-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
4.17, 4.18
Description of problem:
Install cluster in existing resource group, After bootstrap server is destroyed, inboundNatRule ssh_in in external load balancer is not deleted. ssh nsg rule is also leftover in nsg. $ az network lb list -g ci-op-vq47c2zq-11f79-rg -otable Location Name ProvisioningState ResourceGroup ResourceGuid ---------- ----------------------------------- ------------------- ----------------------- ------------------------------------ centralus ci-op-vq47c2zq-11f79-xhl4q Succeeded ci-op-vq47c2zq-11f79-rg 282960e6-014e-4abe-8f61-2782cd82ca82 centralus ci-op-vq47c2zq-11f79-xhl4q-internal Succeeded ci-op-vq47c2zq-11f79-rg 0e3afbf2-f2b2-4f59-8771-ccef9457fd90 $ az network lb inbound-nat-rule list --lb-name ci-op-vq47c2zq-11f79-xhl4q -g ci-op-vq47c2zq-11f79-rg -otable BackendPort EnableFloatingIP EnableTcpReset FrontendPort IdleTimeoutInMinutes Name Protocol ProvisioningState ResourceGroup ------------- ------------------ ---------------- -------------- ---------------------- --------------------------------- ---------- ------------------- ----------------------- 22 False False 22 4 ci-op-vq47c2zq-11f79-xhl4q_ssh_in Tcp Succeeded ci-op-vq47c2zq-11f79-rg $ az network nsg rule list --nsg-name ci-op-vq47c2zq-11f79-xhl4q-nsg -g ci-op-vq47c2zq-11f79-rg -otable Name ResourceGroup Priority SourcePortRanges SourceAddressPrefixes SourceASG Access Protocol Direction DestinationPortRanges DestinationAddressPrefixes DestinationASG -------------------------------------------------------- ----------------------- ---------- ------------------ ----------------------- ----------- -------- ---------- ----------- ----------------------- ---------------------------- ---------------- apiserver_in ci-op-vq47c2zq-11f79-rg 101 * * None Allow Tcp Inbound 6443 * None ci-op-vq47c2zq-11f79-xhl4q_ssh_in ci-op-vq47c2zq-11f79-rg 220 * * None Allow Tcp Inbound 22 * None k8s-azure-lb_allow_IPv4_556f7044ec033071ec0dfcf7cd85bc93 ci-op-vq47c2zq-11f79-rg 500 * Internet None Allow Tcp Inbound 443 80 48.214.241.65 None
Version-Release number of selected component (if applicable):
4.18 nightly build
How reproducible:
Always
Steps to Reproduce:
1. Specify platform.azure.resourceGroupName to pre-created resource group name in install-config
2. Install cluster
3.
Actual results:
InboundNatRule in external load balancer and ssh nsg rule in nsg are leftover after bootstrap server is deleted.
Expected results:
All resources associated with bootstrap should be removed after bootstrap server is destroyed.
Additional info:
Look like that resource group name is hard-coded as "<infrad-id>-rg" in post destroy, see code: https://github.com/openshift/installer/blob/master/pkg/infrastructure/azure/azure.go#L717
