-
Bug
-
Resolution: Done-Errata
-
Undefined
-
4.14
-
None
-
No
-
Rejected
-
False
-
-
Release Note Not Required
-
In Progress
SB and NB containers have this command to expose their DB via SSL and set the inactivity probe interval. With OVN-IC we don't use SSL for the DBs anymore, so we can remove that bit.
if ! retry 60 "inactivity-probe" "ovn-sbctl --no-leader-only -t 5 set-connection pssl:.OVN_SB_PORT.LISTEN_DUAL_STACK – set connection . inactivity_probe=.OVN_CONTROLLER_INACTIVITY_PROBE"; then
should become:
if ! retry 60 "inactivity-probe" "ovn-sbctl --no-leader-only -t 5 set connection . inactivity_probe=.OVN_CONTROLLER_INACTIVITY_PROBE"; then
Also we can clean up the comment at the end where it polls the IPsec status, which is just a way of making sure the DB is ready and answering queries. We dont' need to wait for the cluster to converge (since there's no RAFT) but could change it to:
"Kill some time while DB becomes ready by checking IPsec status"
- blocks
-
OCPBUGS-22787 [release-4.14] Don't set SSL connection on DBs anymore with OVN-IC
- Closed
- is cloned by
-
OCPBUGS-22787 [release-4.14] Don't set SSL connection on DBs anymore with OVN-IC
- Closed
- links to
-
RHEA-2023:7198 rpm