Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug 1831112: Kuryr: Mount /run/netns to ensure netns access #562

Merged
merged 1 commit into from May 5, 2020
Merged

Bug 1831112: Kuryr: Mount /run/netns to ensure netns access #562

merged 1 commit into from May 5, 2020

Conversation

dulek
Copy link
Contributor

@dulek dulek commented Mar 31, 2020

openshift/machine-config-operator#1568 moved pod namespaces from
/proc into /var/run/crio. As Kuryr needs access to them in order to
manipulate interfaces, we need to mount the new directory and this
commit does that.

Most likely the same change needs to be done for ovn-kubernetes, but
it's a bit out of my expertise.

@openshift-ci-robot openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 31, 2020
@dulek
Copy link
Contributor Author

dulek commented Mar 31, 2020

/hold

I'd like to get @dcbw opinion here, maybe the breaking change should get reverted instead.

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 31, 2020
@dulek
Copy link
Contributor Author

dulek commented Mar 31, 2020

/hold cancel

Or let's just merge this and revert it if needed - Kuryr QE needs to get unblocked ASAP as this blocks them from validating 4.4 and 4.3 fixes.

@openshift-ci-robot openshift-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 31, 2020
@dulek dulek changed the title Kuryr: Mount /var/run/crio to ensure netns access Bug 1819129: Kuryr: Mount /var/run/crio to ensure netns access Mar 31, 2020
@openshift-ci-robot
Copy link
Contributor

@dulek: This pull request references Bugzilla bug 1819129, which is invalid:

  • expected the bug to target the "4.5.0" release, but it targets "---" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

Bug 1819129: Kuryr: Mount /var/run/crio to ensure netns access

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci-robot openshift-ci-robot added the bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. label Mar 31, 2020
@dulek
Copy link
Contributor Author

dulek commented Mar 31, 2020

/bugzilla refresh

@openshift-ci-robot openshift-ci-robot added the bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. label Mar 31, 2020
@openshift-ci-robot
Copy link
Contributor

@dulek: This pull request references Bugzilla bug 1819129, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target release (4.5.0) matches configured target release for branch (4.5.0)
  • bug is in the state NEW, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci-robot openshift-ci-robot removed the bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. label Mar 31, 2020
@dulek
Copy link
Contributor Author

dulek commented Mar 31, 2020

/hold

Okay, this does not seem to help, somehow it's now "failed to open", probably permissions.

@openshift-ci-robot openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 31, 2020
@dulek dulek force-pushed the kuryr-mount-crio branch 2 times, most recently from ac20671 to 823d8db Compare April 29, 2020 09:39
@dulek dulek changed the title Bug 1819129: Kuryr: Mount /var/run/crio to ensure netns access Kuryr: Mount /var/run/netns to ensure netns access Apr 29, 2020
@openshift-ci-robot openshift-ci-robot removed the bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. label Apr 29, 2020
@openshift-ci-robot
Copy link
Contributor

@dulek: No Bugzilla bug is referenced in the title of this pull request.
To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

In response to this:

Kuryr: Mount /var/run/netns to ensure netns access

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@dulek
Copy link
Contributor Author

dulek commented Apr 29, 2020

/hold cancel

@openshift-ci-robot openshift-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 29, 2020
@dulek dulek mentioned this pull request Apr 29, 2020
Merged
@haircommander
Copy link
Member

/retest

@cgwalters
Copy link
Member

(not super important nit; /var/run is always a symlink to /run, so it's cleaner to just reference that nowadays - it emphasizes strongly that the data is not persistent. /var is about persistence)

@haircommander
Copy link
Member

/retitle Bug: 1831112 Kuryr: Mount /var/run/netns to ensure netns access

@openshift-ci-robot openshift-ci-robot changed the title Kuryr: Mount /var/run/netns to ensure netns access Bug: 1831112 Kuryr: Mount /var/run/netns to ensure netns access May 4, 2020
@haircommander
Copy link
Member

/bugzilla refresh

@openshift-ci-robot
Copy link
Contributor

@haircommander: No Bugzilla bug is referenced in the title of this pull request.
To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@haircommander
Copy link
Member

/retitle Bug 1831112: Kuryr: Mount /var/run/netns to ensure netns access

@openshift-ci-robot openshift-ci-robot changed the title Bug: 1831112 Kuryr: Mount /var/run/netns to ensure netns access Bug 1831112: Kuryr: Mount /var/run/netns to ensure netns access May 4, 2020
@openshift-ci-robot openshift-ci-robot added bugzilla/severity-low Referenced Bugzilla bug's severity is low for the branch this PR is targeting. bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. labels May 4, 2020
@openshift-ci-robot
Copy link
Contributor

@dulek: This pull request references Bugzilla bug 1831112, which is invalid:

  • expected the bug to target the "4.5.0" release, but it targets "---" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

In response to this:

Bug 1831112: Kuryr: Mount /var/run/netns to ensure netns access

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@haircommander
Copy link
Member

/bugzilla refresh

@openshift-ci-robot openshift-ci-robot added the bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. label May 4, 2020
@openshift-ci-robot
Copy link
Contributor

@haircommander: This pull request references Bugzilla bug 1831112, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target release (4.5.0) matches configured target release for branch (4.5.0)
  • bug is in the state NEW, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci-robot openshift-ci-robot removed the bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. label May 4, 2020
@dulek
Copy link
Contributor Author

dulek commented May 4, 2020

This seems to be ready now.

@MaysaMacedo
Copy link
Contributor

LGTM. Should we wait for openshift/machine-config-operator/pull/1689 ?

@dulek
Kuryr: Mount /run/netns to ensure netns access
9c07f82 
openshift/machine-config-operator#1689 moves pod namespaces from
/proc into /run/netns. As Kuryr needs access to them in order to
manipulate interfaces, we need to mount the new directory and this
commit does that.

Note that CNI will pass /var/run/netns in netns paths, but /var/run is a
symlink to /run, so it should be just fine.
@dulek
Copy link
Contributor Author

dulek commented May 5, 2020

(not super important nit; /var/run is always a symlink to /run, so it's cleaner to just reference that nowadays - it emphasizes strongly that the data is not persistent. /var is about persistence)

Fixed!

LGTM. Should we wait for openshift/machine-config-operator/pull/1689 ?

No, if openshift/machine-config-operator#1689 merges without this, we're broken, we should be first.

Interestingly we can't remove mounting /proc too, because even with the above merged, there is no upgrade path, so old containers will stay on /proc.

@dulek dulek changed the title Bug 1831112: Kuryr: Mount /var/run/netns to ensure netns access Bug 1831112: Kuryr: Mount /run/netns to ensure netns access May 5, 2020
@dulek
Copy link
Contributor Author

dulek commented May 5, 2020

/test e2e-gcp

@luis5tb
Copy link
Contributor

luis5tb commented May 5, 2020

/lgtm

@openshift-ci-robot openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label May 5, 2020
@openshift-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dulek, luis5tb

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-robot openshift-merge-robot merged commit 344e722 into openshift:master May 5, 2020
@openshift-ci-robot
Copy link
Contributor

@dulek: All pull requests linked via external trackers have merged: openshift/cluster-network-operator#562. Bugzilla bug 1831112 has been moved to the MODIFIED state.

In response to this:

Bug 1831112: Kuryr: Mount /run/netns to ensure netns access

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@dulek
Copy link
Contributor Author

dulek commented Jun 29, 2020

/cherry-pick release-4.4

@openshift-cherrypick-robot
Copy link

@dulek: new pull request created: #684

In response to this:

/cherry-pick release-4.4

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Jun 29, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@luis5tb luis5tb Awaiting requested review from luis5tb

@MaysaMacedo MaysaMacedo Awaiting requested review from MaysaMacedo

Assignees

@luis5tb luis5tb

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. bugzilla/severity-low Referenced Bugzilla bug's severity is low for the branch this PR is targeting. bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
8 participants
@dulek @openshift-ci-robot @haircommander @cgwalters @MaysaMacedo @luis5tb @openshift-cherrypick-robot @openshift-merge-robot