Bug 1959200: Adds back checking OF flows for CNI

[dcbw]

We see at scale that this can happen:

1. CNI delete
2. OVN is so busy it takes 30 seconds to remove the old logical port
3. CNI ADD within 30 seconds
4. ovn-controller sees old logical switchport, binds and considers new
   pod up, but no traffic works
5. sometime later OVN gets updated, and ovn-controller updates the pod
   with the new flows and traffic finally works

To solve this problem we need to have a minimal check to ensure the
right flows are present for the pod before we check if ovn_installed is
true. This change adds back the checks for mac address and of port
number.

(cherry picked from commit 22bed6a)

4.8 backport of ovn-org/ovn-kubernetes#2220

@trozet

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dcbw

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [dcbw]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[trozet]

/hold

we need to bump OVN with the relevant fix also in this PR. https://bugzilla.redhat.com/show_bug.cgi?id=1959200 depends on:
https://bugzilla.redhat.com/show_bug.cgi?id=1952846

[openshift-ci]

@dcbw: This pull request references Bugzilla bug 1959200, which is valid. The bug has been updated to refer to the pull request using the external bug tracker.

3 validation(s) were run on this bug

• bug is open, matching expected state (open)
• bug target release (4.8.0) matches configured target release for branch (4.8.0)
• bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

No GitHub users were found matching the public email listed for the QA contact in Bugzilla (anusaxen@redhat.com), skipping review request.

In response to this:

Bug 1959200: Adds back checking OF flows for CNI

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[dcbw]

ovn2.13-20.12.0-135 has the necessary fixes now; need that pulled into OCP.

[trozet]

@dcbw https://bugzilla.redhat.com/show_bug.cgi?id=1952846 has been verified, can you tag and pull that into this PR?

[dcbw]

/hold cancel
Bumped OVN with required fixes.

[dcbw]

/retest
perhaps the mirrors have synced now

[trozet]

/retest

[dcbw]

/retest

[dcbw]

/test ci/prow/images

[openshift-ci]

@dcbw: The specified target(s) for /test were not found.
The following commands are available to trigger jobs:

• /test 4.8-upgrade-from-stable-4.7-e2e-aws-ovn-upgrade
• /test e2e-aws-ovn
• /test e2e-aws-ovn-windows
• /test e2e-azure-ovn
• /test e2e-gcp-ovn
• /test e2e-gcp-ovn-upgrade
• /test e2e-metal-ipi-ovn-dualstack
• /test e2e-metal-ipi-ovn-ipv6
• /test e2e-openstack-ovn
• /test e2e-ovn-hybrid-step-registry
• /test e2e-vsphere-ovn
• /test e2e-vsphere-windows
• /test images
• /test okd-e2e-gcp-ovn
• /test okd-images

Use /test all to run all jobs.

In response to this:

/test ci/prow/images

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[dcbw]

/test images

[dcbw]

/test images

[dcbw]

/test images

[dcbw]

/test images

[dcbw]

/test images

[dcbw]

/retest

[trozet]

/retest

[dcbw]

/retest

[trozet]

Hybrid step:

ns/e2e-statefulset-937 pod/ss-0 node/ip-10-0-230-171.ec2.internal - 24.72 seconds after deletion - reason/FailedCreatePodSandBox Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create pod network sandbox k8s_ss-0_e2e-statefulset-937_3c9e8983-67c2-495c-936c-c16447924956_0(f902bb70527f34146fd8f98fdb0c5f6e4e9ea9c135db55ec754bad0105b6adb4): [e2e-statefulset-937/ss-0:ovn-kubernetes]: error adding container to network "ovn-kubernetes": CNI request failed with status 400: '[e2e-statefulset-937/ss-0 f902bb70527f34146fd8f98fdb0c5f6e4e9ea9c135db55ec754bad0105b6adb4] [e2e-statefulset-937/ss-0 f902bb70527f34146fd8f98fdb0c5f6e4e9ea9c135db55ec754bad0105b6adb4] failed to configure pod interface: error while waiting on OVS.Interface.external-ids:ovn-installed for pod: timed out while waiting for OVS port binding

[dcbw]

/test okd-e2e-gcp-ovn

�[36mINFO�[0m[2021-06-07T21:07:12Z] Wrote inspect data to /logs/artifacts/audit-logs. 
�[36mINFO�[0m[2021-06-07T21:07:12Z] error running backup collection: errors ocurred while gathering data: 
�[36mINFO�[0m[2021-06-07T21:07:12Z]     skipping gathering endpoints/host-etcd-2 due to error: endpoints "host-etcd-2" not foundError from server (Forbidden): pods "must-gather-" is forbidden: error looking up service account openshift-must-gather-wr98q/default: serviceaccount "default" not found 
�[36mINFO�[0m[2021-06-07T21:07:12Z] {"component":"entrypoint","error":"wrapped process failed: exit status 1","file":"prow/entrypoint/run.go:80","func":"k8s.io/test-infra/prow/entrypoint.Options.Run","level":"error","msg":"Error executing test process","severity":"error","time":"2021-06-07T21:07:02Z"} 
�[36mINFO�[0m[2021-06-07T21:07:12Z] error: failed to execute wrapped command: exit status 1 
�[36mINFO�[0m[2021-06-07T21:07:12Z]                                              
�[36mINFO�[0m[2021-06-07T21:07:12Z] Step e2e-gcp-ovn-gather-audit-logs failed after 2m10s. 

[dcbw]

/retest

[dcbw]

/override ci/prow/e2e-metal-ipi-ovn-dualstack

[openshift-ci]

@dcbw: Overrode contexts on behalf of dcbw: ci/prow/e2e-metal-ipi-ovn-dualstack

In response to this:

/override ci/prow/e2e-metal-ipi-ovn-dualstack

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[trozet]

/hold

[dcbw]

/test all

[dcbw]

/retest

[dcbw]

/test all

[dcbw]

/retest

[dcbw]

/retest

[openshift-ci]

@dcbw: The following tests failed, say /retest to rerun all failed tests:

Test name	Commit	Details	Rerun command
ci/prow/e2e-openstack-ovn	a872814	link	/test e2e-openstack-ovn
ci/prow/e2e-vsphere-windows	a872814	link	/test e2e-vsphere-windows
ci/prow/e2e-metal-ipi-ovn-dualstack	a872814	link	/test e2e-metal-ipi-ovn-dualstack
ci/prow/e2e-gcp-ovn-upgrade	a872814	link	/test e2e-gcp-ovn-upgrade
ci/prow/e2e-aws-ovn-windows	a872814	link	/test e2e-aws-ovn-windows
ci/prow/4.8-upgrade-from-stable-4.7-e2e-aws-ovn-upgrade	a872814	link	/test 4.8-upgrade-from-stable-4.7-e2e-aws-ovn-upgrade

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[openshift-ci]

@dcbw: PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[dcbw]

ovn-org/ovn-kubernetes#2275 should fix this instead.

[openshift-ci]

@dcbw: This pull request references Bugzilla bug 1959200. The bug has been updated to no longer refer to the pull request using the external bug tracker.

In response to this:

Bug 1959200: Adds back checking OF flows for CNI

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.