-
Bug
-
Resolution: Done-Errata
-
Critical
-
4.13, 4.12, 4.11, 4.14
-
None
-
Critical
-
No
-
Sprint 243, Sprint 244
-
2
-
Rejected
-
False
-
-
This is a clone of issue OCPBUGS-19805. The following is the description of the original issue:
—
Description of problem:
While reviewing PRs in CoreDNS 1.11.0, we stumbled upon https://github.com/coredns/coredns/pull/6179, which describes an CoreDNS crash in the kubernetes plugin if you create an EndpointSlice object contains a port without a port number. I reproduced this myself and was able to successfully bring down all of CoreDNS so that the cluster was put into a degraded state. We've bumped to CoreDNS 1.11.1 in 4.15, so this is concern for < 4.15.
Version-Release number of selected component (if applicable):
Less than or equal to 4.14
How reproducible:
100%
Steps to Reproduce:
1. Create an endpointslice with a port with no port number: apiVersion: discovery.k8s.io/v1 kind: EndpointSlice metadata: name: example-abc addressType: IPv4 ports: - name: "" 2.Shortly after creating this object, all DNS pods continuously crash: oc get -n openshift-dns pods NAME READY STATUS RESTARTS AGE dns-default-57lmh 1/2 CrashLoopBackOff 1 (3s ago) 79m dns-default-h6cvm 1/2 CrashLoopBackOff 1 (4s ago) 79m dns-default-mn7qd 1/2 CrashLoopBackOff 1 (3s ago) 79m dns-default-mxq5g 1/2 CrashLoopBackOff 1 (3s ago) 79m dns-default-wdrff 1/2 CrashLoopBackOff 1 (3s ago) 79m dns-default-zs7cd 1/2 CrashLoopBackOff 1 (3s ago) 79m
Actual results:
DNS Pods crash
Expected results:
DNS Pods should NOT crash
Additional info:
- clones
-
OCPBUGS-19805 CoreDNS panics if an EndpointSlice object contains a port without a port number
- Closed
- is blocked by
-
OCPBUGS-20144 CoreDNS panics if an EndpointSlice object contains a port without a port number
- Closed
- links to
-
RHSA-2023:6272 OpenShift Container Platform 4.11.z security update