Uploaded image for project: 'OpenShift SDN'
  1. OpenShift SDN
  2. SDN-5146

Impact: Unexpected Behavior During Cluster Upgrade (4.14.23 to 4.15.15) for the ovn-ipsec-host pods

XMLWordPrintable

    • Icon: Spike Spike
    • Resolution: Done
    • Icon: Critical Critical
    • None
    • None
    • None
    • False
    • None
    • False
    • ---
    • 0
    • 0

      Impact statement for the OCPBUGS-37205 series:

      Which 4.y.z to 4.y'.z' updates increase vulnerability?

      All 4.14 to 4.15 until we have a fixed 4.15

      Which types of clusters?

      Clusters that use OVN networking with IPsec enabled, where more than one MachineConfigPool (MCP) is configured for worker nodes and at least one of the MCP is paused. Default cluster configuration with a single MCP for master nodes and single for worker nodes is not affected.

      What is the impact? Is it serious enough to warrant removing update recommendations?

      Worker nodes in the paused MachineConfigPool lose SDN connectivity, which affects workloads.

      How involved is remediation?

      The paused MCP can be unpaused which resolves the issue

      Is this a regression?

      Yes.

            ykashtan Yuval Kashtan
            afri@afri.cz Petr Muller
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: