-
Bug
-
Resolution: Done
-
Major
-
None
-
4.12.z
-
None
Description of problem:
If a custom Azure Application Security Group is attached to a node nic EgressIP wiring fails with the error "All IPConfigurations on a Network Interface should reference the same set of Application Security Groups"
Version-Release number of selected component (if applicable):
- 4.10
Steps to Reproduce:
1. Deploy an IPI cluster on Azure 2. Configure an EgressIP to a project 3. Check the "cloud-network-config-controller" pod logs
Actual results:
- The IP address is configured on the node operating system (you can see it via `ip addr`) - The IP address is not attached to the VM on the cloud provider due to the described error
Expected results:
The IP address should be wired to the VM
Additional info:
Here the full log message: E1103 16:16:02.226679 1 controller.go:165] error syncing '10.189.112.90': error assigning CloudPrivateIPConfig: "xxx.xxx.xxx.90" to node: "$NODE_NAME", err: network.InterfacesClient#CreateOrUpdate: Failure sending request: StatusCode=0 -- Original Error: Code="AllIpConfigurationsOnANicMustBelongToTheSameApplicationSecurityGroups" Message="All IPConfigurations on a Network Interface should reference the same set of Application Security Groups. IPConfiguration /subscriptions/XXXX/resourceGroups/openshift-ocp4azexp2/providers/Microsoft.Network/networkInterfaces/YYYY-nic/ipConfigurations/pipConfig references ASG(s) /subscriptions/XXX/resourceGroups/openshift-RG-extras/providers/Microsoft.Network/applicationSecurityGroups/ASG_NAME, wheras IPConfiguration /subscriptions/XXX/resourceGroups/openshift-RG/providers/Microsoft.Network/networkInterfaces/ocp4azexp2-qrfgh-worker-northeurope2-xdbbp-nic/ipConfigurations/xxx_xxx.xxx.xxx.90 references ASG(s) ." Details=[], requeuing in cloud-private-ip-config workqueue
- blocks
-
OCPBUGS-5359 [release-4.11] Azure: unable to configure EgressIP if an ASG is set
- Closed
- clones
-
OCPBUGS-3919 Azure: unable to configure EgressIP if an ASG is set
- Closed
- depends on
-
OCPBUGS-3919 Azure: unable to configure EgressIP if an ASG is set
- Closed
- is cloned by
-
OCPBUGS-5157 [release-4.10] Azure: unable to configure EgressIP if an ASG is set
- Closed
-
OCPBUGS-5359 [release-4.11] Azure: unable to configure EgressIP if an ASG is set
- Closed
- links to
(1 links to)