Description of problem:

Services of type LoadBalancer never leave pending state with error of the following form: Error syncing load balancer: failed to ensure load balancer: Multiple untagged security groups found for instance i-080a1e02352d01b9a; ensure the k8s security group is tagged

Where the instance number is the instance ID of the submariner gateway

Version-Release number of selected component (if applicable):

Submariner 0.20.2

How reproducible: Consistently, but maybe not 100%

Steps to Reproduce:

1. Install submariner via ManagedAddOn on AWS
2. Install subsequent application that creates Service of type: LoadBalancer
3. Service stays in pending state with error message
4. ...

Actual results:

Service does not deploy. This may block further deployments. (It was initially observed with installing ODF, and the S3 service was stuck in pending.)

Expected results:

Service is created and deployment proceeds

Additional info:

In one case, adding the AWS Tag kubernetes.io/cluster/ocp-primary-7j7tl = owned to the submariner-specific security group allowed the load balancers to be provisioned and for the deployment to proceed.

This situation can be reliablry reproduced with the https://github.com/validatedpatterns-sandbox/ramendr-starter-kit validated pattern (of which the reporter is the primary author).