Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: None
Affects Version/s: 4.9.0
Component/s: Networking / ovn-kubernetes
Labels:
- OVN-Kubernetes
- egressfirewall

Test Coverage:

+
Severity:
Critical
Sprint:
SDN Sprint 225, SDN Sprint 226
sprint_count:
2
Release Blocker:
Proposed
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Customer Impact:

Customer Escalated
Target Version:

4.9.z

SFDC Cases Counter:
SFDC Cases Links:

Description

Description of problem:
Each time the ovn-master change by a new election, the egressfirewall rules are written again in the OVN Northbound database. So, the egressfirewall rules grow indefinitely in the NBDB and we notice some problems with the priority rules appear.

Version-Release number of selected component (if applicable):
UPI Baremetal OCP 4.9.37 and 4.9.46

How reproducible:
Every time

Steps to Reproduce:
1. create an egressfirewall on the namespace
2. restart the ovnkube-master active pod
3. check the nbdb for duplicate egressfirewall rules

Actual results:
duplicate entries and priorities changed for the rules

Expected results:
there shouldn't be any duplicate entries

Additional info:

Attachments

Issue Links

is blocked by

OCPBUGS-894 Duplicate Egress firewall rules while upgrading to Openshift 4.10.26

Closed

links to

openshift/ovn-kubernetes#1261: OCPBUGS-811: [Release 4.9] correct creation and update of egressFirewall

Activity

People

Assignee:: Jacob Tanenbaum

Reporter:: Siva Kanakala (Inactive)

QA Contact:: Huiran Wang

Votes:: 1 Vote for this issue

Watchers:: 10 Start watching this issue

Dates

Created:: 2022/09/01 1:54 PM

Updated:: 2023/03/27 3:13 AM

Resolved:: 2022/10/19 7:54 PM