Uploaded image for project: 'OpenShift Service Mesh'
  1. OpenShift Service Mesh
  2. OSSM-8859

OCP virtualization VMs connected to service-mesh fail to start

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • OSSM 3.0.1
    • OSSM 3.0.0
    • Istio
    • None
    • False
    • Hide

      None

      Show
      None
    • False

      Openshift virtualization utilize Multus to support connecting VMs to secondary networks [1]. And for the network binding plugin feature [2] currently in productization phase.

      VMs defined with secondary networks, or VMs who specify network binding plugin produce pod (virt-launcher) with  Multus network selection annotation in JSON form. For example:

      VM with secondary network pod annotation:

      "k8s.v1.cni.cncf.io/networks": '[{"name":"br-net","namespace":"red","interface":"pod19fc4dddfe8"},{"name": "default/istio-cni"}]'  

      VM with binding plugin annotation:

      "k8s.v1.cni.cncf.io/networks": '[{"name":"myplugin","namespace":"red","cni-args":{"logicNetworkName":"default"}}]'

      In both cases, VM fail to start due to the following pod failure:

      Warning  FailedCreatePodSandBox  4s    kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_virt-launcher-test-mesh-cjpzz_red_3e25ca19-eba2-4d14-8f02-2137a8c65494_0(068b75a4d780d55272deed43028d69d247d3ad8eaf2019b0b6852edc1447f419): error adding pod red_virt-launcher-test-mesh-cjpzz to CNI network "multus-cni-network": plugin type="multus" name="multus-cni-network" failed (add): Multus: [red/virt-launcher-test-mesh-cjpzz]: error loading k8s delegates k8s args: TryLoadPodDelegates: error in getting k8s network for pod: GetNetworkDelegates: failed getting the delegate: getKubernetesDelegate: cannot find a network-attachment-definition (default/istio-cni) in namespace (red): invalid resource name "default/istio-cni": [may not contain '/']

       

      The same issue reproduce with regular pods who spesifies Multus networks annotation in JSON form. For example:
      Pod manifest:

      apiVersion: v1
kind: Pod
metadata:
  name: test-mesh
  namespace: red
  labels:
    sidecar.istio.io/inject: "true"
  annotations:
    k8s.v1.cni.cncf.io/networks:  '[{"name":"br-net","namespace":"red"}]'
spec:
  containers:
  - name: sleep
    args: ["sleep", "100000"]
    image: nicolaka/netshoot
  terminationGracePeriodSeconds: 0

      Pod failure:

        Warning  FailedCreatePodSandBox  4s    kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_test1_red_7eef13db-3184-43bf-bd10-b234ed5b3d42_0(64a93a76cf75ac2ea1d02a3a8bbd12544ebc88facbffbad427c0c7f12441697d): error adding pod red_test1 to CNI network "multus-cni-network": plugin type="multus" name="multus-cni-network" failed (add): Multus: [red/test1]: error loading k8s delegates k8s args: TryLoadPodDelegates: error in getting k8s network for pod: GetNetworkDelegates: failed getting the delegate: getKubernetesDelegate: cannot find a network-attachment-definition (default/istio-cni) in namespace (red): invalid resource name "default/istio-cni": [may not contain '/']

       

      [1] https://docs.openshift.com/container-platform/4.17/virt/vm_networking/virt-networking-overview.html#secondary-network-config
      [2] https://kubevirt.io/user-guide/network/network_binding_plugins 

              jewertow@redhat.com Jacek Ewertowski
              omergi@redhat.com Or Mergi
              Votes:
              2 Vote for this issue
              Watchers:
              10 Start watching this issue

                Created:
                Updated:
                Resolved: