Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-19014

private-router network policy breaks ignition access for 4.13.z OCP clusters

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done-Errata
    • Undefined
    • 4.15.0
    • 4.14
    • HyperShift
    • None
    • Critical
    • No
    • Proposed
    • False
    • Hide

      None

      Show
      None
    • Release Note Not Required
    • In Progress

    Description

      Description of problem:

      In 4.13.z releases, the request-serving label is not present in the ignition-server-proxy deployment. The network policy in place prevents egress from the private router to pods that do not have the label, resulting in the ignition-server endpoint not being available from the outside.

      Version-Release number of selected component (if applicable):

      4.13.12 OCP, 4.14 HO

      How reproducible:

      Always

      Steps to Reproduce:

      1. Install latest HO
2. Create a HostedCluster with version 4.13.12
3. Wait for nodes to join

      Actual results:

      Nodes never join

      Expected results:

      Nodes join

      Additional info:

      Nodes are not joining because of the blocked egress from the router to the ignition-server-proxy

      Attachments

        Activity

          People

            cewong@redhat.com Cesar Wong
            cewong@redhat.com Cesar Wong
            Jie Zhao Jie Zhao
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: