Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: 4.19.0
Affects Version/s: 4.18.0
Component/s: Node / CRI-O
Labels:
- triaged

Regression:
None
Release Blocker:
Approved
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Target Version:

4.19.0

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Description of problem:

openshift virt allows hotplugging block volumes into it's pods, which relies on the fact that changing the cgroup corresponding to the pid of the container suffices.

crun is test driving some changes it integrated recently;
it's configuring two cgroups, `*.scope` and sub cgroup called `container`
while before, the parent existed as sort of a no op
(wasn't configured, so, all devices were allowed, for example)
This results in the volume hotplug breaking since applying the device filter to the sub cgroup is not enough anymore

Version-Release number of selected component (if applicable):

4.18.0 RC2

How reproducible:

100%

Steps to Reproduce:

    1. Block volume hotplug to VM
    2.
    3.

Actual results:

    Failure

Expected results:

    Success

Additional info:

https://kubevirt.io/user-guide/storage/hotplug_volumes/

blocks

OCPBUGS-47458 crun >= 1.18 breaks critical openshift virt feature

ASSIGNED

is cloned by

OCPBUGS-47458 crun >= 1.18 breaks critical openshift virt feature

ASSIGNED

is related to

CNV-53355 Block volume hotplug broken with crun >= 1.18

Verified

links to

openshift/machine-config-operator#4765: OCPBUGS-45928,OCPBUGS-46531: crio: drop crun subcgroup

openshift/machine-config-operator#4774: OCPBUGS-45928,OCPBUGS-46531: crio: drop crun subcgroup

Assignee:: Peter Hunt

Reporter:: Alex Kalenyuk

QA Contact:: Aditi Sahay

Votes:: 0 Vote for this issue

Watchers:: 12 Start watching this issue

Created:: 2024/12/17 5:17 PM

Updated:: 2025/01/10 3:37 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates