Bug 1859174

Summary: [IPI][OSP] Having errors from 4.3 to 4.6 about Security group rule already created
Product: OpenShift Container Platform Reporter: David Sanz <dsanzmor>
Component: InstallerAssignee: Pierre Prinetti <pprinett>
Installer sub component: OpenShift on OpenStack QA Contact: David Sanz <dsanzmor>
Status: CLOSED ERRATA Docs Contact:
Severity: low    
Priority: low CC: m.andre, pprinett, tbarron, wjiang
Version: 4.6   
Target Milestone: ---   
Target Release: 4.7.0   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-02-24 15:13:58 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Description Flags
openshift-install.log none

Description David Sanz 2020-07-21 11:41:24 UTC
Description of problem:

Following error has started to appears on installation failures from 4.3 to 4.6

11:21:56  level=error msg="Error: Error creating openstack_networking_secgroup_rule_v2: Expected HTTP response code [] when accessing [POST https://rhos-d.infra.prod.upshift.rdu2.redhat.com:13696/v2.0/security-group-rules], but got 409 instead"
11:21:56  level=error msg="{\"NeutronError\": {\"message\": \"Security group rule already exists. Rule id is d5715ee7-b743-47cf-bc4d-5e86272c54a8.\", \"type\": \"SecurityGroupRuleExists\", \"detail\": \"\"}}"
11:21:56  level=error
11:21:56  level=error msg="  on ../../../../tmp/openshift-install-392734187/topology/sg-worker.tf line 164, in resource \"openstack_networking_secgroup_rule_v2\" \"worker_ingress_services_udp\":"
11:21:56  level=error msg=" 164: resource \"openstack_networking_secgroup_rule_v2\" \"worker_ingress_services_udp\" {"

Version-Release number of the following components:
Latest payload nightly images from 4.3 to 4.6

How reproducible:

Steps to Reproduce:
1.Install IPI on OSP
2.Check log for terraform steps

Actual results:
Installation is aborted

Expected results:

Additional info:
Please attach logs from ansible-playbook with the -vvv flag

Comment 1 Pierre Prinetti 2020-07-23 14:15:38 UTC
Decreasing the severity, as this is not currently blocking tests.

However, I think it makes sense to target "potentially slow" infrastructures; let's see if there's something we can do.

Comment 8 weiwei jiang 2020-10-14 08:34:32 UTC
Created attachment 1721424 [details]

Checked with 4.7.0-0.nightly-2020-10-14-043821, and not found this issue.

Openshift-install.log is attached.

Comment 9 weiwei jiang 2020-10-14 08:36:02 UTC
Verified and please reopen if you reproduce this in later verison.

Comment 14 errata-xmlrpc 2021-02-24 15:13:58 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.