Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-23083

Cluster Network Operator needs additional RBAC permission to deploy network-node-identity when Calico is the network type

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Critical Critical
    • 4.15.0
    • 4.14
    • HyperShift
    • Important
    • No
    • False
    • Hide

      None

      Show
      None
    • Hide
      * Previously, when you set the `hostedcluster.spec.networking.networkType` field to `Calico` in a hosted cluster, the Cluster Network Operator did not have enough role-based access control (RBAC) permissions to deploy the `network-node-identity` resource. With this update, the `network-node-identity` resource is deployed successfully. (link:https://issues.redhat.com/browse/OCPBUGS-23083[*OCPBUGS-23083*])

      Show
      * Previously, when you set the `hostedcluster.spec.networking.networkType` field to `Calico` in a hosted cluster, the Cluster Network Operator did not have enough role-based access control (RBAC) permissions to deploy the `network-node-identity` resource. With this update, the `network-node-identity` resource is deployed successfully. (link: https://issues.redhat.com/browse/OCPBUGS-23083 [* OCPBUGS-23083 *])
    • Bug Fix
    • Done

      Description of problem:

      When the network type is Calico for a hosted cluster, the rbac policies that are laid down for CNO do not include permissions to deploy network-node-identity

      Version-Release number of selected component (if applicable):

       

      How reproducible: IBM Satellite environment

      Steps to Reproduce:

      1.
2.
3.

      Actual results:

       

      Expected results:

       

      Additional info:

       

              agarcial@redhat.com Alberto Garcia Lamela
              rodriguf Francisco Rodriguez (Inactive)
              He Liu He Liu
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: