Bug 1752045
Summary: | No RBAC method for setting ExternalIPs | |||
---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Casey Callendrello <cdc> | |
Component: | Networking | Assignee: | Aniket Bhat <anbhat> | |
Networking sub component: | openshift-sdn | QA Contact: | zhaozhanqi <zzhao> | |
Status: | CLOSED ERRATA | Docs Contact: | ||
Severity: | unspecified | |||
Priority: | unspecified | CC: | anbhat, danw, weliang | |
Version: | 4.3.z | |||
Target Milestone: | --- | |||
Target Release: | 4.3.0 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | If docs needed, set a value | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1759181 1759182 (view as bug list) | Environment: | ||
Last Closed: | 2020-01-23 11:05:53 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | 1757553 | |||
Bug Blocks: | 1759181 |
Verified it on v4.3.0-0.ci-2019-10-04-083724. Will re-test it when the v4.3 nightly image ready on https://openshift-release.svc.ci.openshift.org/ Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:0062 |
> The solution is to create a special RBAC check in the ExternalIPAdmissionController[1] that looks like the one in the RestrictedEndpointAdmissionController[2] The links there are to 4.1, but we'll want to do this in git master first, where the controller has moved to vendor/k8s.io/kubernetes/openshift-kube-apiserver/admission/network/externalipranger/externalip_admission.go