones
-
-
- Closed
-
- is blocked by
-
-
- Closed
-
- links to
-
RHSA-2023:5006
OpenShift Container Platform 4.14.z security update
