-
Bug
-
Resolution: Done
-
Major
-
4.19
-
None
-
Quality / Stability / Reliability
-
False
-
-
None
-
Moderate
-
No
-
None
-
None
-
Rejected
-
CNF Network Sprint 271
-
1
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
Verified the bug https://issues.redhat.com/browse/OCPBUGS-37212 when using ipvlan CNI plugin, but same testing still fail in bridge CNI plugin.
Version-Release number of selected component (if applicable):
4.19.0-0.nightly-2025-04-23-103823
How reproducible:
Always
Steps to Reproduce:
Using below configuration to reproduce the bug:
$ cat bridge-host-local-ipv4.yaml
apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition
metadata:
name: bridge-host-local-ipv4
spec:
config: |
{
"cniVersion": "0.4.0",
"name": "bridge-host-local-ipv4",
"type": "bridge",
"ipam": {
"type": "host-local",
"ranges": [
[
{
"subnet": "192.168.10.0/24",
"rangeStart": "192.168.10.1",
"rangeEnd": "192.168.10.100"
}
]
]
}
}
$ cat bridge-static-ipv6.yaml
apiVersion: k8s.cni.cncf.io/v1
kind: NetworkAttachmentDefinition
metadata:
name: bridge-static-ipv6
spec:
config: |
{
"cniVersion": "0.4.0",
"name": "bridge-static-ipv6",
"type": "bridge",
"ipam": {
"type": "static",
"addresses": [
{
"address": "FD00:192:168:12::1/64",
"gateway": "FD00:192:168:12::ffff"
}
]
}
}
$ cat test-POD.yaml
apiVersion: v1
kind: ReplicationController
metadata:
name: test-pod
spec:
replicas: 2
template:
metadata:
labels:
name: blue
annotations:
k8s.v1.cni.cncf.io/networks: bridge-host-local-ipv4,bridge-static-ipv6
spec:
containers:
- name: test-pod
image: quay.io/openshifttest/hello-sdn@sha256:c89445416459e7adea9a5a416b3365ed3d74f2491beb904d61dc8d1eb89a72a4
ports:
- containerPort: 8080
- containerPort: 443
env:
- name: RESPONSE
value: test-pod
securityContext:
capabilities:
add:
- NET_ADMIN
privileged: true
nodeName: ip-10-0-73-178.us-east-2.compute.internal$
$
$ oc create -f bridge-host-local-ipv4.yaml
networkattachmentdefinition.k8s.cni.cncf.io/bridge-host-local-ipv4 created
$ oc create -f bridge-static-ipv6.yaml
networkattachmentdefinition.k8s.cni.cncf.io/bridge-static-ipv6 created
$ oc create -f /home/weliang/Documents/RedHat/Documents/Release/Multus/Configuration/test-POD.yaml
replicationcontroller/test-pod created
$ oc get pod -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
test-pod-6r78b 1/1 Running 0 15s 10.128.2.41 ip-10-0-73-178.us-east-2.compute.internal <none> <none>
test-pod-7xgcm 1/1 Running 0 15s 10.128.2.42 ip-10-0-73-178.us-east-2.compute.internal <none> <none>
$ oc exec test-pod-6r78b -- ip a show net2
4: net2@if288: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 9a:c4:1f:62:9d:17 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fd00:192:168:12::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::98c4:1fff:fe62:9d17/64 scope link
valid_lft forever preferred_lft forever
$ oc exec test-pod-7xgcm -- ip a show net2
4: net2@if290: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 0a:22:4a:e2:85:f2 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fd00:192:168:12::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::822:4aff:fee2:85f2/64 scope link
valid_lft forever preferred_lft forever
$
Actual results:
Two pods are created in the same node, and get same ipv6 address fd00:192:168:12::1
Expected results:
Second pod shouldn't be created
Additional info:
It may failed in other types of multus CNI plugin
