Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Undefined
Fix Version/s: 4.14.0
Affects Version/s: 4.13.0
Component/s: Installer / openshift-installer
Labels:
None

Regression:
No
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Release Note Text:

Hide
Previously, setting the `metadataService.authentication` field to `Required` when installing a cluster on AWS did not configure the bootstrap VM to use IMDSv2 authentication. This could result in installations failing if you configured your AWS account to block IMDSv1 authentication. With this update, the `metadataService.authentication` field correctly configures the bootstrap VM to use IMDSv2 authentication when set to `Required`. (link:https://issues.redhat.com/browse/OCPBUGS-12964[*~~OCPBUGS-12964~~*])

Show
Previously, setting the `metadataService.authentication` field to `Required` when installing a cluster on AWS did not configure the bootstrap VM to use IMDSv2 authentication. This could result in installations failing if you configured your AWS account to block IMDSv1 authentication. With this update, the `metadataService.authentication` field correctly configures the bootstrap VM to use IMDSv2 authentication when set to `Required`. (link: https://issues.redhat.com/browse/OCPBUGS-12964 [* OCPBUGS-12964 *])
Release Note Type:
Bug Fix
Release Note Status:
Done
Target Version:

4.14.0

SFDC Cases Counter:
SFDC Cases Links:

PX Impact Score:

Description of problem:

While installing ocp on aws user can set metadataService auth to Required in order to use IMDSv2, in that case user requires all the vms to use it. 
Currently bootstrap will always run with Optional and this can be blocked on users aws account and will fail the installation process

Version-Release number of selected component (if applicable):

4.14.0

How reproducible:

Install aws cluster and set metadataService to Required

Steps to Reproduce:

1.
2.
3.

Actual results:

Bootstrap has IMDSv2 set to optional

Expected results:

All vms had IMDSv2 set to required

Additional info:

blocks

OCPBUGS-13086 Bootstrap on aws should have same metadata service type as on other nodes

Closed

is cloned by

OCPBUGS-13086 Bootstrap on aws should have same metadata service type as on other nodes

Closed

links to

openshift/installer#7149: OCPBUGS-12964: Bootstrap on aws should have same metadata service type as on other nodes

RHEA-2023:5006 rpm

Assignee:: Igal Tsoiref

Reporter:: Igal Tsoiref

QA Contact:: Yunfei Jiang

Votes:: 1 Vote for this issue

Watchers:: 13 Start watching this issue

Created:: 2023/05/01 1:44 PM

Updated:: 2023/11/28 9:02 PM

Resolved:: 2023/10/31 1:16 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates