Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-5156

[release-4.12] Azure: unable to configure EgressIP if an ASG is set

    XMLWordPrintable

Details

    • Moderate
    • Rejected
    • False
    • Hide

      None

      Show
      None

    Description

      Description of problem:

      If a custom Azure Application Security Group is attached to a node nic EgressIP wiring fails with the error "All IPConfigurations on a Network Interface should reference the same set of Application Security Groups"

      Version-Release number of selected component (if applicable):

      - 4.10

      Steps to Reproduce:

      1. Deploy an IPI cluster on Azure
2. Configure an EgressIP to a project
3. Check the "cloud-network-config-controller" pod logs

      Actual results:

      - The IP address is configured on the node operating system (you can see it via `ip addr`)
- The IP address is not attached to the VM on the cloud provider due to the described error

      Expected results:

      The IP address should be wired to the VM

      Additional info:

      Here the full log message:

E1103 16:16:02.226679       1 controller.go:165] error syncing '10.189.112.90': error assigning CloudPrivateIPConfig: "xxx.xxx.xxx.90" to node: "$NODE_NAME", err: network.InterfacesClient#CreateOrUpdate: Failure sending request: StatusCode=0 -- Original Error: Code="AllIpConfigurationsOnANicMustBelongToTheSameApplicationSecurityGroups" Message="All IPConfigurations on a Network Interface should reference the same set of Application Security Groups. IPConfiguration /subscriptions/XXXX/resourceGroups/openshift-ocp4azexp2/providers/Microsoft.Network/networkInterfaces/YYYY-nic/ipConfigurations/pipConfig references ASG(s) /subscriptions/XXX/resourceGroups/openshift-RG-extras/providers/Microsoft.Network/applicationSecurityGroups/ASG_NAME, wheras IPConfiguration /subscriptions/XXX/resourceGroups/openshift-RG/providers/Microsoft.Network/networkInterfaces/ocp4azexp2-qrfgh-worker-northeurope2-xdbbp-nic/ipConfigurations/xxx_xxx.xxx.xxx.90 references ASG(s) ." Details=[], requeuing in cloud-private-ip-config workqueue

      Attachments

        Issue Links

          blocks

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-5359 [release-4.11] Azure: unable to configure EgressIP if an ASG is set

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          clones

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-3919 Azure: unable to configure EgressIP if an ASG is set

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          depends on

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-3919 Azure: unable to configure EgressIP if an ASG is set

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-5157 [release-4.10] Azure: unable to configure EgressIP if an ASG is set

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Bug - A problem that impairs or prevents the functions of the product. OCPBUGS-5359 [release-4.11] Azure: unable to configure EgressIP if an ASG is set

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          links to

          GitHub openshift/cloud-network-config-controller#92: [release-4.12] Bug OCPBUGS-5156: Add ApplicationSecurityGroups to InterfaceIPConfiguration

          Activity

            People

              jluhrsen Jamo Luhrsen
              pbertera@redhat.com Pietro Bertera
              Anurag Saxena Anurag Saxena
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: