Calico Charm

After update from 1.27 to 1.28 Calico is ignoring juju network binding for cni

Bug #2037236 reported by Gustavo Sanchez on 2023-09-24

16

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	Calico Charm	Fix Released	High	Mateo Florido	Calico Charm 1.28+ck2

Bug Description

Juju status looks all green and healthy
https://paste.ubuntu.com/p/Q2g8P9Nmp4/

NOTE: calico is at the moment using channel 1.28/candidate
I though the issue might be related to this one https://bugs.launchpad.net/charm-calico/+bug/2034737
So I refreshed only calico from 1.28/stable to 1.28/candidate to get the patch for that bug
But, that doesn't seem to be related

It looks like the charm is ignoring the bind on cni to oam-space (192.168.20.0/24) and instead taking any host IP into the calico mesh

It should be using the oam IPs instead of taking any when running calicoctl node status
https://pastebin.ubuntu.com/p/y9t6qznxym/

Workaround (see in pastebin for commands)
Manually updating network IP used for the calico bind communication between pods works again

Chris Johnston (cjohnston) on 2023-10-16

Changed in charm-calico:
status:	New → Confirmed

Revision history for this message

Chris Johnston (cjohnston) wrote on 2023-10-16:

#1

I was able to reproduce this as well on an upgrade from 1.27 to 1.28.

Revision history for this message

George Kraft (cynerva) wrote on 2023-10-17:

#2

In CK 1.27 and earlier, there was a calico-node systemd service that each unit configured with a specific IP value provided by Juju.

In CK 1.28, the systemd service was replaced with a calico-node DaemonSet that uses IP autodetection. With this architecture, it's no longer possible for units to provide their own unit-specific configuration to calico-node.

To fix this, I think we need to either configure calico-node with IP_AUTODETECTION_METHOD=cidr=<bind-cidr>, or we need to split up the DaemonSet so that each unit can configure its own service independently.

Changed in charm-calico:
importance:	Undecided → High
milestone:	none → 1.29
status:	Confirmed → Triaged

Revision history for this message

Chris Johnston (cjohnston) wrote on 2023-10-23:

#3

https://github.com/charmed-kubernetes/charm-calico/pull/104

Kevin W Monroe (kwmonroe) on 2023-10-24

Changed in charm-calico:
status:	Triaged → Fix Committed
assignee:	nobody → Mateo Florido (mateoflorido)

Revision history for this message

Kevin W Monroe (kwmonroe) wrote on 2023-10-24 (last edit on 2023-10-24):

#4

@mateo, please backport to release-1.28.

tags:	added: backport-needed
Changed in charm-calico:
milestone:	1.29 → 1.28+ck2

Revision history for this message

Adam Dyess (addyess) wrote on 2023-11-01:

#5

Backport completed

tags:

removed: backport-needed

Adam Dyess (addyess) on 2023-11-07

Changed in charm-calico:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.