-
Bug
-
Resolution: Cannot Reproduce
-
Undefined
-
None
-
4.17.z, 4.18.z
-
Quality / Stability / Reliability
-
False
-
-
None
-
None
-
None
-
None
-
None
-
Rejected
-
CLOUD Sprint 270, CLOUD Sprint 271, CLOUD Sprint 272, CLOUD Sprint 273, CLOUD Sprint 274, CLOUD Sprint 275, CLOUD Sprint 276, CLOUD Sprint 277, CLOUD Sprint 278
-
9
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
Associated Security group rule entry is not deleted from EC2 instance on deleting LoadBalancer service
Version-Release number of selected component (if applicable):
4.17.z, 4.18.z
How reproducible:
Always
Steps to Reproduce:
When an OpenShift Service of type LoadBalancer is created on a cluster running on AWS, an Elastic Load Balancer (ELB) is automatically provisioned. AWS creates a dedicated security group for this ELB, and that group is configured to allow inbound traffic (e.g., TCP/443).AWS modifies the security group of EC2 instances (i.e., the OpenShift nodes) by adding an inbound rule that allows traffic from the ELB security group. When the LoadBalancer service is deleted, AWS: - Automatically deletes the ELB. - Deletes the ELB's security group. - However, AWS does not automatically clean up the inbound rule in the OCP node’s security group that referenced the ELB's security group (even though that group no longer exists).
Actual results:
Expected results:
Additional info: