Uploaded image for project: 'OpenShift Hive'
  1. OpenShift Hive
  2. HIVE-1805

Privatelink does not require private subnets for MachinePools

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Normal Normal
    • None
    • None
    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Summary of the issue: 

      See discussion in slack https://coreos.slack.com/archives/CE3ETN3J8/p1649790842620329

      Hive MachineSet generation is incorrectly requiring that MachinePool subnets be private for privatelink clusters. Hive is also not producing an error related to the private subnet enforcement. Subnets seen in customer env have a "kubernetes.io/role/elb" tag which designates the subnets as public in [1] resulting in Hive configuring a non-existent tag in [2]

      Related code links:

      [1] https://github.com/openshift/hive/blob/5ccea309249a9e83eae4b8f081bb12b4b5128031/pkg/controller/machinepool/awsactuator.go#L491-L497

      [2] https://github.com/openshift/hive/blob/5ccea309249a9e83eae4b8f081bb12b4b5128031/vendor/github.com/openshift/installer/pkg/asset/machines/aws/machines.go#L117-L124

       

              efried.openshift Eric Fried
              abutcher@redhat.com Andrew Butcher
              None
              None
              None
              Feilian Xie Feilian Xie (Inactive)
              None
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: