Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done-Errata
Priority: Critical
Fix Version/s: 4.13, 4.12, 4.14
Affects Version/s: 4.13, 4.12, 4.14
Component/s: Installer / openshift-installer
Labels:

Severity:
Moderate
Story Points:
2
Sprint:
Sprint 235, Sprint 237, Sprint 236
sprint_count:
3
Release Blocker:
Rejected
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Target Version:

4.14.0

SFDC Cases Counter:
SFDC Cases Links:

Description

Description of problem:

If the HyperShift operator is installed onto a cluster, it creates VPC Endpoint Services fronting the hosted Kubernetes API Server for downstream HyperShift clusters to connect to. These VPC Endpoint Services are tagged such that the uninstaller would attempt to action them:

"kubernetes.io/cluster/${ID}: owned"

However they cannot be deleted until all active VPC Endpoint Connections are rejected - the uninstaller should be able to do this.

Version-Release number of selected component (if applicable):

4.12 (but shouldn't be version-specific)

How reproducible:

100%

Steps to Reproduce:

1. Create an NLB + VPC Endpoint Service in the same VPC as a cluster
2. Tag it accordingly and create a VPC Endpoint connection to it

Actual results:

The uninstaller will not be able to delete the VPC Endpoint Service + the NLB that the VPC Endpoint Service is fronting

Expected results:

The VPC Endpoint Service can be completely cleaned up, which would allow the NLB to be cleaned up

Additional info:

Attachments

Issue Links

links to

openshift/installer#7101: OCPBUGS-7410: Reject active VPC connections before service destroy

RHEA-2023:5006 rpm

Activity

People

Assignee:: Aditya Narayanaswamy

Reporter:: Michael Shen

QA Contact:: Yunfei Jiang

Votes:: 0 Vote for this issue

Watchers:: 13 Start watching this issue

Dates

Created:: 2023/02/13 4:34 PM

Updated:: 2023/10/31 1:31 PM

Resolved:: 2023/10/31 12:55 PM