Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-47458

crun >= 1.18 breaks critical openshift virt feature

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Major Major
    • None
    • 4.18.0
    • Node / CRI-O
    • None
    • Approved
    • False
    • Hide

      None

      Show
      None
    • Release Note Not Required
    • In Progress

      This is a clone of issue OCPBUGS-46531. The following is the description of the original issue:

      Description of problem:

      openshift virt allows hotplugging block volumes into it's pods, which relies on the fact that changing the cgroup corresponding to the pid of the container suffices.

crun is test driving some changes it integrated recently;
it's configuring two cgroups, `*.scope` and sub cgroup called `container`
while before, the parent existed as sort of a no op
(wasn't configured, so, all devices were allowed, for example)
This results in the volume hotplug breaking since applying the device filter to the sub cgroup is not enough anymore

      Version-Release number of selected component (if applicable):

      4.18.0 RC2

      How reproducible:

      100%

      Steps to Reproduce:

          1. Block volume hotplug to VM
    2.
    3.

      Actual results:

          Failure

      Expected results:

          Success

      Additional info:

      https://kubevirt.io/user-guide/storage/hotplug_volumes/

              pehunt@redhat.com Peter Hunt
              openshift-crt-jira-prow OpenShift Prow Bot
              Aditi Sahay Aditi Sahay
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated:
                Resolved: