Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-12202

fail to create vSphere IPI cluster as apiVIP and ingressVIP are not in machine networks

    XMLWordPrintable

Details

    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Hide
      Cause: Validation was added requiring that apiVIP and ingressVIP were in the machine network CIDR.

      Consequence: Installs would be prevented from starting due to the validation, although the validation was not necessary.

      Fix: Remove the validation.

      Result: Installs can proceed when apiVIP and ingressVIP are outside of the machine network cidr.
      Show
      Cause: Validation was added requiring that apiVIP and ingressVIP were in the machine network CIDR. Consequence: Installs would be prevented from starting due to the validation, although the validation was not necessary. Fix: Remove the validation. Result: Installs can proceed when apiVIP and ingressVIP are outside of the machine network cidr.
    • Bug Fix

    Description

      This is a clone of issue OCPBUGS-7015. The following is the description of the original issue:

      Description of problem:

      fail to create vSphere 4.12.2 IPI cluster as apiVIP and ingressVIP are not in machine networks

# ./openshift-install create cluster --dir=/tmp
? SSH Public Key /root/.ssh/id_rsa.pub
? Platform vsphere
? vCenter vcenter.vmware.gsslab.pnq2.redhat.com
? Username administrator@gsslab.pnq
? Password [? for help] ************
INFO Connecting to vCenter vcenter.vmware.gsslab.pnq2.redhat.com
INFO Defaulting to only available datacenter: OpenShift-DC
INFO Defaulting to only available cluster: OCP
? Default Datastore OCP-PNQ-Datastore
? Network PNQ2-25G-PUBLIC-PG
? Virtual IP Address for API [? for help] 192.168.1.10
X Sorry, your reply was invalid: IP expected to be in one of the machine networks: 10.0.0.0/16
? Virtual IP Address for API [? for help]


As the user could not define cidr for machineNetwork when creating the cluster or install-config file interactively, it will use default value 10.0.0.0/16, so fail to create the cluster ot install-config when inputting apiVIP and ingressVIP outside of default machinenNetwork.

Error is thrown from https://github.com/openshift/installer/blob/master/pkg/types/validation/installconfig.go#L655-L666, seems new function introduced from PR https://github.com/openshift/installer/pull/5798

The issue should also impact Nutanix platform.

I don't understand why the installer is expecting/validating VIPs from 10.0.0.0/16 machine network by default when it's not evening asking to input the machine networks during the survey. This validation was not mandatory in previous OCP installers.

      Version-Release number of selected component (if applicable):

      # ./openshift-install version
./openshift-install 4.12.2
built from commit 7fea1c4fc00312fdf91df361b4ec1a1a12288a97
release image quay.io/openshift-release-dev/ocp-release@sha256:31c7741fc7bb73ff752ba43f5acf014b8fadd69196fc522241302de918066cb1
release architecture amd64

      How reproducible:

      Always

      Steps to Reproduce:

      1. create install-config.yaml file by running command "./openshift-install create install-config --dir ipi"
2. failed with above error

      Actual results:

      fail to create install-config.yaml file

      Expected results:

      succeed to create install-config.yaml file

      Additional info:

       The current workaround is to use dummy VIPs from 10.0.0.0/16 machinenetwork to create the install-config first and then modify the machinenetwork and VIPs as per your requirement which is overhead and creates a negative experience.


There was already a bug reported which seems to have only fixed the VIP validation: https://issues.redhat.com/browse/OCPBUGS-881
 

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-11950 fail to create vSphere IPI cluster as apiVIP and ingressVIP are not in machine networks

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed
          depends on

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-11950 fail to create vSphere IPI cluster as apiVIP and ingressVIP are not in machine networks

          • Critical - To be worked on immediately following BLOCKER issues.
          • Closed
          links to

          GitHub openshift/installer#7116: OCPBUGS-12202: Relax vsphere, nutanix VIP validation

          Activity

            People

              padillon Patrick Dillon
              openshift-crt-jira-prow OpenShift Prow Bot
              Wenxin Wei Wenxin Wei
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: