Bug 1670004
| Summary: | The pattern of cidrSelector for egressnetworkpolicy cannot match 0.0.0.0/0 | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | zhaozhanqi <zzhao> |
| Component: | Networking | Assignee: | Dan Winship <danw> |
| Status: | CLOSED ERRATA | QA Contact: | Meng Bo <bmeng> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 4.1.0 | CC: | aos-bugs |
| Target Milestone: | --- | ||
| Target Release: | 4.1.0 | ||
| Hardware: | All | ||
| OS: | All | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | No Doc Update | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-06-04 10:42:19 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
verified this bug on payload 4.0.0-0.nightly-2019-02-18-224151 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0758 |
Description of problem: Create egreenetworkpolicy with the following json: ----------denyall.json----- { "kind": "EgressNetworkPolicy", "apiVersion": "v1", "metadata": { "name": "policy1" }, "spec": { "egress": [ { "type": "Deny", "to": { "cidrSelector": "0.0.0.0/0" } } ] } } ------------------------------- when using above json, the following errors shown: ' validation failure list: spec.egress.to.cidrSelector in body should match '^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([1-9]|[12][0-9]|3[0-2])$' Version-Release number of selected component (if applicable): payload: 4.0.0-0.nightly-2019-01-25-214846 How reproducible: always Steps to Reproduce: 1. using the above json to create one egressnetworkpolicy 2. oc create -f denyall.json 3. Actual results: The EgressNetworkPolicy "policy1" is invalid: []: Invalid value: map[string]interface {}{"spec":map[string]interface {}{"egress":[]interface {}{map[string]interface {}{"type":"Deny", "to":map[string]interface {}{"cidrSelector":"0.0.0.0/0"}}}}, "apiVersion":"network.openshift.io/v1", "kind":"EgressNetworkPolicy", "metadata":map[string]interface {}{"name":"policy1", "namespace":"z1", "creationTimestamp":"2019-01-28T10:18:42Z", "generation":1, "uid":"16af18e6-22e6-11e9-9918-024f1dbae570", "selfLink":"", "clusterName":""}}: validation failure list: spec.egress.to.cidrSelector in body should match '^(([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[0-9][0-9]|1[0-9][0-9]|2[0-4][0-9]|25[0-5])/([1-9]|[12][0-9]|3[0-2])$' Expected results: the egressnetworkpolicy can be created. 0.0.0.0/0 should can be matched. Additional info: