Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-5359

[release-4.11] Azure: unable to configure EgressIP if an ASG is set

XMLWordPrintable

    • Moderate
    • None
    • 1
    • SDN Sprint 230
    • 1
    • Rejected
    • False
    • Hide

      None

      Show
      None

      This is a clone of issue OCPBUGS-5156. The following is the description of the original issue:

      Description of problem:

      If a custom Azure Application Security Group is attached to a node nic EgressIP wiring fails with the error "All IPConfigurations on a Network Interface should reference the same set of Application Security Groups"

      Version-Release number of selected component (if applicable):

      - 4.10

      Steps to Reproduce:

      1. Deploy an IPI cluster on Azure
      2. Configure an EgressIP to a project
      3. Check the "cloud-network-config-controller" pod logs 

      Actual results:

      - The IP address is configured on the node operating system (you can see it via `ip addr`)
      - The IP address is not attached to the VM on the cloud provider due to the described error

      Expected results:

      The IP address should be wired to the VM

      Additional info:

      Here the full log message:
      
      E1103 16:16:02.226679       1 controller.go:165] error syncing '10.189.112.90': error assigning CloudPrivateIPConfig: "xxx.xxx.xxx.90" to node: "$NODE_NAME", err: network.InterfacesClient#CreateOrUpdate: Failure sending request: StatusCode=0 -- Original Error: Code="AllIpConfigurationsOnANicMustBelongToTheSameApplicationSecurityGroups" Message="All IPConfigurations on a Network Interface should reference the same set of Application Security Groups. IPConfiguration /subscriptions/XXXX/resourceGroups/openshift-ocp4azexp2/providers/Microsoft.Network/networkInterfaces/YYYY-nic/ipConfigurations/pipConfig references ASG(s) /subscriptions/XXX/resourceGroups/openshift-RG-extras/providers/Microsoft.Network/applicationSecurityGroups/ASG_NAME, wheras IPConfiguration /subscriptions/XXX/resourceGroups/openshift-RG/providers/Microsoft.Network/networkInterfaces/ocp4azexp2-qrfgh-worker-northeurope2-xdbbp-nic/ipConfigurations/xxx_xxx.xxx.xxx.90 references ASG(s) ." Details=[], requeuing in cloud-private-ip-config workqueue

              jluhrsen Jamo Luhrsen
              openshift-crt-jira-prow OpenShift Prow Bot
              Jean Chen Jean Chen
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: