Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-25132

dual-stack UPI: IPv6 security group rules created for single-stack cluster

XMLWordPrintable

    • -
    • Important
    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • N/A
    • Release Note Not Required
    • Done

      Description of problem:

      security-groups.yaml playbook runs the IPv6 security group rules creation tasks regardless of the os_subnet6 value.
      The when clause is not considering the os_subnet6 [1] value and is always executed.
      

      It works with:

        - name: 'Create security groups for IPv6'
          block:
          - name: 'Create master-sg IPv6 rule "OpenShift API"'
          [...]
          when: os_subnet6 is defined
      

      Version-Release number of selected component (if applicable):

      4.15.0-0.nightly-2023-12-11-033133
      

      How reproducible:

      Always
      

      Steps to Reproduce:

      1. Don't set the os_subnet6 in the inventory file [2] (so it's not dual-stack)
      2. Deploy 4.15 UPI by running the UPI playbooks
      

      Actual results:

      IPv6 security group rules are created
      

      Expected results:

      IPv6 security group rules shouldn't be created
      

      Additional info:
      [1] https://github.com/openshift/installer/blob/46fd66272538c350327880e1ed261b70401b406e/upi/openstack/security-groups.yaml#L375
      [2] https://github.com/openshift/installer/blob/46fd66272538c350327880e1ed261b70401b406e/upi/openstack/inventory.yaml#L77

            rdobosz Roman Dobosz
            juriarte@redhat.com Jon Uriarte
            Jon Uriarte Jon Uriarte
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: