Juniper Openstack

K8S: Service with external_ips: FIP got created with different IP

Bug #1685374 reported by chhandak
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Juniper Openstack
Status tracked in Trunk
Trunk
Fix Committed
High
chhandak
Juniper Openstack r4.0.0.0-fcs "r4.0.0.0"

Bug Description

Description:
Created a service with type Loadbalacer and mentioned list of 2 values as external_IP. In Kubernets API, service got created with mentioned externalIPs. But contrail has created floating IP for the service with different IP than what is mentioned in externalIPs. So Kube API Server and Contrail API server is not in sync.

As per Kube API : Loadbalacer IP is 10.87.117.25 and 10.87.117.250
[root@5b7s18 ~]# kubectl get service
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
ctest-nginx-svc-86590169 10.111.91.102 ,10.87.117.251,10.87.117.250 80:32197/TCP 36s
kubernetes 10.96.0.1 <none> 443/TCP 25m
[root@5b7s18 ~]# kubectl describe service
Name: ctest-nginx-svc-86590169
Namespace: default
Labels: <none>
Annotations: <none>
Selector: app=http_test
Type: LoadBalancer
IP: 10.111.91.102
External IPs: 10.87.117.251,10.87.117.250
Port: <unset> 80/TCP
NodePort: <unset> 32197/TCP
Endpoints: 10.47.255.250:80,10.47.255.251:80
Session Affinity: None
Events: <none>

As per contrail API Server
{
parent_uuid: "be8b81a9-2a9c-4eb9-aec1-29d0e3e923ed",
parent_href: "http://10.87.121.34:8082/floating-ip-pool/be8b81a9-2a9c-4eb9-aec1-29d0e3e923ed",
parent_type: "floating-ip-pool",
href: "http://10.87.121.34:8082/floating-ip/69dd53be-2d7d-4614-911f-8b210e9d709d",
floating_ip_address: "10.87.117.252",------------> Diffrent value
id_perms: {
enable: true,
uuid: {
uuid_mslong: 7628345420107565000,
uuid_lslong: 10457229833872962000
},
created: "2017-04-21T21:32:51.604230",
description: null,
creator: null,
user_visible: true,
last_modified: "2017-04-21T21:32:57.981799",
permissions: {
owner: "cloud-admin",
owner_access: 7,
other_access: 7,
group: "cloud-admin-group",
group_access: 7
}
},
fq_name: [
"default-domain",
"default",
"__public__",
"__fip_pool_public__",
"ctest-nginx-svc-86590169__1272c50b-26da-11e7-84a5-0cc47aa89e64-externalIP"
],
name: "ctest-nginx-svc-86590169__1272c50b-26da-11e7-84a5-0cc47aa89e64-externalIP",
project_refs: [
{
to: [
"default-domain",
"default"
],
href: "http://10.87.121.34:8082/project/8a529f8f-c6ce-4592-a60d-d66125ccfa63",
attr: null,
uuid: "8a529f8f-c6ce-4592-a60d-d66125ccfa63"
}
],
display_name: "ctest-nginx-svc-86590169__1272c50b-26da-11e7-84a5-0cc47aa89e64-externalIP",
uuid: "69dd53be-2d7d-4614-911f-8b210e9d709d",
floating_ip_port_mappings: {
port_mappings: [
{
protocol: "TCP",
src_port: 80,
dst_port: 80
}
]
},

Logs from contrail-kube-manager
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_INFO]: KubeManagerInfoLog: Starting all tasks.
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_DEBUG]: KubeManagerDebugLog: VncNamespace - Got ADDED Namespace default:54a2cfaf-23bc-11e7-90bd-0cc47aa89e64
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_DEBUG]: KubeManagerDebugLog: ServiceMonitor - Got ADDED Service default:kubernetes:a716b65d-26d6-11e7-84a5-0cc47aa89e64
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_DEBUG]: KubeManagerDebugLog: NamespaceMonitor - Got ADDED Namespace kube-public:54fae9e3-23bc-11e7-90bd-0cc47aa89e64
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_DEBUG]: KubeManagerDebugLog: PodMonitor - Got ADDED Pod default:ctest-nginx-pod-06628209:12799d20-26da-11e7-84a5-0cc47aa89e64
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_INFO]: KubeManagerInfoLog: KubeNetworkManager - kube_timer_interval(60s)
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_DEBUG]: KubeManagerDebugLog: EndPointMonitor - Got ADDED Endpoints kube-system:kube-dns:59cd8f0e-23bc-11e7-90bd-0cc47aa89e64
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_DEBUG]: KubeManagerDebugLog: ServiceMonitor - Got ADDED Service kube-system:kube-dns:591c54ba-23bc-11e7-90bd-0cc47aa89e64
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_DEBUG]: KubeManagerDebugLog: NamespaceMonitor - Got ADDED Namespace kube-system:546855ee-23bc-11e7-90bd-0cc47aa89e64
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_DEBUG]: KubeManagerDebugLog: ServiceMonitor - Got ADDED Service default:ctest-nginx-svc-86590169:1272c50b-26da-11e7-84a5-0cc47aa89e64
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_DEBUG]: KubeManagerDebugLog: NamespaceMonitor - Got ADDED Namespace default:54a2cfaf-23bc-11e7-90bd-0cc47aa89e64
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_DEBUG]: KubeManagerDebugLog: PodMonitor - Got ADDED Pod kube-system:kube-dns-3913472980-d57jx:59d4d6b3-23bc-11e7-90bd-0cc47aa89e64
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: Ratelimit Drop (10 messages/sec): for KubeManagerDebugLog
04/21/2017 10:07:25 PM [contrail-kube-manager]: Service (default, ctest-nginx-svc-86590169) updated with EXTERNAL-IP (10.87.117.252)
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_NOTICE]: KubeManagerNoticeLog: Service (default, ctest-nginx-svc-86590169) updated with EXTERNAL-IP (10.87.117.252)
04/21/2017 10:07:25 PM [contrail-kube-manager]: Service (default, ctest-nginx-svc-86590169) updated with EXTERNAL-IP (10.87.117.252)
04/21/2017 10:07:25 PM [contrail-kube-manager]: SANDESH: [DROP: NoSession] __default__ [SYS_NOTICE]: KubeManagerNoticeLog: Service (default, ctest-nginx-svc-86590169) updated with EXTERNAL-IP (10.87.117.252)
04/21/2017 10:07:28 PM [contrail-kube-manager]: Processing event[EvIdleHoldTimerExpired] in state[Idle]
04/21/2017 10:07:28 PM [contrail-kube-manager]: Sandesh Client: Event[EvIdleHoldTimerExpired] => State[Idle] -> State[Connect]
04/21/2017 10:07:28 PM [contrail-kube-manager]: Processing event[EvCollectorUnknown] in state[Connect]
04/21/2017 10:07:28 PM [contrail-kube-manager]: Sandesh Client: Event[EvCollectorUnknown] => State[Connect] -> State[Disconnect]

See original description
chhandak (chhandak)
Changed in juniperopenstack:
milestone: none → r4.0
importance: Undecided → High
assignee: nobody → Sachchidanand Vaidya (vaidyasd)
description: updated
chhandak (chhandak)
description: updated
information type: Proprietary → Public
Revision history for this message
Sachchidanand Vaidya (vaidyasd) wrote : Re: [Bug 1685374] [NEW] K8S: Service with external_ips: FIP got created with different IP
Download full text (3.3 KiB)

Chhandak, can you also attach the json/yaml service definition file used
for service creation.

Thanks,
Sachin

On 4/21/17, 2:55 PM, "<email address hidden> on behalf of Launchpad Bug
Tracker" <<email address hidden> on behalf of <email address hidden>>
wrote:

>chhandak (chhandak) has assigned this bug to you for Juniper Openstack:
>
>Description:
>Created a service with type Loadbalacer and mentioned list of 2 values as
>external_IP. In Kubernets API service got created with mentioned
>externalIP. But contrail has created floating IP for the service with
>diffrent IP than what is mentioned in externalIP. So Kube API Server and
>Contrail API server is not in sync.
>
>
>As per Kube API : Loadbalacer IP is 10.87.117.25 and 10.87.117.250
>[root@5b7s18 ~]# kubectl get service
>NAME CLUSTER-IP EXTERNAL-IP
>PORT(S) AGE
>ctest-nginx-svc-86590169 10.111.91.102 ,10.87.117.251,10.87.117.250
>80:32197/TCP 36s
>kubernetes 10.96.0.1 <none>
>443/TCP 25m
>[root@5b7s18 ~]# kubectl describe service
>Name: ctest-nginx-svc-86590169
>Namespace: default
>Labels: <none>
>Annotations: <none>
>Selector: app=http_test
>Type: LoadBalancer
>IP: 10.111.91.102
>External IPs: 10.87.117.251,10.87.117.250
>Port: <unset> 80/TCP
>NodePort: <unset> 32197/TCP
>Endpoints: 10.47.255.250:80,10.47.255.251:80
>Session Affinity: None
>Events: <none>
>
>As per contrail API Server
>{
>parent_uuid: "be8b81a9-2a9c-4eb9-aec1-29d0e3e923ed",
>parent_href:
>"http://10.87.121.34:8082/floating-ip-pool/be8b81a9-2a9c-4eb9-aec1-29d0e3e
>923ed",
>parent_type: "floating-ip-pool",
>href:
>"http://10.87.121.34:8082/floating-ip/69dd53be-2d7d-4614-911f-8b210e9d709d
>",
>floating_ip_address: "10.87.117.252",------------> Diffrent value
>id_perms: {
>enable: true,
>uuid: {
>uuid_mslong: 7628345420107565000,
>uuid_lslong: 10457229833872962000
>},
>created: "2017-04-21T21:32:51.604230",
>description: null,
>creator: null,
>user_visible: true,
>last_modified: "2017-04-21T21:32:57.981799",
>permissions: {
>owner: "cloud-admin",
>owner_access: 7,
>other_access: 7,
>group: "cloud-admin-group",
>group_access: 7
>}
>},
>fq_name: [
>"default-domain",
>"default",
>"__public__",
>"__fip_pool_public__",
>"ctest-nginx-svc-86590169__1272c50b-26da-11e7-84a5-0cc47aa89e64-externalIP
>"
>],
>name:
>"ctest-nginx-svc-86590169__1272c50b-26da-11e7-84a5-0cc47aa89e64-externalIP
>",
>project_refs: [
>{
>to: [
>"default-domain",
>"default"
>],
>href:
>"http://10.87.121.34:8082/project/8a529f8f-c6ce-4592-a60d-d66125ccfa63",
>attr: null,
>uuid: "8a529f8f-c6ce-4592-a60d-d66125ccfa63"
>}
>],
>display_name:
>"ctest-nginx-svc-86590169__1272c50b-26da-11e7-84a5-0cc47aa89e64-externalIP
>",
>uuid: "69dd53be-2d7d-4614-911f-8b210e9d709d",
>floating_ip_port_mappings: {
>port_mappings: [
>{
>protocol: "TCP",
>src_port: 80,
>dst_port: 80
>}
>]
>},
>
>** Affects: juniperopenstack
> Importance: High
> Assignee: Sachchidanand Vaidya (vaidyasd)
> Status: New
>
>
>** Tags...

Read more...

Revision history for this message
chhandak (chhandak) wrote :
Download full text (8.9 KiB)

Hi Sachin,

Configuration is done through Python client . Please find output from the object created. Also added the json from kubectl

(Pdb) print (service.__dict__)
{'cluster_ip': '10.104.56.46', 'kind': 'Service', 'metadata_obj': {'annotations': None,
 'cluster_name': None,
 'creation_timestamp': u'2017-04-22T00:24:05Z',
 'deletion_grace_period_seconds': None,
 'deletion_timestamp': None,
 'finalizers': None,
 'generate_name': None,
 'generation': None,
 'labels': None,
 'name': 'ctest-nginx-svc-74268235',
 'namespace': 'default',
 'owner_references': None,
 'resource_version': '473014',
 'self_link': '/api/v1/namespaces/default/services/ctest-nginx-svc-74268235',
 'uid': 'fe70e040-26f1-11e7-84a5-0cc47aa89e64'}, 'obj': {'api_version': 'v1',
 'kind': 'Service',
 'metadata': {'annotations': None,
              'cluster_name': None,
              'creation_timestamp': u'2017-04-22T00:24:05Z',
              'deletion_grace_period_seconds': None,
              'deletion_timestamp': None,
              'finalizers': None,
              'generate_name': None,
              'generation': None,
              'labels': None,
              'name': 'ctest-nginx-svc-74268235',
              'namespace': 'default',
              'owner_references': None,
              'resource_version': '473014',
              'self_link': '/api/v1/namespaces/default/services/ctest-nginx-svc-74268235',
              'uid': 'fe70e040-26f1-11e7-84a5-0cc47aa89e64'},
 'spec': {'cluster_ip': '10.104.56.46',
          'deprecated_public_i_ps': ['10.87.117.251', '10.87.117.250'],
          'external_i_ps': ['10.87.117.251', '10.87.117.250'],
          'external_name': None,
          'load_balancer_ip': None,
          'load_balancer_source_ranges': None,
          'ports': [{'name': None,
                     'node_port': None,
                     'port': 80,
                     'protocol': 'TCP',
                     'target_port': 80}],
          'selector': {u'app': 'http_test'},
          'session_affinity': 'None',
          'type': 'ClusterIP'},
 'status': {'load_balancer': {'ingress': None}}}, 'name': 'ctest-nginx-svc-74268235', 'already_exists': False, 'namespace': 'default', 'uuid': 'fe70e040-26f1-11e7-84a5-0cc47aa89e64', 'new_obj': {'api_version': 'v1',
 'kind': 'Service',
 'metadata': {'annotations': None,
              'cluster_name': None,
              'creation_timestamp': u'2017-04-22T00:24:05Z',
              'deletion_grace_period_seconds': None,
              'deletion_timestamp': None,
              'finalizers': None,
              'generate_name': None,
              'generation': None,
              'labels': None,
              'name': 'ctest-nginx-svc-74268235',
              'namespace': 'default',
              'owner_references': None,
              'resource_version': '473014',
              'self_link': '/api/v1/namespaces/default/services/ctest-nginx-svc-74268235',
              'uid': 'fe70e040-26f1-11e7-84a5-0cc47aa89e64'},
 'spec': {'cluster_ip': '10.104.56.46',
          'deprecated_public_i_ps': ['10.87.117.251', '10.87.117.250'],
          'external_i_ps': ['10.87....

Read more...

Revision history for this message
chhandak (chhandak) wrote :
Download full text (10.8 KiB)

Sorry Sachin, send wrong yaml last time. Please find the correct one below.

Thanks and Regards,
Chhandak

[root@5b7s18 ~]# kubectl get svc ctest-nginx-svc-37573319 -o yaml
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: 2017-04-22T00:49:29Z
  name: ctest-nginx-svc-37573319
  namespace: default
  resourceVersion: "475088"
  selfLink: /api/v1/namespaces/default/services/ctest-nginx-svc-37573319
  uid: 8b020447-26f5-11e7-84a5-0cc47aa89e64
spec:
  clusterIP: 10.108.234.143
  deprecatedPublicIPs:
  - 10.87.117.251
  - 10.87.117.250
  externalIPs:
  - 10.87.117.251
  - 10.87.117.250
  ports:
  - nodePort: 31170
    port: 80
    protocol: TCP
    targetPort: 80
  selector:
    app: http_test
  sessionAffinity: None
  type: LoadBalancer
status:
  loadBalancer: {}
[root@5b7s18 ~]# kubectl get svc ctest-nginx-svc-37573319 -o json
{
    "apiVersion": "v1",
    "kind": "Service",
    "metadata": {
        "creationTimestamp": "2017-04-22T00:49:29Z",
        "name": "ctest-nginx-svc-37573319",
        "namespace": "default",
        "resourceVersion": "475088",
        "selfLink": "/api/v1/namespaces/default/services/ctest-nginx-svc-37573319",
        "uid": "8b020447-26f5-11e7-84a5-0cc47aa89e64"
    },
    "spec": {
        "clusterIP": "10.108.234.143",
        "deprecatedPublicIPs": [
            "10.87.117.251",
            "10.87.117.250"
        ],
        "externalIPs": [
            "10.87.117.251",
            "10.87.117.250"
        ],
        "ports": [
            {
                "nodePort": 31170,
                "port": 80,
                "protocol": "TCP",
                "targetPort": 80
            }
        ],
        "selector": {
            "app": "http_test"
        },
        "sessionAffinity": "None",
        "type": "LoadBalancer"
    },
    "status": {
        "loadBalancer": {}
    }
}

On 4/21/17, 5:31 PM, "Chhandak Mukherjee" <email address hidden> wrote:

Hi Sachin,

Configuration is done through Python client . Please find output from the object created. Also added the json from kubectl

(Pdb) print (service.__dict__)
{'cluster_ip': '10.104.56.46', 'kind': 'Service', 'metadata_obj': {'annotations': None,
 'cluster_name': None,
 'creation_timestamp': u'2017-04-22T00:24:05Z',
 'deletion_grace_period_seconds': None,
 'deletion_timestamp': None,
 'finalizers': None,
 'generate_name': None,
 'generation': None,
 'labels': None,
 'name': 'ctest-nginx-svc-74268235',
 'namespace': 'default',
 'owner_references': None,
 'resource_version': '473014',
 'self_link': '/api/v1/namespaces/default/services/ctest-nginx-svc-74268235',
 'uid': 'fe70e040-26f1-11e7-84a5-0cc47aa89e64'}, 'obj': {'api_version': 'v1',
 'kind': 'Service',
 'metadata': {'annotations': None,
              'cluster_name': None,
              'creation_timestamp': u'2017-04-22T00:24:05Z',
              'deletion_grace_period_seconds': None,
              'deletion_timestamp': None,
              'finalizers': None,
              'generate_name': None,
              'generation': None,
              'labels': None,
              'name': 'ctest-...

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : [Review update] master

Review in progress for https://review.opencontrail.org/30892
Submitter: Sachchidanand Vaidya (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote :

Review in progress for https://review.opencontrail.org/30960
Submitter: Sachchidanand Vaidya (<email address hidden>)

Revision history for this message
OpenContrail Admin (ci-admin-f) wrote : A change has been merged

Reviewed: https://review.opencontrail.org/30960
Committed: http://github.com/Juniper/contrail-controller/commit/021a343641171ae02150a682bcc974a7c794402e
Submitter: Zuul (<email address hidden>)
Branch: master

commit 021a343641171ae02150a682bcc974a7c794402e
Author: Sachchidanand Vaidya <email address hidden>
Date: Tue May 2 17:17:06 2017 -0700

- Fix to loadbalancerIp.
- Fix to externalIp handling for Cluster Type and Loadbalancer Type.
- Rearrage code to handle add/delete/modify cases.
- Fix to exception in endpoint delete

- System-less test handling changes.

Change-Id: Ib2664d873ed1b6992a3f9463b36d2fd3b0bdfb8e
Closes-Bug: 1685374, 1685393,1659166,1668851

Revision history for this message
Sachchidanand Vaidya (vaidyasd) wrote :

Fix committed today (05/03)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.