Bug 1831112: Kuryr: Mount /run/netns to ensure netns access by dulek · Pull Request #562 · openshift/cluster-network-operator

dulek · 2020-03-31T09:33:49Z

openshift/machine-config-operator#1568 moved pod namespaces from
/proc into /var/run/crio. As Kuryr needs access to them in order to
manipulate interfaces, we need to mount the new directory and this
commit does that.

Most likely the same change needs to be done for ovn-kubernetes, but
it's a bit out of my expertise.

dulek · 2020-03-31T09:36:38Z

/hold

I'd like to get @dcbw opinion here, maybe the breaking change should get reverted instead.

dulek · 2020-03-31T09:38:11Z

/hold cancel

Or let's just merge this and revert it if needed - Kuryr QE needs to get unblocked ASAP as this blocks them from validating 4.4 and 4.3 fixes.

openshift-ci-robot · 2020-03-31T09:45:26Z

@dulek: This pull request references Bugzilla bug 1819129, which is invalid:

expected the bug to target the "4.5.0" release, but it targets "---" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

Details

In response to this:

Bug 1819129: Kuryr: Mount /var/run/crio to ensure netns access

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

dulek · 2020-03-31T09:47:57Z

/bugzilla refresh

openshift-ci-robot · 2020-03-31T09:48:05Z

@dulek: This pull request references Bugzilla bug 1819129, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker.

3 validation(s) were run on this bug

bug is open, matching expected state (open)
bug target release (4.5.0) matches configured target release for branch (4.5.0)
bug is in the state NEW, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Details

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

dulek · 2020-03-31T10:44:25Z

/hold

Okay, this does not seem to help, somehow it's now "failed to open", probably permissions.

openshift-ci-robot · 2020-04-29T09:40:10Z

@dulek: No Bugzilla bug is referenced in the title of this pull request.
To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

Details

In response to this:

Kuryr: Mount /var/run/netns to ensure netns access

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

dulek · 2020-04-29T09:40:31Z

/hold cancel

haircommander · 2020-04-29T15:11:19Z

/retest

cgwalters · 2020-04-30T18:23:24Z

(not super important nit; /var/run is always a symlink to /run, so it's cleaner to just reference that nowadays - it emphasizes strongly that the data is not persistent. /var is about persistence)

haircommander · 2020-05-04T16:34:34Z

/retitle Bug: 1831112 Kuryr: Mount /var/run/netns to ensure netns access

haircommander · 2020-05-04T16:35:24Z

/bugzilla refresh

openshift-ci-robot · 2020-05-04T16:35:25Z

@haircommander: No Bugzilla bug is referenced in the title of this pull request.
To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

Details

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

haircommander · 2020-05-04T16:36:16Z

/retitle Bug 1831112: Kuryr: Mount /var/run/netns to ensure netns access

openshift-ci-robot · 2020-05-04T16:36:34Z

@dulek: This pull request references Bugzilla bug 1831112, which is invalid:

expected the bug to target the "4.5.0" release, but it targets "---" instead

Comment /bugzilla refresh to re-evaluate validity if changes to the Bugzilla bug are made, or edit the title of this pull request to link to a different bug.

Details

In response to this:

Bug 1831112: Kuryr: Mount /var/run/netns to ensure netns access

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

haircommander · 2020-05-04T16:40:46Z

/bugzilla refresh

openshift-ci-robot · 2020-05-04T16:40:51Z

@haircommander: This pull request references Bugzilla bug 1831112, which is valid. The bug has been moved to the POST state.

3 validation(s) were run on this bug

bug is open, matching expected state (open)
bug target release (4.5.0) matches configured target release for branch (4.5.0)
bug is in the state NEW, which is one of the valid states (NEW, ASSIGNED, ON_DEV, POST, POST)

Details

In response to this:

/bugzilla refresh

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

dulek · 2020-05-04T16:48:55Z

This seems to be ready now.

MaysaMacedo · 2020-05-04T19:54:42Z

LGTM. Should we wait for openshift/machine-config-operator/pull/1689 ?

openshift/machine-config-operator#1689 moves pod namespaces from /proc into /run/netns. As Kuryr needs access to them in order to manipulate interfaces, we need to mount the new directory and this commit does that. Note that CNI will pass /var/run/netns in netns paths, but /var/run is a symlink to /run, so it should be just fine.

dulek · 2020-05-05T07:25:15Z

(not super important nit; /var/run is always a symlink to /run, so it's cleaner to just reference that nowadays - it emphasizes strongly that the data is not persistent. /var is about persistence)

Fixed!

LGTM. Should we wait for openshift/machine-config-operator/pull/1689 ?

No, if openshift/machine-config-operator#1689 merges without this, we're broken, we should be first.

Interestingly we can't remove mounting /proc too, because even with the above merged, there is no upgrade path, so old containers will stay on /proc.

dulek · 2020-05-05T10:23:45Z

/test e2e-gcp

luis5tb · 2020-05-05T12:14:44Z

/lgtm

openshift-ci-robot · 2020-05-05T12:15:02Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dulek, luis5tb

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

~~bindata/network/kuryr/OWNERS~~ [dulek]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci-robot · 2020-05-05T12:18:42Z

@dulek: All pull requests linked via external trackers have merged: openshift/cluster-network-operator#562. Bugzilla bug 1831112 has been moved to the MODIFIED state.

Details

In response to this:

Bug 1831112: Kuryr: Mount /run/netns to ensure netns access

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

dulek · 2020-06-29T11:16:10Z

/cherry-pick release-4.4

openshift-cherrypick-robot · 2020-06-29T11:16:20Z

@dulek: new pull request created: #684

Details

In response to this:

/cherry-pick release-4.4

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

openshift-ci-robot requested review from MaysaMacedo and luis5tb March 31, 2020 09:34

openshift-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 31, 2020

openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 31, 2020

openshift-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 31, 2020

dulek changed the title ~~Kuryr: Mount /var/run/crio to ensure netns access~~ Bug 1819129: Kuryr: Mount /var/run/crio to ensure netns access Mar 31, 2020

openshift-ci-robot added the bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. label Mar 31, 2020

openshift-ci-robot added the bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. label Mar 31, 2020

openshift-ci-robot removed the bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. label Mar 31, 2020

openshift-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 31, 2020

dulek force-pushed the kuryr-mount-crio branch 2 times, most recently from ac20671 to 823d8db Compare April 29, 2020 09:39

dulek changed the title ~~Bug 1819129: Kuryr: Mount /var/run/crio to ensure netns access~~ Kuryr: Mount /var/run/netns to ensure netns access Apr 29, 2020

openshift-ci-robot removed the bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. label Apr 29, 2020

openshift-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 29, 2020

dulek mentioned this pull request Apr 29, 2020

Bug 1831866: cri-o: manage ns lifecycle, again! openshift/machine-config-operator#1689

Merged

openshift-ci-robot changed the title ~~Kuryr: Mount /var/run/netns to ensure netns access~~ Bug: 1831112 Kuryr: Mount /var/run/netns to ensure netns access May 4, 2020

openshift-ci-robot changed the title ~~Bug: 1831112 Kuryr: Mount /var/run/netns to ensure netns access~~ Bug 1831112: Kuryr: Mount /var/run/netns to ensure netns access May 4, 2020

openshift-ci-robot added bugzilla/severity-low Referenced Bugzilla bug's severity is low for the branch this PR is targeting. bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. labels May 4, 2020

openshift-ci-robot added the bugzilla/valid-bug Indicates that a referenced Bugzilla bug is valid for the branch this PR is targeting. label May 4, 2020

openshift-ci-robot removed the bugzilla/invalid-bug Indicates that a referenced Bugzilla bug is invalid for the branch this PR is targeting. label May 4, 2020

dulek force-pushed the kuryr-mount-crio branch from 823d8db to 9c07f82 Compare May 5, 2020 07:23

dulek changed the title ~~Bug 1831112: Kuryr: Mount /var/run/netns to ensure netns access~~ Bug 1831112: Kuryr: Mount /run/netns to ensure netns access May 5, 2020

openshift-ci-robot assigned luis5tb May 5, 2020

openshift-ci-robot added the lgtm Indicates that a PR is ready to be merged. label May 5, 2020

openshift-merge-robot merged commit 344e722 into openshift:master May 5, 2020

openshift-cherrypick-robot mentioned this pull request Jun 29, 2020

[release-4.4] Bug 1851903: Kuryr: Mount /run/netns to ensure netns access #684

Merged

Conversation

dulek commented Mar 31, 2020

Uh oh!

dulek commented Mar 31, 2020

Uh oh!

dulek commented Mar 31, 2020

Uh oh!

openshift-ci-robot commented Mar 31, 2020

Uh oh!

dulek commented Mar 31, 2020

Uh oh!

openshift-ci-robot commented Mar 31, 2020

Uh oh!

dulek commented Mar 31, 2020

Uh oh!

openshift-ci-robot commented Apr 29, 2020

Uh oh!

dulek commented Apr 29, 2020

Uh oh!

haircommander commented Apr 29, 2020

Uh oh!

cgwalters commented Apr 30, 2020

Uh oh!

haircommander commented May 4, 2020

Uh oh!

haircommander commented May 4, 2020

Uh oh!

openshift-ci-robot commented May 4, 2020

Uh oh!

haircommander commented May 4, 2020

Uh oh!

openshift-ci-robot commented May 4, 2020

Uh oh!

haircommander commented May 4, 2020

Uh oh!

openshift-ci-robot commented May 4, 2020

Uh oh!

dulek commented May 4, 2020

Uh oh!

MaysaMacedo commented May 4, 2020

Uh oh!

dulek commented May 5, 2020

Uh oh!

dulek commented May 5, 2020

Uh oh!

luis5tb commented May 5, 2020

Uh oh!

openshift-ci-robot commented May 5, 2020

Uh oh!

openshift-ci-robot commented May 5, 2020

Uh oh!

dulek commented Jun 29, 2020

Uh oh!

openshift-cherrypick-robot commented Jun 29, 2020

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

8 participants