Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False
Epic Link:
AWS CAPI Infrastructure (no mgmt cluster)
Feature Link:
OCPSTRAT-1007 - Remove Terraform from the AWS IPI installer
Intelligence Requested:
Market:

Target Version:

4.16.0

SFDC Cases Links:
SFDC Cases Counter:

CAPA creates 4 security groups:

$ aws ec2 describe-security-groups --region us-east-2 --filters "Name = group-name, Values = *rdossant*" --query "SecurityGroups[*].[GroupName]" --output text
rdossant-installer-03-tvcbd-lb
rdossant-installer-03-tvcbd-controlplane
rdossant-installer-03-tvcbd-apiserver-lb
rdossant-installer-03-tvcbd-node

Given that the maximum number of SGs in a network interface is 16, we should update the max number validation in the installer:

https://github.com/openshift/installer/blob/master/pkg/types/aws/validation/machinepool.go#L66

Patrick says:

I think we want to update this to cap the user limit to 10 additional security groups:

More context: https://redhat-internal.slack.com/archives/C68TNFWA2/p1697764210634529?thread_ts=1697471429.293929&cid=C68TNFWA2

links to

openshift/installer#8184: CORS-3428,CORS-2901: pkg/types/aws: limit additionalSecurityGroups to 10

Assignee:: Patrick Dillon

Reporter:: Rafael Fonseca dos Santos

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2024/03/19 10:50 PM

Updated:: 2024/03/26 8:24 AM

Resolved:: 2024/03/26 8:24 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates