-
Bug
-
Resolution: Done-Errata
-
Normal
-
4.13.z, 4.11.z
-
+
-
No
-
SDN Sprint 250
-
1
-
False
-
-
-
-
May be known limitation; temporary work around is to remove k8s.ovn.org/egress-assignable label from node w/active ingress vip
-
-
-
Description of problem:
OpenShift routes are not working when Egress IP and Ingress VIP are assigned on the same node. When we try to access it we get timeout.
Both the Egress IP and Ingress VIP are different.
Consider the below scenario:
1. There are two pods in a namespace, pod-A and pod-B.
2. Pod-A is configured to use an egress IP address.
3. The Egress IP and the Ingress VIP are hosted on the same node.
4. From Pod-A if we do " curl {Pod-B-Route}", this request will get time out.
5. It works When Egress IP and Ingress VIP are on different nodes.
This behavior was observed on an OCP IPI cluster on vSphere with OVN-Kubernetes CNI.
So far, it has been observed in 4.11.47 and 4.13.z (didn't tested this in version prior to 4.11.47 and 4.14+)
Version-Release number of selected component (if applicable):
How reproducible:
Always
Steps to Reproduce:
1. Install an OCP IPI cluster on vSphere, use OVN-Kubernetes CNI.
2. Simulate the scenario shared in problem description.
Actual results:
OpenShift routes are not working when Egress IP and Ingress VIP are assigned on the same node
Expected results:
The OpenShift routes should be accessible when Egress IP and Ingress VIP are assigned on the same node
Additional info:
- depends on
-
-
- Closed
-
- links to
-
RHSA-2024:1454
OpenShift Container Platform 4.13.z security update
