NetworkPolicy with Egress policyType is resulting in SDN errors and improper communication within Project in OpenShift 4
Issue
NetworkPolicywith EgresspolicyTypeis resulting in SDN errors and improper communication within Project-
The following errors are repeating the OpenShift SDN logs:
$ oc logs <sdn pod> -c sdn -n openshift-sdn I1209 01:24:01.738089 4106341 pod.go:508] CNI_ADD hsts/web-0 got IP 10.131.1.97, ofport 1875 I1209 01:24:01.763042 4106341 ovs.go:158] Error executing ovs-ofctl: ovs-ofctl: -:2: 0/0: invalid IP address I1209 01:24:02.282660 4106341 ovs.go:158] Error executing ovs-ofctl: ovs-ofctl: -:2: 0/0: invalid IP address I1209 01:24:02.929075 4106341 ovs.go:158] Error executing ovs-ofctl: ovs-ofctl: -:2: 0/0: invalid IP address I1209 01:24:03.730945 4106341 ovs.go:158] Error executing ovs-ofctl: ovs-ofctl: -:2: 0/0: invalid IP address I1209 01:24:04.736159 4106341 ovs.go:158] Error executing ovs-ofctl: ovs-ofctl: -:2: 0/0: invalid IP address I1209 01:24:05.977063 4106341 ovs.go:158] Error executing ovs-ofctl: ovs-ofctl: -:2: 0/0: invalid IP address I1209 01:24:07.524868 4106341 ovs.go:158] Error executing ovs-ofctl: ovs-ofctl: -:2: 0/0: invalid IP address I1209 01:24:09.454298 4106341 ovs.go:158] Error executing ovs-ofctl: ovs-ofctl: -:2: 0/0: invalid IP address I1209 01:24:11.861189 4106341 ovs.go:158] Error executing ovs-ofctl: ovs-ofctl: -:2: 0/0: invalid IP address I1209 01:24:14.867488 4106341 ovs.go:158] Error executing ovs-ofctl: ovs-ofctl: -:2: 0/0: invalid IP address E1209 01:24:14.867721 4106341 networkpolicy.go:311] Error syncing OVS flows for VNID: timed out waiting for the condition - Why pods running in the same project cannot communicate while a
NetworkPolicyis present?
Environment
- Red Hat OpenShift Container Platform (RHOCP)
- 4.6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
