IPAM deployment fails to write to PVC and crashes #98
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Setup Details
FIC Version : 0.1.5
CIS Version : 2.7.1
FIC Build: f5networks/f5-ipam-controller:latest
CIS Build: f5networks/k8s-bigip-ctlr:latest
BIGIP Version: Big IP x.x.x
AS3 Version: 3.x
Orchestration: K8S/OSCP
Orchestration Version:
Additional Setup details: <Platform/CNI Plugins/ cluster nodes/ etc>
Description
The IPAM controller fails to write to PVC and subsequently crashes on Openshift 4.8.
The reason may be, there is securityContext which sets fsGroup, runAsUser and runAsGroup on the deployment, which cannot be handled by CSI drivers not supporting fsGroip change.
For this use case, however, specifying fsGroup should not be needed at all. We suggest removing the securityContext altogether, at least for Openshift, as there does not seem to be anything which should require running under specific user and especially under specific fsGroup.
These are logs:
2022/02/09 11:00:16 [INFO] [INIT] Starting: F5 IPAM Controller - Version: 0.1.5, BuildInfo: azure-1035-1bb5b0bc70546b7546ad2b1f42405b9aa867de2e
2022/02/09 11:00:16 [ERROR] [STORE] Unable to create IPAM DB file: open /app/ipamdb/cis_ipam.sqlite3: permission denied
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x60 pc=0x5c7395]
goroutine 1 [running]:
github.com/F5Networks/f5-ipam-controller/pkg/provider.(*IPAMProvider).Init(0xc000792a60, 0x7ffc13bb2dd6, 0x24, 0x10)
/go/src/github.com/F5Networks/f5-ipam-controller/pkg/provider/provider.go:60 +0xf5
github.com/F5Networks/f5-ipam-controller/pkg/provider.NewProvider(0x7ffc13bb2dd6, 0x24, 0xc000207b38)
/go/src/github.com/F5Networks/f5-ipam-controller/pkg/provider/provider.go:44 +0xa5
github.com/F5Networks/f5-ipam-controller/pkg/manager.NewIPAMManager(0x7ffc13bb2dd6, 0x24, 0x28, 0xc000798490, 0x1)
/go/src/github.com/F5Networks/f5-ipam-controller/pkg/manager/f5ipammanager.go:39 +0x39
github.com/F5Networks/f5-ipam-controller/pkg/manager.NewManager(0x7ffc13bb2dbc, 0xe, 0x7ffc13bb2dd6, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
/go/src/github.com/F5Networks/f5-ipam-controller/pkg/manager/manager.go:53 +0x452
main.main()
/go/src/github.com/F5Networks/f5-ipam-controller/cmd/f5-ipam-controller/main.go:278 +0x4a5
The text was updated successfully, but these errors were encountered: