Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-25132

dual-stack UPI: IPv6 security group rules created for single-stack cluster

XMLWordPrintable

    • -
    • Important
    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • N/A
    • Release Note Not Required
    • Done

      Description of problem:

      security-groups.yaml playbook runs the IPv6 security group rules creation tasks regardless of the os_subnet6 value.
The when clause is not considering the os_subnet6 [1] value and is always executed.

      It works with:

        - name: 'Create security groups for IPv6'
    block:
    - name: 'Create master-sg IPv6 rule "OpenShift API"'
    [...]
    when: os_subnet6 is defined

      Version-Release number of selected component (if applicable):

      4.15.0-0.nightly-2023-12-11-033133

      How reproducible:

      Always

      Steps to Reproduce:

      1. Don't set the os_subnet6 in the inventory file [2] (so it's not dual-stack)
2. Deploy 4.15 UPI by running the UPI playbooks

      Actual results:

      IPv6 security group rules are created

      Expected results:

      IPv6 security group rules shouldn't be created

      Additional info:
      [1] https://github.com/openshift/installer/blob/46fd66272538c350327880e1ed261b70401b406e/upi/openstack/security-groups.yaml#L375
      [2] https://github.com/openshift/installer/blob/46fd66272538c350327880e1ed261b70401b406e/upi/openstack/inventory.yaml#L77

              rdobosz Roman Dobosz
              juriarte@redhat.com Jon Uriarte
              Jon Uriarte Jon Uriarte
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: