Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-39495

[AWS CAPI install] Network setting is not correct while install cluster into VPC which contains multi-CIDR subnets

XMLWordPrintable

    • Critical
    • No
    • 1
    • OpenShift SPLAT - Sprint 259
    • 1
    • False
    • Hide

      None

      Show
      None
    • Hide
      * Previously, when you deployed a cluster in a Virtual Private Cloud (VPC) with multiple classless inter-domain routing (CIDR) blocks the installation program failed. With this update, the network settings support multiple CIDR VPCs resulting in successful installations. (link: https://issues.redhat.com/browse/OCPBUGS-39495[*OCPBUGS-39495*])
      Show
      * Previously, when you deployed a cluster in a Virtual Private Cloud (VPC) with multiple classless inter-domain routing (CIDR) blocks the installation program failed. With this update, the network settings support multiple CIDR VPCs resulting in successful installations. (link: https://issues.redhat.com/browse/OCPBUGS-39495 [* OCPBUGS-39495 *])
    • Bug Fix
    • Done

      This is a clone of issue OCPBUGS-35054. The following is the description of the original issue:

      Description of problem:

      Create VPC and subnets with following configs [refer to attached CF template]:
      Subnets (subnets-pair-default) in CIDR 10.0.0.0/16
      Subnets (subnets-pair-134) in CIDR 10.134.0.0/16
      Subnets (subnets-pair-190) in CIDR 10.190.0.0/16
      
      Create cluster into subnets-pair-134, the bootstrap process fails [see attached log-bundle logs]:
      
      level=debug msg=I0605 09:52:49.548166 	937 loadbalancer.go:1262] "adding attributes to load balancer" controller="awscluster" controllerGroup="infrastructure.cluster.x-k8s.io" controllerKind="AWSCluster" AWSCluster="openshift-cluster-api-guests/yunjiang29781a-86-rvqd9" namespace="openshift-cluster-api-guests" name="yunjiang29781a-86-rvqd9" reconcileID="a9310bd5-acc7-4b01-8a84-e47139fc0d1d" cluster="openshift-cluster-api-guests/yunjiang29781a-86-rvqd9" attrs=[{"Key":"load_balancing.cross_zone.enabled","Value":"true"}]
      level=debug msg=I0605 09:52:49.909861 	937 awscluster_controller.go:291] "Looking up IP address for DNS" controller="awscluster" controllerGroup="infrastructure.cluster.x-k8s.io" controllerKind="AWSCluster" AWSCluster="openshift-cluster-api-guests/yunjiang29781a-86-rvqd9" namespace="openshift-cluster-api-guests" name="yunjiang29781a-86-rvqd9" reconcileID="a9310bd5-acc7-4b01-8a84-e47139fc0d1d" cluster="openshift-cluster-api-guests/yunjiang29781a-86-rvqd9" dns="yunjiang29781a-86-rvqd9-int-19a9485653bf29a1.elb.us-east-2.amazonaws.com"
      level=debug msg=I0605 09:52:53.483058 	937 reflector.go:377] sigs.k8s.io/controller-runtime/pkg/cache/internal/informers.go:105: forcing resync
      level=debug msg=Fetching Bootstrap SSH Key Pair...
      
      Checking security groups:
      <infraid>-lb allows 10.0.0.0/16:6443 and 10.0.0.0/16:22623
      <infraid>-apiserver-lb allows 10.0.0.0/16:6443 and 10.134.0.0/16:22623 (and 0.0.0.0/0:6443)
      
      are these settings correct?
      
          

      Version-Release number of selected component (if applicable):

      4.16.0-0.nightly-2024-06-03-060250
          

      How reproducible:

      Always
          

      Steps to Reproduce:

          1. Create subnets using attached CG template
          2. Create cluster into subnets which CIDR is 10.134.0.0/16
          3.
          

      Actual results:

      Bootstrap process fails.
          

      Expected results:

      Bootstrap succeeds.
          

      Additional info:

      No issues if creating cluster into subnets-pair-default (10.0.0.0/16)
      No issues if only one CIDR in VPC, e.g. set VpcCidr to 10.134.0.0/16 in https://github.com/openshift/installer/blob/master/upi/aws/cloudformation/01_vpc.yaml
      
          

              rhn-support-mrbraga Marco Braga
              openshift-crt-jira-prow OpenShift Prow Bot
              Yunfei Jiang Yunfei Jiang
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: