-
Bug
-
Resolution: Not a Bug
-
Normal
-
None
-
4.12.0
-
None
-
2
-
Sprint 227
-
1
-
False
-
Description of problem:
With "createFirewallRules: Disabled", there are still 2 firewall-rules created. FYI the installation does succeed.
Version-Release number of selected component (if applicable):
$ openshift-install version openshift-install 4.12.0-0.nightly-2022-10-25-210451 built from commit 14d496fdaec571fa97604a487f5df6a0433c0c68 release image registry.ci.openshift.org/ocp/release@sha256:d6cc07402fee12197ca1a8592b5b781f9f9a84b55883f126d60a3896a36a9b74 release architecture amd64
How reproducible:
Always
Steps to Reproduce:
1. try IPI installation to a shared VPC, with "createFirewallRules: Disabled" 2. check if any firewall-rules created by the installer, in the shared VPC
Actual results:
2 firewall-rules are created in the shared VPC
$ gcloud --project openshift-qe-shared-vpc compute firewall-rules list --format="table(creationTimestamp.date('%Y-%m-%d %H:%M:%S'):sort=1,name,network)" --filter="network=installer-shared-vpc AND NOT name~xpn" 2> /dev/null
CREATION_TIMESTAMP NAME NETWORK
2022-10-26 21:00:57 k8s-fw-a98e03b59760245628d07c31552ebee3 installer-shared-vpc
2022-10-26 21:01:01 k8s-a98e03b59760245628d07c31552ebee3-http-hc installer-shared-vpc
$
Expected results:
There should be no any firewall-rules created during OCP installation.
Additional info:
FYI the given google cloud credential does have roles/compute.networkAdmin and roles/compute.securityAdmin roles in the host project.
- is related to
-
CORS-2030 QE Tracker
-
- Closed
-