-
Bug
-
Resolution: Not a Bug
-
Major
-
None
-
4.12
-
Moderate
-
No
-
SDN Sprint 252, SDN Sprint 253, SDN Sprint 254
-
3
-
False
-
Description of problem:
Issue accessing Service externalTrafficPolicy: Local on multitenant isolated project
Version-Release number of selected component (if applicable):
4.12
How reproducible:
$ oc new-project foo
$ oc new-app httpd --name foo
$ oc patch svc foo --type merge --patch '{"spec":{"type":"NodePort"}}'
$ oc patch svc foo --type merge --patch '{"spec":{"externalTrafficPolicy":"Local"}}'
$ curl <node-ip-of-pod>:<node-port>
Configuring multitenant isolation with network policy [1].
[1] https://docs.openshift.com/container-platform/4.12/networking/network_policy/multitenant-network-policy.html#multitenant-network-policy
$ curl <node-ip>:<node-port>
Actual results:
Not accessible after multitenant isolation.
Expected results:
Expect access like OpenShiftSDN.
Additional info: