Bug 1912916
Summary: | Set external traffic policy to cluster for IBM platform | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Rudi Braun <rudi.braun> |
Component: | Networking | Assignee: | Miciah Dashiel Butler Masters <mmasters> |
Networking sub component: | router | QA Contact: | Hongan Li <hongli> |
Status: | CLOSED ERRATA | Docs Contact: | |
Severity: | medium | ||
Priority: | medium | CC: | amcdermo, aos-bugs, cewong, mmasters |
Version: | 4.6 | ||
Target Milestone: | --- | ||
Target Release: | 4.7.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-02-24 15:50:09 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Rudi Braun
2021-01-05 15:29:16 UTC
(In reply to Rudi Braun from comment #0) > Looks like we've encountered some regression in 4.6 around external traffic > policy being set to "local". Any manipulation, it seems the operator is just > swapping to back to "local." In previous versions, if this value was set to > "cluster" it would stick, without intervention from the operator. This may have been caused by https://github.com/openshift/cluster-ingress-operator/pull/482, which was reverted in https://github.com/openshift/cluster-ingress-operator/pull/507 to fix bug 1905490. #482 shipped in 4.6.6, and #507 shipped in 4.6.9. On what specific version are you seeing the issue? I agree though that if IBM Cloud needs "Cluster" external traffic policy, then the operator should set that (as per <https://github.com/openshift/cluster-ingress-operator/pull/516>). Nothing but the operator should be modifying the service that the operator manages. We were testing against 4.6.6 when observing the issue, have not tried against a 4.6.9+ build. We'll try to get https://github.com/openshift/cluster-ingress-operator/pull/516 merged in time for the OCP 4.7.0 release so that the operator sets the "Cluster" external traffic policy on IBM Cloud. I gather that you are currently using some workaround to set the external traffic policy. Do you want https://github.com/openshift/cluster-ingress-operator/pull/516 to be backported to 4.6.z in order to obviate the need for the workaround? (A backport will require some manual conflict resolution, but I do not mind doing it.) We've given 4.6.9 a shot per the comment above about the revert, and it does look like we're seeing the original behavior pre-4.6.6. I think if at some point you'd like to reintroduce that suspected change in 4.6, it would make sense to backport - however I differ to your guys' best judgement. As things stand, we appear to be working ok in 4.6.9. Verified with 4.7.0-0.nightly-2021-01-15-194305 no regression on other Cloud platform and moving to verified Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633 |