Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: Normal
Fix Version/s: 4.16.0
Affects Version/s: 4.13.0
Component/s: Networking / ovn-kubernetes
Labels:
- SDN:OVNK:EgressFirewall

Test Coverage:

+
Test Link:
https://polarion.engineering.redhat.com/polarion/#/project/OSE/workitem?id=OCP-72054
Severity:
Important
Regression:
No
Sprint:
SDN Sprint 243, SDN Sprint 244, SDN Sprint 245, SDN Sprint 246, SDN Sprint 247, SDN Sprint 248, SDN Sprint 249
sprint_count:
7
Release Blocker:
Rejected
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Target Version:

4.16.0

SFDC Cases Counter:
SFDC Cases Links:

Description

Description of problem:

Today Egress firewall rules with 'nodeSelector' only use the nodeIP in the OVN ACL rule. But there is possibility that one node may have secondary IPs other that the nodeIP. We shall create ACL with all the possible IPs of the selected node.

Version-Release number of selected component (if applicable):

How reproducible:

Create a egress firewall rule with 'nodeSelector'

Steps to Reproduce:

1.
2.
3.

Actual results:

Expected results:

Additional info:

Attachments

Issue Links

links to

openshift/ovn-kubernetes#2073: OCPBUGS-23519,OCPBUGS-12876,OCPBUGS-28724,OCPBUGS-13665: Downstream Merge 15th Feb 2024

RHEA-2024:0041 OpenShift Container Platform 4.16.z bug fix update

u/s fix

Activity

People

Assignee:: Surya Seetharaman

Reporter:: Peng Liu

QA Contact:: Jean Chen

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 2023/05/16 3:53 AM

Updated:: 2024/03/03 10:31 PM