-
Notifications
You must be signed in to change notification settings - Fork 451
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] 使用外部网络创建的Subnet 的v4usingIPs字段超过网段范围 #4747
Comments
I found some similar issues that might be relevant to the problem you're experiencing:
These issues suggest that there have been previous problems with how IP statistics are calculated or reported, particularly in relation to overlapping IPs and external networks. It might be worth reviewing the changes made in the related pull requests to see if they address the problem you're encountering. |
@kldancer ip crd 和 iptables-eip 存在冲突? |
|
@kldancer 帮忙在 kube-ovn-controller 中过滤下 |
日志如下: -- E1120 09:38:57.712149 7 ipam.go:89] failed to allocate static ip 181.16.3.56 for eip-nwghjrqw |
[root@mgtnode198 ~]# cat /var/log/kube-ovn/kube-ovn-controller.log | grep -C 10 181.16.3.160
I1120 09:38:57.339029 7 ipam.go:72] allocating static ip 181.16.3.160 from subnet net-f30e7yge
I1120 09:38:57.339053 7 ipam.go:102] allocate v4 181.16.3.160, mac for kube-system/vpc-nat-gw-eip-dmrrowhk-0 from subnet net-f30e7yge
--
I1120 09:38:57.712232 7 ipam.go:72] allocating static ip 181.16.3.160 from subnet net-f30e7yge
E1120 09:38:57.712240 7 subnet.go:392] ip 181.16.3.160 has been allocated to [kube-system/vpc-nat-gw-eip-dmrrowhk-0]
E1120 09:38:57.712258 7 ipam.go:89] failed to allocate static ip 181.16.3.160 for eip-1p63d8pj
E1120 09:38:57.712265 7 init.go:404] failed to init ipam from iptables eip cr eip-1p63d8pj: AddressConflict
看下你的 IP 和 eip 的 yaml,我看下创建时间 |
是不是 eip 先创建的, ip 后创建的 ? |
11-19 号,iptables-eip 创建时的 log 可以帮忙找下不? |
抱歉,找不到那之前的日志了。只有今天的 |
环境重新部署过么? |
@dolibali 跟下这个bug,看是否能复现? |
问题再次复现了,操作是反复重建删除nat-gw,最终导致了一堆nat-gw eip的ips脏数据,以下是节选日志:可以搜索关键字eip-0aineocq-0 [root@mgtnode197 ~]# cat /var/log/kube-ovn/kube-ovn-controller.log | grep eip-0aineocq-0 -C 5
I1122 14:40:04.779550 7 network_policy.go:289] UpdateNp Ingress, allows is [110.64.0.62 10.96.35.206 10.110.218.19 10.98.110.140 110.64.0.170 10.104.54.131], excepts is [], log false, protocol IPv4
I1122 14:40:04.779928 7 network_policy.go:289] UpdateNp Ingress, allows is [110.64.0.62 10.96.35.206 10.110.218.19 10.98.110.140], excepts is [], log false, protocol IPv4
I1122 14:40:09.271186 7 gc.go:380] gc logical switch port vpc-nat-gw-eip-0aineocq-0.kube-system
I1122 14:40:09.271446 7 ovn-nb-logical_switch_port.go:685] delete logical switch port vpc-nat-gw-eip-0aineocq-0.kube-system with id 726479c3-fe18-4991-a573-61740b433695 from logical switch subnet-ue9ralxi
I1122 14:40:09.273994 7 gc.go:385] gc ip vpc-nat-gw-eip-0aineocq-0.kube-system
I1122 14:40:09.275845 7 gc.go:395] gc ip vpc-nat-gw-eip-0aineocq-0.kube-system
I1122 14:40:09.279851 7 subnet.go:496] release v4 102.99.20.253 mac be:9f:05:8d:24:57 from subnet subnet-ue9ralxi for kube-system/vpc-nat-gw-eip-0aineocq-0, add ip to released list
I1122 14:40:10.233816 7 ippool.go:205] handle delete ippool vpc-nat-gw-subnet-ue9ralxi
I1122 14:40:10.239698 7 subnet.go:350] format subnet subnet-ue9ralxi, changed false
I1122 14:40:10.246670 7 vpc.go:117] handle delete vpc vpc-s1s0rmz6
I1122 14:40:10.246682 7 vpc_lb.go:50] delete vpc lb deployment for vpc-vpc-s1s0rmz6-lb
I1122 14:40:10.247360 7 subnet.go:999] delete u2o interconnection policy route for subnet subnet-ue9ralxi
--
E1122 14:40:16.058895 7 pod.go:487] subnet.kubeovn.io "subnet-ue9ralxi" not found
E1122 14:40:16.058902 7 pod.go:269] failed to get newPod nets subnet.kubeovn.io "subnet-ue9ralxi" not found
E1122 14:40:16.065431 7 pod.go:1345] failed to get subnet subnet.kubeovn.io "subnet-ue9ralxi" not found
E1122 14:40:16.065444 7 pod.go:487] subnet.kubeovn.io "subnet-ue9ralxi" not found
E1122 14:40:16.065450 7 pod.go:269] failed to get newPod nets subnet.kubeovn.io "subnet-ue9ralxi" not found
I1122 14:40:16.068362 7 pod.go:249] enqueue delete pod kube-system/vpc-nat-gw-eip-0aineocq-0
I1122 14:40:16.068373 7 network_policy.go:144] handle add/update network policy argocd/argocd-repo-server-network-policy
I1122 14:40:16.068384 7 pod.go:922] handle delete pod kube-system/vpc-nat-gw-eip-0aineocq-0
I1122 14:40:16.068416 7 network_policy.go:144] handle add/update network policy argocd/argocd-dex-server-network-policy
I1122 14:40:16.068412 7 network_policy.go:144] handle add/update network policy argocd/argocd-application-controller-network-policy
I1122 14:40:16.068715 7 network_policy.go:213] UpdateNp, releated subnet protocols [IPv4]
I1122 14:40:16.068781 7 network_policy.go:213] UpdateNp, releated subnet protocols [IPv4]
I1122 14:40:16.068843 7 network_policy.go:213] UpdateNp, releated subnet protocols [IPv4]
I1122 14:40:16.069949 7 network_policy.go:289] UpdateNp Ingress, allows is [110.64.0.62 10.96.35.206 10.110.218.19 10.98.110.140], excepts is [], log false, protocol IPv4
I1122 14:40:16.070017 7 network_policy.go:289] UpdateNp Ingress, allows is [110.64.0.62 10.110.218.19 10.98.110.140 10.96.35.206 110.64.0.170 10.104.54.131], excepts is [], log false, protocol IPv4
E1122 14:40:16.071541 7 pod.go:1345] failed to get subnet subnet.kubeovn.io "subnet-ue9ralxi" not found
E1122 14:40:16.071562 7 pod.go:487] subnet.kubeovn.io "subnet-ue9ralxi" not found
E1122 14:40:16.071573 7 pod.go:959] failed to get pod nets subnet.kubeovn.io "subnet-ue9ralxi" not found
I1122 14:40:16.072310 7 pod.go:1026] release all ip address for deleting pod kube-system/vpc-nat-gw-eip-0aineocq-0
I1122 14:40:16.072382 7 subnet.go:496] release v4 181.16.3.92 mac from subnet net-kquq4ao2 for kube-system/vpc-nat-gw-eip-0aineocq-0, add ip to released list
I1122 14:40:16.072409 7 pod.go:439] take 4 ms to handle delete pod kube-system/vpc-nat-gw-eip-0aineocq-0
I1122 14:40:27.522966 7 pod.go:249] enqueue delete pod vm-74f00bab/virt-launcher-i-c8nsakoo-4gqtd
I1122 14:40:27.522989 7 network_policy.go:144] handle add/update network policy vm-74f00bab/network-policy-tag
--
E1122 14:40:43.936459 7 pod.go:487] subnet.kubeovn.io "subnet-0keg5526" not found
E1122 14:40:43.936470 7 pod.go:959] failed to get pod nets subnet.kubeovn.io "subnet-0keg5526" not found
I1122 14:40:43.937205 7 pod.go:1026] release all ip address for deleting pod kube-system/vpc-nat-gw-eip-3wsdxa2b-0
I1122 14:40:43.937285 7 subnet.go:496] release v4 181.16.3.90 mac from subnet net-kquq4ao2 for kube-system/vpc-nat-gw-eip-3wsdxa2b-0, add ip to released list
I1122 14:40:43.937301 7 pod.go:439] take 4 ms to handle delete pod kube-system/vpc-nat-gw-eip-3wsdxa2b-0
I1122 14:40:44.057730 7 pod.go:922] handle delete pod kube-system/vpc-nat-gw-eip-0aineocq-0
E1122 14:40:44.062110 7 pod.go:1345] failed to get subnet subnet.kubeovn.io "subnet-ue9ralxi" not found
E1122 14:40:44.062131 7 pod.go:487] subnet.kubeovn.io "subnet-ue9ralxi" not found
E1122 14:40:44.062143 7 pod.go:959] failed to get pod nets subnet.kubeovn.io "subnet-ue9ralxi" not found
I1122 14:40:44.062834 7 pod.go:1026] release all ip address for deleting pod kube-system/vpc-nat-gw-eip-0aineocq-0
I1122 14:40:44.062879 7 pod.go:439] take 5 ms to handle delete pod kube-system/vpc-nat-gw-eip-0aineocq-0
I1122 14:40:44.613200 7 pod.go:347] enqueue update pod vm-74f00bab/virt-launcher-i-wzi29pk9-4d2nr
I1122 14:40:44.613240 7 pod.go:519] handle add/update pod vm-74f00bab/virt-launcher-i-wzi29pk9-4d2nr 不清楚为什么这条日志执行后“release v4 181.16.3.92 mac from subnet net-kquq4ao2 for kube-system/vpc-nat-gw-eip-0aineocq-0, add ip to released list”,eip到ips资源为什么没有被清理掉 |
好的,我们再继续跟一下 |
Kube-OVN Version
v1.12.22
Kubernetes Version
v1.27.6
Operation-system/Kernel Version
5.10.0
Description
使用外部网络(macvlan)创建的Subnet 的v4usingIPs字段超过了网段范围
Steps To Reproduce
Current Behavior
subnet的v4usingIPs字段超过了当前CIDR的范围
Expected Behavior
subnet的v4usingIPs字段正确展示子网现在已用的 IPv4 IP 地址数量
The text was updated successfully, but these errors were encountered: