Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-33080

Egressqos failed to update status

XMLWordPrintable

    • No
    • SDN Sprint 253
    • 1
    • Rejected
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      Apply egressqos on OCP, the status of egressqos is empty. Check ovnkube-pod logs, it shows error like below:

       

      I0429 09:39:19.013461    4771 egressqos.go:460] Processing sync for EgressQoS abc/default
I0429 09:39:19.022635    4771 egressqos.go:463] Finished syncing EgressQoS default on namespace abc : 9.174361ms
E0429 09:39:19.028426    4771 egressqos.go:368] failed to update EgressQoS object abc/default with status: Apply failed with 1 conflict: conflict with "ip-10-0-62-24.us-east-2.compute.internal" with subresource "status": .status.conditions
I0429 09:39:19.031526    4771 egressqos.go:460] Processing sync for EgressQoS default/default
I0429 09:39:19.039827    4771 egressqos.go:463] Finished syncing EgressQoS default on namespace default : 8.322774ms
E0429 09:39:19.044060    4771 egressqos.go:368] failed to update EgressQoS object default/default with status: Apply failed with 1 conflict: conflict with "ip-10-0-70-102.us-east-2.compute.internal" with subresource "status": .status.conditions
I0429 09:39:19.052877    4771 egressqos.go:460] Processing sync for EgressQoS abc/default
I0429 09:39:19.055945    4771 egressqos.go:463] Finished syncing EgressQoS default on namespace abc : 3.182828ms
E0429 09:39:19.060563    4771 egressqos.go:368] failed to update EgressQoS object abc/default with status: Apply failed with 1 conflict: conflict with "ip-10-0-62-24.us-east-2.compute.internal" with subresource "status": .status.conditions
I0429 09:39:19.072238    4771 egressqos.go:460] Processing sync for EgressQoS default/default

       

       

      Version-Release number of selected component (if applicable):

      4.16

      How reproducible:

      always

      Steps to Reproduce:

      1. create egressqos in ns abc

      % cat egress_qos.yaml 
kind: EgressQoS
apiVersion: k8s.ovn.org/v1
metadata:
  name: default
  namespace: abc
spec:
  egress:
  - dscp: 46
    dstCIDR: 3.16.78.227/32
  - dscp: 30
    dstCIDR: 0.0.0.0/0

      2. check egressqos 

      % oc get egressqos default -o yaml
apiVersion: k8s.ovn.org/v1
kind: EgressQoS
metadata:
  creationTimestamp: "2024-04-29T09:24:55Z"
  generation: 1
  name: default
  namespace: abc
  resourceVersion: "376134"
  uid: f9dfe380-81ee-4edd-845d-49ba2c856e81
spec:
  egress:
  - dscp: 46
    dstCIDR: 3.16.78.227/32
  - dscp: 30
    dstCIDR: 0.0.0.0/0
status: {}

      3. check crd egressqos

      % oc get crd egressqoses.k8s.ovn.org -o yaml
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
  annotations:
    controller-gen.kubebuilder.io/version: v0.8.0
  creationTimestamp: "2024-04-29T05:23:12Z"
  generation: 1
  name: egressqoses.k8s.ovn.org
  ownerReferences:
  - apiVersion: operator.openshift.io/v1
    blockOwnerDeletion: true
    controller: true
    kind: Network
    name: cluster
    uid: 3bfac7ab-ca29-477f-a97f-27592b7e176d
  resourceVersion: "3642"
  uid: 25dabf13-611f-4c29-bf22-4a0b56e4b7f7
spec:
  conversion:
    strategy: None
  group: k8s.ovn.org
  names:
    kind: EgressQoS
    listKind: EgressQoSList
    plural: egressqoses
    singular: egressqos
  scope: Namespaced
  versions:
  - name: v1
    schema:
      openAPIV3Schema:
        description: EgressQoS is a CRD that allows the user to define a DSCP value
          for pods egress traffic on its namespace to specified CIDRs. Traffic from
          these pods will be checked against each EgressQoSRule in the namespace's
          EgressQoS, and if there is a match the traffic is marked with the relevant
          DSCP value.
        properties:
          apiVersion:
            description: 'APIVersion defines the versioned schema of this representation
              of an object. Servers should convert recognized schemas to the latest
              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
            type: string
          kind:
            description: 'Kind is a string value representing the REST resource this
              object represents. Servers may infer this from the endpoint the client
              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
            type: string
          metadata:
            properties:
              name:
                pattern: ^default$
                type: string
            type: object
          spec:
            description: EgressQoSSpec defines the desired state of EgressQoS
            properties:
              egress:
                description: a collection of Egress QoS rule objects
                items:
                  properties:
                    dscp:
                      description: DSCP marking value for matching pods' traffic.
                      maximum: 63
                      minimum: 0
                      type: integer
                    dstCIDR:
                      description: DstCIDR specifies the destination's CIDR. Only
                        traffic heading to this CIDR will be marked with the DSCP
                        value. This field is optional, and in case it is not set the
                        rule is applied to all egress traffic regardless of the destination.
                      format: cidr
                      type: string
                    podSelector:
                      description: PodSelector applies the QoS rule only to the pods
                        in the namespace whose label matches this definition. This
                        field is optional, and in case it is not set results in the
                        rule being applied to all pods in the namespace.
                      properties:
                        matchExpressions:
                          description: matchExpressions is a list of label selector
                            requirements. The requirements are ANDed.
                          items:
                            description: A label selector requirement is a selector
                              that contains values, a key, and an operator that relates
                              the key and values.
                            properties:
                              key:
                                description: key is the label key that the selector
                                  applies to.
                                type: string
                              operator:
                                description: operator represents a key's relationship
                                  to a set of values. Valid operators are In, NotIn,
                                  Exists and DoesNotExist.
                                type: string
                              values:
                                description: values is an array of string values.
                                  If the operator is In or NotIn, the values array
                                  must be non-empty. If the operator is Exists or
                                  DoesNotExist, the values array must be empty. This
                                  array is replaced during a strategic merge patch.
                                items:
                                  type: string
                                type: array
                            required:
                            - key
                            - operator
                            type: object
                          type: array
                        matchLabels:
                          additionalProperties:
                            type: string
                          description: matchLabels is a map of {key,value} pairs.
                            A single {key,value} in the matchLabels map is equivalent
                            to an element of matchExpressions, whose key field is
                            "key", the operator is "In", and the values array contains
                            only "value". The requirements are ANDed.
                          type: object
                      type: object
                  required:
                  - dscp
                  type: object
                type: array
            required:
            - egress
            type: object
          status:
            description: EgressQoSStatus defines the observed state of EgressQoS
            type: object
        type: object
    served: true
    storage: true
    subresources:
      status: {}
status:
  acceptedNames:
    kind: EgressQoS
    listKind: EgressQoSList
    plural: egressqoses
    singular: egressqos
  conditions:
  - lastTransitionTime: "2024-04-29T05:23:12Z"
    message: no conflicts found
    reason: NoConflicts
    status: "True"
    type: NamesAccepted
  - lastTransitionTime: "2024-04-29T05:23:12Z"
    message: the initial names have been accepted
    reason: InitialNamesAccepted
    status: "True"
    type: Established
  storedVersions:
  - v1

       

      Actual results:

      egressqos status is not updated correctly

      Expected results:

      egressqos status should be updated once applied.

      Additional info:

       % oc version
Client Version: 4.16.0-0.nightly-2024-04-26-145258
Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3
Server Version: 4.16.0-0.nightly-2024-04-26-145258
Kubernetes Version: v1.29.4+d1ec84a

            sseethar Surya Seetharaman
            rhn-support-yingwang Ying Wang
            Ying Wang Ying Wang
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated: