Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-38963

IngressController subnet selection in AWS

XMLWordPrintable

    • Low
    • No
    • Installer (PB) Sprint 258, Installer (PB) Sprint 259
    • 2
    • False
    • Hide

      None

      Show
      None
    • Hide
      * Previously, when users provided public subnets while using existing subnets and creating a private cluster, the installation program occasionally exposed on the public internet the load balancers that were created in public subnets. This invalidated the reason for a private cluster. With this release, the issue is resolved by displaying a warning during a private installation that providing public subnets might break the private clusters and, to prevent this, users must fix their inputs. (link:https://issues.redhat.com/browse/OCPBUGS-38963[*OCPBUGS-38963*])
      Show
      * Previously, when users provided public subnets while using existing subnets and creating a private cluster, the installation program occasionally exposed on the public internet the load balancers that were created in public subnets. This invalidated the reason for a private cluster. With this release, the issue is resolved by displaying a warning during a private installation that providing public subnets might break the private clusters and, to prevent this, users must fix their inputs. (link: https://issues.redhat.com/browse/OCPBUGS-38963 [* OCPBUGS-38963 *])
    • Bug Fix
    • Done

      This is a clone of issue OCPBUGS-33308. The following is the description of the original issue:

      Description of problem:

      When creating an OCP cluster on AWS and selecting "publish: Internal," 
      the ingress operator may create external LB mappings to external 
      subnets.
      
      This can occur if public subnets were specified during installation at install-config.
      
      https://docs.openshift.com/container-platform/4.15/installing/installing_aws/installing-aws-private.html#private-clusters-about-aws_installing-aws-private 
      
      A configuration validation should be added to the installer.    

      Version-Release number of selected component (if applicable):

          4.14+ probably older versions as well.

      How reproducible:

          always

      Steps to Reproduce:

          1.
          2.
          3.
          

      Actual results:

          

      Expected results:

          

      Additional info:

          Slack thread: https://redhat-internal.slack.com/archives/C68TNFWA2/p1714986876688959

              ppinjark@redhat.com pawan pinjarkar
              openshift-crt-jira-prow OpenShift Prow Bot
              Yunfei Jiang Yunfei Jiang
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: