Loading...

XML

Word

Printable

Type: Story
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: openshift-4.19, openshift-4.15, openshift-4.16, openshift-4.17, openshift-4.18
Component/s: OVN Kubernetes
Labels:
None

Activity Type:
Product / Portfolio Work
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Epic Link:
4.21-tech-debt
Story Points:
None

Target Version:
None
Release Blocker:
None
Sprint:
CORENET Sprint 270, CORENET Sprint 271, CORENET Sprint 272, CORENET Sprint 273, CORENET Sprint 274, CORENET Sprint 275, CORENET Sprint 276

We currently need to rely on looking at various command outputs like:

ipsec status
ipsec trafficstatus
ip xfrm state
ip xfrm policy
ovs-appctl -t ovs-monitor-ipsec tunnels/show

to get know health status for every IPsec tunnel on the cluster between nodes.

There should be a metric to be introduced on every node and exported to prometheus server which gives status of every tunnel.
An appropriate alert rule must be defined when ipsec is not configured or not active within particular period.

links to

https://github.com/ovn-kubernetes/ovn-kubernetes/pull/5201

Assignee:: Periyasamy Palanisamy

Reporter:: Periyasamy Palanisamy

Need Info From:: None

Contributors:: None

QA Contact:: None

Doc Contact:: None

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2025/04/07 8:58 AM

Updated:: 2025/09/15 10:01 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

PagerDuty