Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-7469

GCP XPN should only be available with Tech Preview

XMLWordPrintable

    • Low
    • None
    • Proposed
    • False
    • Hide

      None

      Show
      None
    • Hide
      Cause: the GCP XPN feature was intended to be protected by a feature gate, but no validation was in place at 4.12 release

      Consequence: users could utilize the XPN feature without enabling the feature gate

      Fix: Add feature gate validation to 4.12

      Result: Users must enable featureSet: TechPreviewNoUpgrade to use GCP xpn
      Show
      Cause: the GCP XPN feature was intended to be protected by a feature gate, but no validation was in place at 4.12 release Consequence: users could utilize the XPN feature without enabling the feature gate Fix: Add feature gate validation to 4.12 Result: Users must enable featureSet: TechPreviewNoUpgrade to use GCP xpn
    • Bug Fix
    • Done

      Description of problem:

      GCP XPN is in tech preview. There are two features which are affected:
1. selecting a DNS zone from a different project should only be allowed if tech preview is enabled in the install config. (Using a DNS zone from a different project will fail to install due to outstanding work in the cluster ingress operator). 
2. GCP XPN passes through the installer host service account for control plane nodes. This should only happen if XPN (networkProjectID) is enabled. It should not happen during normal installs.

      Version-Release number of selected component (if applicable):

      4.12

      How reproducible:

       

      Steps to Reproduce:

      For install config fields:
1.specify a project ID for a DNS zone without featureSet: TechPreviewNoUpgrade
2.run openshift-install create manifests
====
For service accounts:
1. perform normal (not XPN) install
2. Check service account on control plane VM

       

      Actual results:

      For install config fields: you can specify project id without an error
For service accounts: the control plane vm will have same service account used for install

      Expected results:

      For install config fields: installer should complain that tech preview is not enabled
For service accounts: should have a new service account, created during install

      Additional info:

       

              padillon Patrick Dillon
              padillon Patrick Dillon
              Jianli Wei Jianli Wei
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: