Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-43764

Local endpoint for the DNS service not working in OpenShift 4.17 with 3rd party CNI

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Critical Critical
    • None
    • 4.17.z
    • Networking / openshift-sdn
    • None
    • Critical
    • None
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      IBM ROKS uses Calico as their CNI. In previous versions of OpenShift, OpenShiftSDN would create IPTable rules that would force local endpoint for DNS Service. 

      Starting in OCP 4.17 with the removal of SDN, IBM ROKS is not using OVN-K and therefor local endpoint for dns service is not working as expected. 

      IBM ROKS is asking that the code block be restored to restore the functionality previously seen in OCP 4.16

      https://github.com/openshift/sdn/blob/release-4.16/vendor/k8s.io/kubernetes/pkg/proxy/iptables/proxier.go#L979-L992

      Without this functionality IBM ROKS is not able to GA OCP 4.17

            dwinship@redhat.com Dan Winship
            rhn-support-mpeterma Morgan Peterman
            Zhanqi Zhao Zhanqi Zhao
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: