Uploaded image for project: 'OpenShift Core Networking'
  1. OpenShift Core Networking
  2. CORENET-6196

Impact: pod to pod connectivity lost in 500/250 nodes IPSEC cluster

XMLWordPrintable

    • Icon: Spike Spike
    • Resolution: Done
    • Icon: Critical Critical
    • None
    • None
    • None
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • None
    • None
    • None

      Which 4.y.z to 4.y'.z' updates increase vulnerability?

      Any 4.18 to any 4.19 until fix is available in 4.19 via the OCPBUGS-55453 series.

      Which types of clusters?

      Clusters using IPSEC for network encryption. Internal testing could not reproduce this issue on clusters with 120 nodes or less.

      What is the impact? Is it serious enough to warrant removing update recommendations?

      Clusters might experience intermittent loss of pod-to-pod connectivity. This prevents some pods on certain nodes from reaching services on other nodes, resulting in connection timeouts.

      How involved is remediation?

      There is no workaround for this issue.

      Is this a regression?

      Yes

              sdn-team-bot sdn-team bot
              afri@afri.cz Petr Muller
              None
              None
              None
              None
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: