-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
4.16
-
None
-
None
-
False
-
-
None
-
Important
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
-
None
Description of problem:
In our docs for v4.16 in the sections below pages
https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/postinstallation_configuration/configuring-multi-architecture-compute-machines-on-an-openshift-cluster#creating-multi-arch-compute-nodes-aws
https://docs.redhat.com/en/documentation/openshift_container_platform/4.16/html/postinstallation_configuration/post-install-node-tasks
found that the MachineSet Definition example is referring SecurityGroup Tags only set <infrastructure_id>-node or only ${Cluster-ID}-${node-role}-sg.
Since v4.16 this is changed and now the installer creates 2 SecurityGroups like below:${Cluster-ID}-node and ${Cluster-ID}-lb.
This will result in an error when we delete LB, some rules will leak. such as bug https://issues.redhat.com/browse/OCPBUGS-54623
Version-Release number of selected component (if applicable):
v4.16
How reproducible:
Always
Steps to Reproduce:
1. Create a new Machine Set following the v4.16 documentation
2. Create a NLB
3. Delete the created NLB
4. Check the rules description like kubernetes.io/rule/nlb/
Actual results:
These rules can't be deleted
Expected results:
securityGroups should set like: securityGroups: - filters: - name: tag:Name values: - <infrastructure_id>-node - filters: - name: tag:Name values: - <infrastructure_id>-lb
Additional info:
similar bug before https://issues.redhat.com/browse/OCPBUGS-37110