Uploaded image for project: 'OpenShift Hosted Control Plane'
  1. OpenShift Hosted Control Plane
  2. HOSTEDCP-656

Hosted cluster deletion does not clean up elb security group

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Critical
    • None
    • None
    • None
    • False
    • None
    • False
    • This is a big issue for the OCM and OSD FM team.
    • Hypershift Sprint 21, Hypershift Sprint 22, Hypershift Sprint 23
    • 0
    • 0
    • 0

    Description

      After a cluster is deleted, the ingress LB is properly removed from the guest aws account, but a security group remains.

      The group has a description of "Security group for Kubernetes ELB a3092ad64a8dc42aa86fb208097658a9 (openshift-ingress/router-default)" and the following tags:

      api.openshift.com/name	sda-it-t6m5
red-hat-clustertype	rosa
kubernetes.io/cluster/205pnjgn4c3kh22e2umthb9brandvdd7	owned
api.openshift.com/id	205pnjgn4c3kh22e2umthb9brandvdd7
api.openshift.com/legal-entity-id	1HfHhu0eGT7HtPtFtHByhuZqI85
red-hat-managed	true
api.openshift.com/environment	staging

      And a matching inbound rule on the VPC default security group, meaning the limit of rules per security group quota will be hit after enough clusters are created and deleted.

      Attachments

        Issue Links

          duplicates

          Bug - A problem that impairs or prevents the functions of the product. HOSTEDCP-652 Uninstalling through the ROSA CLI leaves orphaned resources

          • Undefined - Priority not specified.
          • Closed
          is blocked by

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. HOSTEDCP-789 AWS: create default security group when no security group is specified in a nodepool

          • Undefined - Priority not specified.
          • Closed
          is related to

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. HOSTEDCP-486 Clean up in-cluster cloud resources on hostedcluster deletion

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Activity

            People

              cewong@redhat.com Cesar Wong
              tbrisker.openshift Tomer Brisker (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: