cannot remove pod created without a UID in YAML metadata

[maxloge]

Hi,

I am using crictl to create a pod with the following yaml file:

bug.yaml

---
metadata:
  name: bug
  namespace: hello
linux:
  security_context:
    namespace_options:
      network: 2

root@vps:~/k8s# crictl runp bug.yaml
4a790291df0b7855ae8e734243d3e9fb794fcf3e9a6e466403b0a8a6611e24eb

root@vps:~/k8s# crictl pods
POD ID              CREATED             STATE               NAME                NAMESPACE           ATTEMPT             RUNTIME
4a790291df0b7       2 seconds ago       Ready               bug                 hello               0                   (default)

and get the following error when trying to remove the pod:

root@vps:~/k8s# crictl rmp 4a790291df0b7
getting sandbox status of pod "crictl rmp 4a790291df0b7": metadata.Name, metadata.Namespace or metadata.Uid is not in metadata "&PodSandboxMetadata{Name:bug,Uid:,Namespace:hello,Attempt:0,}"

root@vps:~/k8s# crictl pods
POD ID              CREATED             STATE               NAME                NAMESPACE           ATTEMPT             RUNTIME
4a790291df0b7       4 minutes ago       Ready               bug                 hello               0                   (default)

I am using crictl version v1.28.0

root@vps:~/k8s# crictl --version
crictl version v1.28.0

What you expected to happen:

I expect the pod to be removed even if I don't specify a UID in the metadata section of the yaml file.

Environment:

root@vps:~/k8s# crio --version
crio version 1.28.1
Version:        1.28.1
GitCommit:      unknown
GitCommitDate:  unknown
GitTreeState:   clean
BuildDate:      2023-09-15T13:43:48Z
GoVersion:      go1.19
Compiler:       gc
Platform:       linux/amd64
Linkmode:       dynamic
BuildTags:      
  apparmor
  seccomp
  containers_image_ostree_stub
  exclude_graphdriver_btrfs
  exclude_graphdriver_devicemapper
  containers_image_openpgp
LDFlags:          -s -w -X github.com/cri-o/cri-o/internal/version.buildDate=2023-09-15T13:43:48Z 
SeccompEnabled:   true
AppArmorEnabled:  true

root@vps:~/k8s# cat /etc/os-release 
PRETTY_NAME="Ubuntu 22.04.3 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.3 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy

root@vps:~/k8s# uname -a
Linux vps 5.15.0-86-generic #96-Ubuntu SMP Wed Sep 20 08:23:49 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

Don't hesitate to ask if you need more info.

edit 1

I am not sure if it is an issue with crictl or cri-o so I have also reported the issue at cri-o: cri-o/cri-o#7351

[afbjorklund]

Probably should be an error, if the UID is missing?

[maxloge]

Probably should be an error, if the UID is missing?

Yes crictl runp could raise an error if the UID is not provided.

Though it would be nice to have the possibility not to provide a UID and that one gets automatically generated for you since it can be easily retrieved later if necessary.

For example via crictl inspectp:

test-pod.yaml

---
metadata:
  name: test-pod
  namespace: test
  uid: 8c71c384-ecfa-4e1d-b4c5-c91fc491e902
linux:
  security_context:
    namespace_options:
      network: 2

root@vps:~/k8s# POD_ID=$(crictl runp test-pod.yaml)

root@vps:~/k8s# crictl pods
POD ID              CREATED             STATE               NAME                NAMESPACE           ATTEMPT             RUNTIME
b5e1912f6b8f1       15 seconds ago      Ready               test-pod            test                0                   (default)

root@vps:~/k8s# crictl inspectp $POD_ID | jq '.[] | .labels | ."io.kubernetes.pod.uid"'
"8c71c384-ecfa-4e1d-b4c5-c91fc491e902"

[saschagrunert]

Related to kubernetes/kubernetes#119692