When SMCP v2.3 is deployed container install-cni-v2-3 logs the following errors:

error Unable to start ControlZ: listen tcp 127.0.0.1:9876: bind: address already in use
error unable to listen on socket: listen tcp :15014: bind: address already in use

These errors occur, because we deploy 5 containers in a single pod, so all of them exist in the same network namespace and therefore can't use the same port.

We have to discuss whether we want to support exposing ControlZ and metrics from CNI. If we want to support these features, then we have to make these ports configurable or maybe deploy install-cni-v2-3 in a separate container (but I don't know if it is possible).

Update after refinement:

We decided to split the cni daemonset into multiple daemonsets, one for each supported version. Thus, instead of having one daemonset with multiple containers we would have multipe daemonsets with just one container each. This way we avoid this port binding issue.

As a side effect, we would end up installing only daemonsets that are actually in use by some SMCP. For example, if there's only a v2.3 SMCP currently in use, there will be only 1 daemonset with only 1 container in use. This reduces resource usage in the nodes.

We should only touch the 2.3 charts/codebase.

For QE:

• All CNI daemonsets/pods in the openshift-operators namespace should run fine, without any error in their logs.
• Upgrades from 2.2 to 2.3 should run smoothly.
• If only SMCP 2.3 is installed in the cluster, there must be only 1 istio-cni daemonset installed in the openshift-operators namespace, and it must contain only 1 container in it.
• If there are 2 SMCP's installed in the cluster, say, 2.2 and 2.3, there must be 2 istio-cni daemonset installed in the openshift-operators namespace, and each of them must contain only 1 container, corresponding each of the SMCP versions (2.2 and 2.3)