Bug 1899435

Summary: GCP: the dns for *.apps in Google Cloud DNS is not updated when updating spec.endpointPublishingStrategy.loadBalancer.scope
Product: OpenShift Container Platform Reporter: Hongan Li <hongli>
Component: NetworkingAssignee: Miheer Salunke <misalunk>
Networking sub component: router QA Contact: Hongan Li <hongli>
Status: CLOSED DUPLICATE Docs Contact:
Severity: high    
Priority: high CC: amcdermo, aos-bugs
Version: 4.7Keywords: UpcomingSprint
Target Milestone: ---   
Target Release: 4.7.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-12-08 10:34:12 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Hongan Li 2020-11-19 08:37:04 UTC 
Description of problem:
the dns for *.apps in Google Cloud DNS is not updated when updating ingresscontroller spec.endpointPublishingStrategy.loadBalancer.scope from Internal to External and/or vice versa. 

Version-Release number of selected component (if applicable):
4.7.0-0.nightly-2020-11-18-203317

How reproducible:
100%

Steps to Reproduce:
1. launch a cluster on GCP.
2. change the spec.endpointPublishingStrategy.loadBalancer.scope to Internal
   #oc -n openshift-ingress-operator edit ingresscontroller/default

3. change back the scope from Internal to External
   # oc -n openshift-ingress-operator patch ingresscontroller/default -p '{"spec":{"endpointPublishingStrategy":{"loadBalancer":{"scope":"External"}}}}' --type=merge

Actual results:
Checked Google Cloud DNS and it always shows the first IP 35.202.177.208 for *.apps.<cluster-name>.<domain>.

step1:
# oc -n openshift-ingress get svc
NAME                      TYPE           CLUSTER-IP     EXTERNAL-IP      PORT(S)                      AGE
router-default            LoadBalancer   172.30.33.31   35.202.177.208   80:32225/TCP,443:32658/TCP   5m50s

step2:
# oc -n openshift-ingress get svc
NAME                      TYPE           CLUSTER-IP     EXTERNAL-IP   PORT(S)                      AGE
router-default            LoadBalancer   172.30.33.31   10.0.32.5     80:32225/TCP,443:32658/TCP   6m46s

step3:
# oc -n openshift-ingress get svc
NAME                      TYPE           CLUSTER-IP     EXTERNAL-IP    PORT(S)                      AGE
router-default            LoadBalancer   172.30.33.31   34.72.136.74   80:32225/TCP,443:32658/TCP   28m

Expected results:
step2: the DNS for *.apps should be updated to 10.0.32.5 
step3: the DNS for *.apps should be updated to 34.72.136.74

Additional info:
no this issue on AWS/Azure.
Comment 1 Hongan Li 2020-11-19 08:56:08 UTC 
the root cause might be same to https://bugzilla.redhat.com/show_bug.cgi?id=1898417#c2, but for this one I don't think the workaround (recreating dnsrecords) is acceptable, maybe we should add logic for GCP platform to refresh Google Cloud DNS.
Comment 2 Andrew McDermott 2020-11-19 17:17:28 UTC 
Any fix here should update the docs to say that in 4.7 we can now change scope. This should be backported to 4.6 but not beyond that.
Comment 3 Miheer Salunke 2020-12-08 10:30:20 UTC 
WIP https://github.com/openshift/cluster-ingress-operator/pull/500
Comment 4 Miheer Salunke 2020-12-08 10:34:12 UTC 

*** This bug has been marked as a duplicate of bug 1898417 ***