Loading...

XML

Word

Printable

Type: Feature Request
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: OpenShift 4.0
Component/s: Installer
Labels:

Target Version:
None
Activity Type:
Product / Portfolio Work
Status Summary:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Products:
None
Hierarchy Progress Bar:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Review Complete:
None
PX Impact Score:
PX Impact Range:
None
PX Priority Data:
None
PX Technical Impact:
None
PX Technical Impact Notes:
None
PX Scheduling Request:
None

Problem:

Customer wants an option to specify an additional security group for the Loadbalancers in install-config.yaml.

lbType: NLB
additionalSecurityGroupIDs:

sg-1 <---- Option to attach additional security group

Additional day 2 operations required to workaround and resolve the default Load Balancers, which do not have an attached Security Group and is created within the same subnets as the OpenShift clusters.

Customer wants the option to specify per load balancer security group, knowing that IPI automatically creates 3 x Load Balancer for a public cluster and 2 x Load Balancer for a private cluster.

Something like the following within install-config.yaml

platform:
aws:
region: ap-southeast-1
lbType: NLB
vpc:
subnets:
- id: subnet-xxx # public subnet
roles:
- type: BootstrapNode
- type: IngressControllerLB
additionalSecurityGroupIDs:
- sg-xxx
- type: ControlPlaneExternalLB
additionalSecurityGroupIDs:
- sg-xxx
- id: subnet-xxx # private subnet
roles:
- type: ControlPlaneInternalLB
additionalSecurityGroupIDs:
- sg-xxx
- id: subnet-xxx # private subnet
roles:
- type: ClusterNode

Assignee:: Ju Lim

Reporter:: Sakshi sakshi

Need Info From:: None

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2026/02/17 1:57 AM

Updated:: 2026/02/24 4:26 AM

Target start:: None

Target end:: None

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates