StarlingX

multus cni using the wrong calico ipam configuration

Bug #1830282 reported by Matt Peters
18
This bug affects 2 people
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
High
Steven Webster

Bug Description

Brief Description
-----------------
The multus CNI configuration is using host-local rather than calico-ipam ipam configuration for the delegates configuration.

Severity
--------
Critical - pods launched after a swact can have duplicate IPs

Steps to Reproduce
------------------
Standard deployment configuration

Expected Behavior
------------------
The IPAM configuration must use the calico-ipam to ensure IP address allocations for the pool is tracked globally.

Actual Behavior
----------------
The host-local IPAM configuration uses the local file system and therefore introduces inconsistencies when the Calico controller moves to another host.

Reproducibility
---------------
100%

System Configuration
--------------------
All configurations

Branch/Pull Time/Commit
-----------------------
OS="centos"
SW_VERSION="19.01"
BUILD_TARGET="Host Installer"
BUILD_TYPE="Formal"
BUILD_ID="20190521T132734Z"

JOB="STX_build_master_master"
<email address hidden>"
BUILD_NUMBER="111"
BUILD_HOST="starlingx_mirror"
BUILD_DATE="2019-05-21 13:27:34 +0000"

Last Pass
---------
N/A

Timestamp/Logs
--------------
N/A

Test Activity
-------------
Developer Testing

See original description
Ghada Khalil (gkhalil)
Changed in starlingx:
assignee: nobody → Steven Webster (swebster-wr)
importance: Undecided → High
Ghada Khalil (gkhalil)
description: updated
description: updated
Revision history for this message
Ghada Khalil (gkhalil) wrote :

Marking as release gating; high priority as new pods are impacted after swact

Changed in starlingx:
status: New → Triaged
tags: added: stx.2.0 stx.networking
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to config (master)

Fix proposed to branch: master
Review: https://review.opendev.org/661986

Changed in starlingx:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to config (master)

Reviewed: https://review.opendev.org/661986
Committed: https://git.openstack.org/cgit/starlingx/config/commit/?id=5bf8a1f84fff02b390a687f18f49b3638fe1a488
Submitter: Zuul
Branch: master

commit 5bf8a1f84fff02b390a687f18f49b3638fe1a488
Author: Steven Webster <email address hidden>
Date: Wed May 29 08:23:52 2019 -0500

    Configure calico-ipam for multus k8s pod network

    This commit configures calico-ipam rather than host-local for the
    IPAM configuration on the k8s pod network delegate.

    Using host-local IPAM, there is a possibility for duplicate IP
    address allocation as the IP addresses are managed locally on
    the node's file system.

    Using calico-ipam, the IP addresses are managed across the
    cluster as a whole.

    Closes-Bug: #1830282

    Change-Id: I9a68fc164ad88f295827442ec83236c454af7907
    Signed-off-by: Steven Webster <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.