Whereabouts IPAM fails due to invalid OverlappingRangeIPReservation CRD from NicClusterPolicy #1685
Description
What happened:
When deploying NicClusterPolicy with ipamPlugin configured to use whereabouts, pod creation fails due to an invalid schema in the OverlappingRangeIPReservation CRD that is installed by the operator.
Error:
error at storage engine: OverlappingRangeIPReservation.whereabouts.cni.cncf.io "[IP]": invalid: [spec.range: Required value, spec.allocations: Required value]
This happens because the CRD requires spec.range and spec.allocations, which are not set by the Whereabouts IPAM plugin.
What you expected to happen:
Pods should be assigned IPs from Whereabouts IPAM, and the OverlappingRangeIPReservation objects should be created without schema validation errors.
How to reproduce it (as minimally and precisely as possible):
- Install the Network Operator with NicClusterPolicy including:
secondaryNetwork: ipamPlugin: repository: gchr.io/k8snetworkplumbingwg image: whereabouts version: v0.7.0
- Apply a NetworkAttachmentDefinition using type: whereabouts
- Create a pod using the SR-IOV + Whereabouts NAD
- Observe pod sandbox failure due to invalid CRD schema
Anything else we need to know?:
This issue is resolved by replacing the CRD installed by the operator with the official upstream one:
kubectl apply -f https://raw.githubusercontent.com/k8snetworkplumbingwg/whereabouts/main/charts/whereabouts/crds/whereabouts.cni.cncf.io_overlappingrangeipreservations.yaml
I traced this to a bad CRD file at:
manifests/state-whereabouts-cni/0015-whereabouts.cni.cncf.io_overlappingrangeipreservations.yaml
Happy to contribute a PR with the fix.