-
Bug
-
Resolution: Done
-
Blocker
-
None
-
None
-
False
-
None
-
False
-
No
-
-
Description of problem
The PerfScale team has been encountering AWS security group rule quota exhaustion errors in recent scale-up tests of HyperShift/HostedCP, and we've determined the cause to be Services of type LoadBalancer that are being unexpectedly created for each instance of klusterlet. In other words, we were expecting X Services to be created per HyperShift hosted/managed cluster, but we're now observing X+1 Services being created, and we've found klusterlets to be the source of the "+1."
This behavior was not observed during earlier scale-up tests, which leads us to believe this could be a bug.
Version-Release number of selected component (if applicable)
quay.io:443/acm-d/config-policy-controller-rhel8@sha256:c5eb971f4d3f8d0a5f27da7a9c78b0235e8a0a0029eac59d9b765ad9ac2639f5
How reproducible
Reliably reproducible
Steps to Reproduce
- Create a managed/hosted cluster
- Check for unexpected LoadBalancer Services created in the new klusterlet's namespace
Actual results
We're seeing unexpected services like this one
klusterlet-22ov8ftt1us7c1jrq3ge23rqdcgoe3v4 klusterlet-addon-workmgr LoadBalancer 172.30.133.156 abfcfdb0cfd8f4c12972ec960cfa2a82-1989450843.us-east-2.elb.amazonaws.com 443:32685/TCP 54m
Expected results
No new services in the klusterlet namespace.
Additional info
See OHSS-19771 and Slack messages following this one for additional context