Loading...

XML

Word

Printable

Type: Bug
Resolution: Not a Bug
Priority: Critical
Fix Version/s: None
Affects Version/s: 4.14.z
Component/s: HyperShift
Labels:

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Story Points:
None
Severity:
Important
Regression:
No

Target Backport Versions:
None
Target Version:
None
Release Blocker:
None
Sprint:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Release Note Status:
None
Release Note Type:
None
Release Note Text:
None

Escape Reason:
None
Escape Impact:
None
Corrective Measures:
None
SDLC stage when should've been found:
None

During an HCP volume scale test (80 HCPs per Management Cluster), we observed that it was unsuccessful because we ran into an AWS quota limit where there can only be a maximum of 200 security group rules per security group. This is because some NLBs created "kuberntes.io/rule/nlb/health" security group rules when they shouldn't have based on work done in ~~HOSTEDCP-531~~

It's not clear how reproducible it is or how to reproduce it, but out of 80 HCPs it seemed to happen to 6 of them. I will attach a hypershift dump of one of the affected HCPs.

is related to

HOSTEDCP-531 Security groups rules quota prevent more than ~20HC on a single management cluster

Closed

Assignee:: Seth Jennings

Reporter:: Michael Shen (Inactive)

Need Info From:: None

Contributors:: None

QA Contact:: Jie Zhao

Doc Contact:: None

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2023/11/27 9:47 PM

Updated:: 2025/07/24 11:27 PM

Resolved:: 2023/11/29 3:50 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates