-
Bug
-
Resolution: Won't Do
-
Major
-
None
-
4.12.z
-
Quality / Stability / Reliability
-
False
-
-
None
-
Moderate
-
No
-
None
-
None
-
Rejected
-
Hypershift Sprint 242
-
1
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
During an uninstall, the control-plane-operator got stuck deleting the default worker security group because the security group had dependent resources remaining (2 unattached, available ENIs).
Version-Release number of selected component (if applicable):
4.12.27
How reproducible:
Unsure, this is the first case I have seen
Steps to Reproduce:
Unsure
Actual results:
CPO logs:
{"level":"error","ts":"2023-08-26T04:48:52Z","msg":"Reconciler error","controller":"hostedcontrolplane","controllerGroup":"hypershift.openshift.io","controllerKind":"HostedControlPlane","hostedControlPlane":{"name":"testrosa2","namespace":"ocm-production-25hb12epn17mib13cvk0ean6m25r9ge3-testrosa2"},"namespace":"ocm-production-25hb12epn17mib13cvk0ean6m25r9ge3-testrosa2","name":"testrosa2","reconcileID":"caf2b1c9-ac0b-4169-a775-53a87294d967","error":"failed to delete AWS default security group: failed to delete security group sg-06da53b281189d4e2: DependencyViolation: resource sg-06da53b281189d4e2 has a dependent object\n\tstatus code: 400, request id: 1298d562-7de0-414e-86fb-2fe96d61ff17","stacktrace":"sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/hypershift/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:273\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/hypershift/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:234"}
If I try to manually delete the security group in AWS this message appears:
"2 network interfaces associated. Delete the network interface, or associate with a different security group"
Expected results:
I'm not sure how 2 network interfaces are remaining - the current state of the cluster has no workers and no VPC Endpoint.
Additional info:
