STT Encap doesnt work on Azure Cloud

[reachjainrahul]

Describe the bug
A clear and concise description of what the bug is.
If you believe this bug is a security issue, please don't use this template and follow our security guidelines

E2E tests failed with Encap mode STT.

To Reproduce
Steps to reproduce the behavior.
Deployed a setup with Ubuntu 18.04. It seems Tunnel interface creation failed for STT. Have a live setup

Login to master node with the following key
azureuser@rjantrea-rg2.westus2.cloudapp.azure.com

Key
Ping me for private key

root@k8s-agentpool1-11244967-vmss000000:/# ovs-vsctl show
03bde5b1-c6f0-43c2-9f9f-a8b2c8bb8718
Bridge br-int
Port "csi-azur-8e0f71"
Interface "csi-azur-8e0f71"
Port "gw0"
Interface "gw0"
type: internal
Port "frontend-9d70f4"
Interface "frontend-9d70f4"
Port "csi-azur-0d7437"
Interface "csi-azur-0d7437"
Port "kubernet-c634b8"
Interface "kubernet-c634b8"
Port "metrics--e33bf8"
Interface "metrics--e33bf8"
Port "csi-azur-7d42b4"
Interface "csi-azur-7d42b4"
Port "blobfuse-30ed46"
Interface "blobfuse-30ed46"
Port "csi-azur-c1222c"
Interface "csi-azur-c1222c"
Port "tun0"
Interface "tun0"
type: stt
options: {key=flow, remote_ip=flow}
error: "could not add network device tun0 to ofproto (Address family not supported by protocol)"
Port "keyvault-78fab8"

Expected
A clear and concise description of what you expected to happen.

Actual behavior
A clear and concise description of what's the actual behavior. If applicable, add screenshots, log messages, etc. to help explain the problem.

Versions:
Please provide the following information:

• Antrea version (Docker image tag).
• Kubernetes version (use kubectl version). If your Kubernetes components have different versions, please provide the version for all of them.
• Container runtime: which runtime are you using (e.g. containerd, cri-o, docker) and which version are you using?
• Linux kernel version on the Kubernetes Nodes (uname -r).
• If you chose to compile the Open vSwitch kernel module manually instead of using the kernel module built into the Linux kernel, which version of the OVS kernel module are you using? Include the output of modinfo openvswitch for the Kubernetes Nodes.

Additional context
Add any other context about the problem here, such as Antrea logs, kubelet logs, etc.

(Please consider pasting long output into a GitHub gist or any other pastebin.)

[reachjainrahul]

Same issue is seen on both 16.04 and 18.04 Cloud VMs...

root@k8s-master-17122203-0:/# uname -r
4.15.0-1066-azure

root@k8s-master-17122203-0:/# lsmod
Module Size Used by
veth 16384 0
ufs 77824 0
msdos 20480 0
xfs 1208320 0
openvswitch 131072 3
nsh 16384 1 openvswitch
nf_conntrack_ipv6 20480 1
nf_nat_ipv6 16384 1 openvswitch
xt_nat 16384 4
ipt_REJECT 16384 3
nf_reject_ipv4 16384 1 ipt_REJECT
xt_tcpudp 16384 17
ip_vs_sh 16384 0
ip_vs_wrr 16384 0
ip_vs_rr 16384 0
ip_vs 151552 6 ip_vs_rr,ip_vs_sh,ip_vs_wrr
nf_defrag_ipv6 20480 3 nf_conntrack_ipv6,openvswitch,ip_vs
xt_comment 16384 34
xt_mark 16384 7
ebtable_nat 16384 0
ebtables 32768 1 ebtable_nat
ipt_MASQUERADE 16384 3
nf_nat_masquerade_ipv4 16384 1 ipt_MASQUERADE
nf_conntrack_netlink 40960 0
nfnetlink 16384 2 nf_conntrack_netlink
xfrm_user 36864 1
xfrm_algo 16384 1 xfrm_user
xt_addrtype 16384 3
iptable_filter 16384 1
iptable_nat 16384 1
nf_nat_ipv4 16384 2 openvswitch,iptable_nat
nf_nat 32768 5 nf_nat_masquerade_ipv4,nf_nat_ipv6,nf_nat_ipv4,xt_nat,openvswitch
br_netfilter 24576 0
bridge 155648 1 br_netfilter
stp 16384 1 bridge
llc 16384 2 bridge,stp
overlay 77824 19
aufs 241664 0
nf_conntrack_ipv4 16384 17
nf_defrag_ipv4 16384 1 nf_conntrack_ipv4
xt_owner 16384 1
xt_conntrack 16384 9
nf_conntrack 131072 12 xt_conntrack,nf_nat_masquerade_ipv4,nf_conntrack_ipv6,nf_conntrack_ipv4,nf_nat,nf_nat_ipv6,ipt_MASQUERADE,nf_nat_ipv4,xt_nat,openvswitch,nf_conntrack_netlink,ip_vs
iptable_security 16384 1
ip_tables 28672 3 iptable_filter,iptable_security,iptable_nat
x_tables 40960 13 ebtables,xt_conntrack,iptable_filter,iptable_security,xt_tcpudp,ipt_MASQUERADE,xt_addrtype,xt_nat,xt_comment,xt_owner,ipt_REJECT,ip_tables,xt_mark
udf 90112 0
crc_itu_t 16384 1 udf
nls_iso8859_1 16384 1
hv_balloon 24576 0
serio_raw 16384 0
joydev 24576 0
ib_iser 49152 0
rdma_cm 61440 1 ib_iser
iw_cm 45056 1 rdma_cm
ib_cm 53248 1 rdma_cm
ib_core 225280 4 rdma_cm,iw_cm,ib_iser,ib_cm
sunrpc 335872 1
iscsi_tcp 20480 0
libiscsi_tcp 20480 1 iscsi_tcp
libiscsi 53248 3 libiscsi_tcp,iscsi_tcp,ib_iser
scsi_transport_iscsi 98304 4 iscsi_tcp,ib_iser,libiscsi
autofs4 40960 2
btrfs 1138688 0
zstd_compress 163840 1 btrfs
raid10 53248 0
raid456 147456 0
async_raid6_recov 20480 1 raid456
async_memcpy 16384 2 raid456,async_raid6_recov
async_pq 16384 2 raid456,async_raid6_recov
async_xor 16384 3 async_pq,raid456,async_raid6_recov
async_tx 16384 5 async_pq,async_memcpy,async_xor,raid456,async_raid6_recov
xor 24576 2 async_xor,btrfs
raid6_pq 114688 4 async_pq,btrfs,raid456,async_raid6_recov
libcrc32c 16384 6 nf_conntrack,nf_nat,openvswitch,xfs,raid456,ip_vs
raid1 40960 0
raid0 20480 0
multipath 16384 0
linear 16384 0
crct10dif_pclmul 16384 0
crc32_pclmul 16384 0
ghash_clmulni_intel 16384 0
pcbc 16384 0
aesni_intel 188416 0
aes_x86_64 20480 1 aesni_intel
hid_generic 16384 0
crypto_simd 16384 1 aesni_intel
hyperv_fb 20480 1
glue_helper 16384 1 aesni_intel
hid_hyperv 16384 0
cfbfillrect 16384 1 hyperv_fb
pata_acpi 16384 0
cfbimgblt 16384 1 hyperv_fb
cryptd 24576 3 crypto_simd,ghash_clmulni_intel,aesni_intel
hid 102400 2 hid_hyperv,hid_generic
hyperv_keyboard 16384 0
hv_netvsc 49152 0
hv_utils 28672 2
cfbcopyarea 16384 1 hyperv_fb

[jianjuns]

Seems STT is not in upstream OVS in kernel. @antoninbas: how should we document this?

[github-actions]

This issue is stale because it has been open 180 days with no activity. Remove stale label or comment, or this will be closed in 180 days