Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-36293

Installing OpenShift on AWS is leaking one EIP when using BYO IPv4 Pool

XMLWordPrintable

    • No
    • 5
    • OpenShift SPLAT - Sprint 256, OpenShift SPLAT - Sprint 257, OpenShift SPLAT - Sprint 258, OpenShift SPLAT - Sprint 259
    • 4
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Hide
      * Previously, when deploying a cluster with BYO Public IPv4 CIDR block, the installation program duplicated the Elastic IP for bootstrap.
      With this release, the provisioning engine are updated to prevent duplicate Elastic IP when creating Machines consuming Public IPv4 address from existing IPv4 CIDR provisioned and advertised to AWS.
      (link:https://issues.redhat.com/browse/OCPBUGS-36293[*OCPBUGS-36293*])
      Show
      * Previously, when deploying a cluster with BYO Public IPv4 CIDR block, the installation program duplicated the Elastic IP for bootstrap. With this release, the provisioning engine are updated to prevent duplicate Elastic IP when creating Machines consuming Public IPv4 address from existing IPv4 CIDR provisioned and advertised to AWS. (link: https://issues.redhat.com/browse/OCPBUGS-36293 [* OCPBUGS-36293 *])
    • Bug Fix
    • In Progress

      Description of problem:

      CAPA is leaking one EIP in the bootstrap life cycle when creating clustres on 4.16+ with BYO IPv4 Pool on config.

The install logs is showing the message of duplicated EIP, there is a kind of race condition when the EIP is created and tried to be associated when the instance isn't ready (Running state):

~~~
time="2024-05-08T15:49:33-03:00" level=debug msg="I0508 15:49:33.785472 2878400 recorder.go:104] 
\"Failed to associate Elastic IP for \\\"ec2-i-03de70744825f25c5\\\": InvalidInstanceID: 
The pending instance 'i-03de70744825f25c5' is not in a valid state for this operation.\\n\\tstatus code: 
400, request id: 7582391c-b35e-44b9-8455-e68663d90fed\" logger=\"events\" type=\"Warning\" 
object=[...]\"name\":\"mrb-byoip-32-kbcz9\",\"[...] reason=\"FailedAssociateEIP\""

time="2024-05-08T15:49:33-03:00" level=debug msg="E0508 15:49:33.803742 2878400 controller.go:329] \"Reconciler error\" err=<"

time="2024-05-08T15:49:33-03:00" level=debug msg="\tfailed to reconcile EIP: failed to associate Elastic IP 
\"eipalloc-08faccab2dbb28d4f\" to instance \"i-03de70744825f25c5\": 
InvalidInstanceID: The pending instance 'i-03de70744825f25c5' is not in a valid state for this operation."
~~~

The EIP is deleted when the bootstrap node is removed after a success installation, although the bug impacts any new machine with Public IP set using BYO IPv4 provisioned by CAPA. Upstream issue has been opened: https://github.com/kubernetes-sigs/cluster-api-provider-aws/issues/5038

      Version-Release number of selected component (if applicable):

         4.16+

      How reproducible:

          always

      Steps to Reproduce:

          1. create install-config.yaml setting platform.aws.publicIpv4Pool=poolID
    2. create cluster
    3. check the AWS Console, EIP page filtering by your cluster, you will see the duplicated EIP, while only one is associated to the correct bootstrap instance

      Actual results:

      Expected results:

      - installer/capa creates only one EIP for bootstrap when provisioning the cluster
- no error messages for expected behavior (ec2 association errors in pending state)

      Additional info:

          CAPA issue: https://github.com/kubernetes-sigs/cluster-api-provider-aws/issues/5038

       

              rhn-support-mrbraga Marco Braga
              rhn-support-mrbraga Marco Braga
              Yunfei Jiang Yunfei Jiang
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: