trinaths
commented
2 years ago Created [CONTCNTR-3186] for internal tracking.
Open bukovjanmic opened 2 years ago
trinaths
commented
2 years ago Created [CONTCNTR-3186] for internal tracking.
mdditt2000
commented
2 years ago @trinaths please close this issue. Resolved in 2.8.1
Setup Details
FIC Version : 0.1.5 CIS Version : 2.7.1
FIC Build: f5networks/f5-ipam-controller:latest CIS Build: f5networks/k8s-bigip-ctlr:latest
BIGIP Version: Big IP x.x.x
AS3 Version: 3.x
Orchestration: K8S/OSCP
Orchestration Version:
Additional Setup details: <Platform/CNI Plugins/ cluster nodes/ etc>
Description
The IPAM controller fails to write to PVC and subsequently crashes on Openshift 4.8.
The reason may be, there is securityContext which sets fsGroup, runAsUser and runAsGroup on the deployment, which cannot be handled by CSI drivers not supporting fsGroip change.
For this use case, however, specifying fsGroup should not be needed at all. We suggest removing the securityContext altogether, at least for Openshift, as there does not seem to be anything which should require running under specific user and especially under specific fsGroup.
These are logs:
2022/02/09 11:00:16 [INFO] [INIT] Starting: F5 IPAM Controller - Version: 0.1.5, BuildInfo: azure-1035-1bb5b0bc70546b7546ad2b1f42405b9aa867de2e 2022/02/09 11:00:16 [ERROR] [STORE] Unable to create IPAM DB file: open /app/ipamdb/cis_ipam.sqlite3: permission denied panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x60 pc=0x5c7395]
goroutine 1 [running]: github.com/F5Networks/f5-ipam-controller/pkg/provider.(*IPAMProvider).Init(0xc000792a60, 0x7ffc13bb2dd6, 0x24, 0x10) /go/src/github.com/F5Networks/f5-ipam-controller/pkg/provider/provider.go:60 +0xf5 github.com/F5Networks/f5-ipam-controller/pkg/provider.NewProvider(0x7ffc13bb2dd6, 0x24, 0xc000207b38) /go/src/github.com/F5Networks/f5-ipam-controller/pkg/provider/provider.go:44 +0xa5 github.com/F5Networks/f5-ipam-controller/pkg/manager.NewIPAMManager(0x7ffc13bb2dd6, 0x24, 0x28, 0xc000798490, 0x1) /go/src/github.com/F5Networks/f5-ipam-controller/pkg/manager/f5ipammanager.go:39 +0x39 github.com/F5Networks/f5-ipam-controller/pkg/manager.NewManager(0x7ffc13bb2dbc, 0xe, 0x7ffc13bb2dd6, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...) /go/src/github.com/F5Networks/f5-ipam-controller/pkg/manager/manager.go:53 +0x452 main.main() /go/src/github.com/F5Networks/f5-ipam-controller/cmd/f5-ipam-controller/main.go:278 +0x4a5