MTU Change Bug
Version
Section titled “Version”- I tested on 4.16 and my work colleague tested on 4.12 with the same results, different networks/hardware.
Reproduction
Section titled “Reproduction”- Follow these instructions to step 9.
Post Mortem
Section titled “Post Mortem”- I ran this procedure
- After step 9 the cluster crashes.
oc patch Network.operator.openshift.io cluster --type=merge --patch '{"spec": { "migration": null, "defaultNetwork":{ "ovnKubernetesConfig": { "mtu": <mtu> }}}}'- In my case I see two nodes offline:
[grant@rockydesktop tmp]$ oc get nodesNAME STATUS ROLES AGE VERSION00-50-56-8a-39-a0 Ready control-plane,master 5h48m v1.29.6+aba1e8d00-50-56-8a-44-52 NotReady control-plane,master 5h48m v1.29.6+aba1e8d00-50-56-8a-5c-ec Ready control-plane,master 5h30m v1.29.6+aba1e8d00-50-56-8a-e1-e7 Ready worker 5h37m v1.29.6+aba1e8d00-50-56-8a-f2-5d Ready worker 5h37m v1.29.6+aba1e8d00-50-56-8a-fb-ea NotReady worker 5h37m v1.29.6+aba1e8d- First I checked the machine configs to make sure that the MTU change is there as expected. In both you see the same thing
# Need oneshot to delay kubeletType=oneshotEnvironment=NETWORK_TYPE=OVNKubernetesEnvironment=TARGET_MTU=9000Environment=CNI_TARGET_MTU=8900ExecStart=/usr/local/bin/mtu-migration.shStandardOutput=journal+consoleStandardError=journal+console- I confirmed that the network operator took the MTU change as well:
[grant@rockydesktop tmp]$ oc get network.operator.openshift.io cluster -o jsonpath='{.spec.defaultNetwork.ovnKubernetesConfig.mtu}'8900- Next I checked ovn-k8s status:
[grant@rockydesktop tmp]$ oc get pods -n openshift-ovn-kubernetesNAME READY STATUS RESTARTS AGEovnkube-control-plane-58975cd9fd-7wmvb 2/2 Running 0 120movnkube-control-plane-58975cd9fd-mz4pv 2/2 Running 0 166movnkube-node-568wp 7/8 CrashLoopBackOff 64 (104s ago) 5h53movnkube-node-5bqnj 8/8 Running 16 5h53movnkube-node-62ccc 8/8 Running 16 5h44movnkube-node-7pmvf 8/8 Running 16 5h44movnkube-node-9h9qr 7/8 CrashLoopBackOff 64 (88s ago) 5h44movnkube-node-mqh7r 8/8 Running 16 5h37m- I drilled down into one of the failed pods where I saw that ovnkube-controller had failed:
Warning BackOff 22s (x124 over 24m) kubelet Back-off restarting failed container ovnkube-controller in pod ovnkube-node-9h9qr_openshift-ovn-kubernetes(5ade0811-dd08-4a17-bac7-fd66e33604a2)- I then pulled ovnkube-controller’s logs. What caught my attention was the last line:
F0719 01:46:01.927062 37437 ovnkube.go:136] failed to run ovnkube: failed to start node network controller: failed to start default node network controller: interface MTU (8900) is too small for specified overlay MTU (8958)My hardware MTU is 9000 so I, as the directions specified, set my cluster MTU 100 below to 8900. I don’t know why the overlay is looking for 8958 or where that number is coming from. This looks like a bug to me unless I went wrong somewhere along the line.
- To ensure I wasn’t facing this bug I checked the MTU’s on the host:
[grant@rockydesktop testing]$ oc debug node/00-50-56-8a-fb-ea -- chroot /host ip a sh | grep mtuStarting pod/00-50-56-8a-fb-ea-debug ...To use host binaries, run `chroot /host`1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 10002: ens192: <BROADCAST,MULTICAST,ALLMULTI,UP,LOWER_UP> mtu 8900 qdisc mq master ovs-system state UP group default qlen 10003: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 10005: genev_sys_6081: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65000 qdisc noqueue master ovs-system state UNKNOWN group default qlen 10006: ovn-k8s-mp0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 8900 qdisc noqueue state UNKNOWN group default qlen 10007: br-int: <BROADCAST,MULTICAST> mtu 8900 qdisc noop state DOWN group default qlen 10008: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 8900 qdisc noqueue state UNKNOWN group default qlen 1000Note: I had to make the version 4.15.0 because 4.16.0 was not supported by butane.
control-plane-interface.bu
Section titled “control-plane-interface.bu”variant: openshiftversion: 4.15.0metadata: name: 01-control-plane-interface labels: machineconfiguration.openshift.io/role: masterstorage: files: - path: /etc/NetworkManager/conf.d/99-ens192-mtu.conf contents: local: ens192-mtu.conf mode: 0600worker-interface.bu
Section titled “worker-interface.bu”variant: openshiftversion: 4.15.0metadata: name: 01-worker-interface labels: machineconfiguration.openshift.io/role: workerstorage: files: - path: /etc/NetworkManager/conf.d/99-ens192-mtu.conf contents: local: ens192-mtu.conf mode: 0600control-plane-interface.yaml
Section titled “control-plane-interface.yaml”# Generated by Butane; do not editapiVersion: machineconfiguration.openshift.io/v1kind: MachineConfigmetadata: labels: machineconfiguration.openshift.io/role: master name: 01-control-plane-interfacespec: config: ignition: version: 3.4.0 storage: files: - contents: compression: "" source: data:,%5Bconnection-ens192-mtu%5D%0Amatch-device%3Dinterface-name%3Aens192%0Aethernet.mtu%3D8900%0A mode: 384 path: /etc/NetworkManager/conf.d/99-ens192-mtu.confworker-interface.yaml
Section titled “worker-interface.yaml”# Generated by Butane; do not editapiVersion: machineconfiguration.openshift.io/v1kind: MachineConfigmetadata: labels: machineconfiguration.openshift.io/role: worker name: 01-worker-interfacespec: config: ignition: version: 3.4.0 storage: files: - contents: compression: "" source: data:,%5Bconnection-ens192-mtu%5D%0Amatch-device%3Dinterface-name%3Aens192%0Aethernet.mtu%3D8900%0A mode: 384 path: /etc/NetworkManager/conf.d/99-ens192-mtu.conf