Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-52367

Must gather doesn't collect IPsec data on the cluster upgraded from 4.14

XMLWordPrintable

    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • Done
    • Known Issue
    • Hide
      The `must-gather` tool does not collect IPsec information for a cluster that was upgraded from {product-title} 4.14. This issue occurs because the `ipsecConfig` configuration in the `networks.operator.openshift.io cluster` CR has an empty construct, `{}`, and this empty construct is passed to the upgraded version of {product-title}. As a workaround for this issue, run the following command with the following `ipsecConfig` configuration in the Cluster Network Operator (CNO) CR:
      +
      [source,terminal]
      ----
      $ oc patch networks.operator.openshift.io cluster --type=merge -p \
        '{
        "spec":{
          "defaultNetwork":{
            "ovnKubernetesConfig":{
              "ipsecConfig":{
                "mode":"Full"
              }}}}}'
      ----
      +
      After you run the command, the CNO collects `must-gather` logs that you can then view.
      +
      (link:https://issues.redhat.com/browse/OCPBUGS-52367[OCPBUGS-52367])
      Show
      The `must-gather` tool does not collect IPsec information for a cluster that was upgraded from {product-title} 4.14. This issue occurs because the `ipsecConfig` configuration in the `networks.operator.openshift.io cluster` CR has an empty construct, `{}`, and this empty construct is passed to the upgraded version of {product-title}. As a workaround for this issue, run the following command with the following `ipsecConfig` configuration in the Cluster Network Operator (CNO) CR: + [source,terminal] ---- $ oc patch networks.operator.openshift.io cluster --type=merge -p \   '{   "spec":{     "defaultNetwork":{       "ovnKubernetesConfig":{         "ipsecConfig":{           "mode":"Full"         }}}}}' ---- + After you run the command, the CNO collects `must-gather` logs that you can then view. + (link: https://issues.redhat.com/browse/OCPBUGS-52367 [ OCPBUGS-52367 ])
    • None
    • None
    • None
    • None

      Description of problem:

      After IPsec is upgraded from 4.14 into later versions, API option for IPsec in networks.operator.openshift.io cluster object remains to be emtpty struct {} in the ipsecConfig and may not be migrated to newer version containing IPsec mode option.

This is supported in OCP for backward compatibility, 

But must-gather currently doesn't collect IPsec logs when API option is set with {}.

      Version-Release number of selected component (if applicable):

      How reproducible:

      Steps to Reproduce:

          1.
    2.
    3.

      Actual results:

      Expected results:

      Additional info:

              pepalani@redhat.com Periyasamy Palanisamy
              pepalani@redhat.com Periyasamy Palanisamy
              None
              None
              Huiran Wang Huiran Wang
              Ashley Hardin Ashley Hardin
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: