-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
4.19.z
-
Quality / Stability / Reliability
-
False
-
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
HCP KAS Availability is at risk when adding multiple CIDRBlocks on neighboring clusters. 1. Created 1st HCP, with no AllowedCIDRBlock spec, cluster state Completed as usual 2. Added 250 CIDR blocks to it - including an allow-all cidr (0.0.0.0/0) helps me to connect the cluster. 3. Created 2nd one, with no CIDR spec, but stuck at that health check 4. Added the allow-all cidr block(0.0.0.0/0) to the second one, helps it to get completed 5. Still second HCP is KAS availability is intermittent and failing to respond API calls frequently
Version-Release number of selected component (if applicable):
4.19.7
How reproducible:
Always
Steps to Reproduce:
It can be reproduced on self-managed ARO-HCPs on AKS 1. Created 1st HCP, with no AllowedCIDRBlock spec, cluster state Completed as usual 2. Added 250 CIDR blocks to it - including an allow-all cidr (0.0.0.0/0) helps me to connect the cluster. 3. Created 2nd one, with no CIDR spec, but stuck at that health check 4. Added the allow-all cidr block(0.0.0.0/0) to the second one, helps it to get completed 5. Still second HCP is KAS availability is intermittent and failing to respond API calls frequently
Actual results:
Neighboring HCPs API Availability is at risk when there are HCPs with multiple CIDRBlocks in a MC
Expected results:
Irrespective of CIDR blocks, adjacent cluster connectivity should not be interrupted.
Additional info: