Uploaded image for project: 'OpenShift Installer'
  1. OpenShift Installer
  2. CORS-3594

Move GCP CAPI to default feature set and out of TechPreview

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • 4.17.0
    • Installer Core
    • None
    • BU Product Work
    • False
    • None
    • False
    • Installer Sprint 256, Installer Sprint 257

      Use CAPG by default and remove it from TechPreview in 4.17.

            [CORS-3594] Move GCP CAPI to default feature set and out of TechPreview

            Robert Fournier added a comment -

            Thanks rhn-support-jiwei for the detailed bug. I will take a look at it.

            Robert Fournier added a comment - Thanks rhn-support-jiwei for the detailed bug. I will take a look at it.

            Jianli Wei added a comment -

            rh-ee-bbarbach bfournie@redhat.com I filed bug OCPBUGS-38069, please advise, thanks! 

            Jianli Wei added a comment - rh-ee-bbarbach bfournie@redhat.com I filed bug OCPBUGS-38069 , please advise, thanks! 

            Brent Barbachem added a comment -

            rhn-support-jiwei It looks like CAPG creates the "%-healthchecks". This currently does not cover some public endpoints that we used in terraform installs. We can certainly adjust this to only add those public endpoints (when applicable) and allow capg to create its own rule still. It would be a bit odd to do that so we probably need to come up with a single solution that either works in the installer or capg. 

            Brent Barbachem added a comment - rhn-support-jiwei It looks like CAPG creates the "%-healthchecks". This currently does not cover some public endpoints that we used in terraform installs. We can certainly adjust this to only add those public endpoints (when applicable) and allow capg to create its own rule still. It would be a bit odd to do that so we probably need to come up with a single solution that either works in the installer or capg. 

            Robert Fournier added a comment -

            rhn-support-jiwei yes the Firewall rules created by CAPG are more permissive than the ones the installer creates. We may need to delete or adjust the CAPG-created Firewall rules. Would you mind creating a bug with your findings on the overlaps between the Firewall rules?

            Robert Fournier added a comment - rhn-support-jiwei yes the Firewall rules created by CAPG are more permissive than the ones the installer creates. We may need to delete or adjust the CAPG-created Firewall rules. Would you mind creating a bug with your findings on the overlaps between the Firewall rules?

            Jianli Wei added a comment -

            rh-ee-bbarbach FYI my pre-merge testing is ok, see comment. Thanks! 

            Jianli Wei added a comment - rh-ee-bbarbach FYI my pre-merge testing is ok, see comment . Thanks! 

            Jianli Wei added a comment -

            rh-ee-bbarbach Could you take a look at my PR comment, and tell if the differences are by design or not? Thanks in advance! 

            Jianli Wei added a comment - rh-ee-bbarbach Could you take a look at my PR comment , and tell if the differences are by design or not? Thanks in advance! 

              rh-ee-bbarbach Brent Barbachem
              bfournie@redhat.com Robert Fournier
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: