Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-22710

Can we view status of an adminbased external route policy, if so then how/where?

    XMLWordPrintable

Details

    • No
    • False
    • Hide

      None

      Show
      None
    • Hide
      Cause: When there is an error reconciling an Admin Policy Based External Route CR for the first time
      Consequence: The CR's Status field will fail to update
      Fix: Ensure that the `LastTransitionTime` field is always initialized when updating the status.
      Result: The Admin Policy Based External Route Status is updated in both success and failure during its first reconciliation.
      Show
      Cause: When there is an error reconciling an Admin Policy Based External Route CR for the first time Consequence: The CR's Status field will fail to update Fix: Ensure that the `LastTransitionTime` field is always initialized when updating the status. Result: The Admin Policy Based External Route Status is updated in both success and failure during its first reconciliation.
    • Bug Fix
    • In Progress

    Description

      Description of problem:

      On the prerelease doc Configure a secondary external gateway,  on stop 3.  we state the output of said command should confirm the admin policy has been created:

      #oc describe apbexternalroute <name> | tail -n 6

      First of all this is a typo there is no "apbexternalroute", the correct term is "adminpolicybasedexternalroutes", even if we use the correct term, the resulting output is almost not relevant as per the status of said policy, it just reports on the policy it's self and well some minor details like time and so on. 

      Version-Release number of selected component (if applicable):

      4.14.0-0.nightly-2023-10-04-143709

      How reproducible:

      Every time

      Steps to Reproduce:

      1. Deploy a cluster
      2. Boot up a pod under a namespace
      3. $ cat 4.create.abp_static_bar1.yaml  later apply said policy
      apiVersion: k8s.ovn.org/v1
      kind: AdminPolicyBasedExternalRoute
      metadata:
        name: first-policy
      spec:
      ## gateway example
        from:
          namespaceSelector:
            matchLabels:
                kubernetes.io/metadata.name: bar
        nextHops:       
          static:
            - ip: "173.20.0.8"
            - ip: "173.20.0.9"
      4. confirm policy in place: $ oc getadminpolicybasedexternalroutes.k8s.ovn.org 
      NAME           LAST UPDATE   STATUS
      first-policy   
      
      5. But wow do we test the policies status? 
      The doc's guide doesn't help much:  $ oc describeadminpolicybasedexternalroutes.k8s.ovn.org <name> | tail -n 6 
      
      $ oc describe adminpolicybasedexternalroutes.k8s.ovn.org first-policy 
      Name:         first-policy
      Namespace:    
      Labels:       <none>
      Annotations:  <none>
      API Version:  k8s.ovn.org/v1
      Kind:         AdminPolicyBasedExternalRoute
      Metadata:
        Creation Timestamp:  2023-10-30T20:09:20Z
        Generation:          1
        Resource Version:    10904672
        UID:                 3c4a60da-a618-45b1-94a8-2085dcdc5631
      Spec:
        From:
          Namespace Selector:
            Match Labels:
              kubernetes.io/metadata.name:  bar
        Next Hops:
          Static:
            Bfd Enabled:  false
            Ip:           173.20.0.8
            Bfd Enabled:  false
            Ip:           173.20.0.9
      Events:             <none>
       
      
      Noting regarding policy status shows up, if this is even supported at all, other than fixing the doc, if there is a way to view the status it should be documented. One more thing if there is indeed a policy status shouldn't it also populate the status column here:
      
      $ oc get adminpolicybasedexternalroutes.k8s.ovn.org 
      NAME           LAST UPDATE   STATUS
      first-policy                   ^ 
      
      Asking as on another bug https://issues.redhat.com/browse/OCPBUGS-22706, I recreated a situation where the status should have reported an error yet it never did nor does it update the above table, come to think of it the last update column too has never exposed any data either, in which case why do we even have these two columns to begin with?  

      Actual results:

       

      Expected results:

       

      Additional info:

       

      Attachments

        Issue Links

          Activity

            People

              jgil@redhat.com Jordi Gil
              tshefi@redhat.com Tzach Shefi
              Qiong Wang Qiong Wang
              Nadia Pinaeva
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: