Bug 1571432
Summary: | [3.8] Update of Egress Network Policy causes temporary egress failure when using dnsName | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Ravi Sankar <rpenta> |
Component: | Networking | Assignee: | Casey Callendrello <cdc> |
Networking sub component: | openshift-sdn | QA Contact: | zhaozhanqi <zzhao> |
Status: | CLOSED EOL | Docs Contact: | |
Severity: | high | ||
Priority: | high | CC: | aos-bugs, bbennett, erich |
Version: | 3.8.0 | ||
Target Milestone: | --- | ||
Target Release: | 3.8.z | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
Cause: Update egress policy needed blocking outgoing traffic, patching ovs flows and then re-enabling traffic but the ovs flow generation for dns names was slow.
Consequence: Few seconds egress traffic downtime which may not be acceptable.
Fix: Change update egress policy handling to pre-populate all new ovs flows before blocking the outgoing traffic.
Result: Reduces the downtime during egress policy updates.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-12-05 21:59:39 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Ravi Sankar
2018-04-24 18:57:46 UTC
Jumped to VERIFIED because the PR has landed, but we don't build 3.8 to QE. |