Uploaded image for project: 'Red Hat Advanced Cluster Management'
  1. Red Hat Advanced Cluster Management
  2. ACM-2057

[Submariner] - submariner gateway security group in aws not deleted when uninstalling submariner

    XMLWordPrintable

Details

    • False
    • None
    • False
    • No

    Description

      Description of problem:

      ACM 2.7 / Submariner 0.14.0
      During uninstall process of submariner, submariner gateway security group is not deleted on AWS platform. As a result on redeployment of submariner, cloud prepare step fails as it found duplicate security group.

      ACM hub submariner-addon log during uninstall:

      I1113 13:37:27.330732       1 event.go:285] Event(v1.ObjectReference{Kind:"Deployment", Namespace:"open-cluster-management", Name:"submariner-addon", UID:"4347565f-bdb0-4b35-8bbf-4064b30886db", APIVersion:"apps/v1", ResourceVersion:"", FieldPath:""}): type: 'Normal' reason: 'AWSCloudProvider' Deleting Submariner gateway security groupI1113 13:37:27.418744       1 event.go:285] Event(v1.ObjectReference{Kind:"Deployment", Namespace:"open-cluster-management", Name:"submariner-addon", UID:"4347565f-bdb0-4b35-8bbf-4064b30886db", APIVersion:"apps/v1", ResourceVersion:"", FieldPath:""}): type: 'Normal' reason: 'AWSCloudProvider' Deleted Submariner gateway security group

      Shows the security group being deleted.
      But during redeployment, fails on duplicate security group existence.

      I1113 14:27:10.003807       1 event.go:285] Event(v1.ObjectReference{Kind:"Deployment", Namespace:"open-cluster-management", Name:"submariner-addon", UID:"4347565f-bdb0-4b35-8bbf-4064b30886db", APIVersion:"apps/v1", ResourceVersion:"", FieldPath:""}): type: 'Normal' reason: 'AWSCloudProvider' Creating Submariner gateway security groupI1113 14:27:10.210476       1 event.go:285] Event(v1.ObjectReference{Kind:"Deployment", Namespace:"open-cluster-management", Name:"submariner-addon", UID:"4347565f-bdb0-4b35-8bbf-4064b30886db", APIVersion:"apps/v1", ResourceVersion:"", FieldPath:""}): type: 'Warning' reason: 'AWSCloudProvider' Unable to create gateway: error creating AWS security group: operation error EC2: CreateSecurityGroup, https response error StatusCode: 400, RequestID: f20cbe41-3a50-4a5b-b936-b6266373f934, api error InvalidGroup.Duplicate: The security group 'mbabushk-aws-6vk9t-submariner-gw-sg' already exists for VPC 'vpc-07d1117d37f4ea7f9'E1113 14:27:10.225452       1 base_controller.go:270] "SubmarinerAgentController" controller failed to sync "mbabushk-aws/submariner", err: unable to create gateway: error creating AWS security group: operation error EC2: CreateSecurityGroup, https response error StatusCode: 400, RequestID: f20cbe41-3a50-4a5b-b936-b6266373f934, api error InvalidGroup.Duplicate: The security group 'mbabushk-aws-6vk9t-submariner-gw-sg' already exists for VPC 'vpc-07d1117d37f4ea7f9'

      Version-Release number of selected component (if applicable):

      ACM 2.7
      Submariner 0.14.0

      How reproducible:

      Deploy submariner on aws platform, as part of ACM deployment.
      After successful deployment, uninstall submariner from the managed clusters.
      Redeploy submariner on the same managed clusters.
      Deployment on aws platform will fail.

      Attachments

        Activity

          People

            mkolesni@redhat.com Michael Kolesnik (Inactive)
            mbabushk@redhat.com Maxim Babushkin
            Maxim Babushkin Maxim Babushkin
            ACM QE Team
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: