Bug 1915007

Summary: Fixed by revert -- Upgrade to OCP 4.6.9 results in cluster-wide DNS and connectivity issues due to bad NetworkPolicy flows
Product: OpenShift Container Platform Reporter: Scott Dodson <sdodson>
Component: NetworkingAssignee: Dan Winship <danw>
Networking sub component: openshift-sdn QA Contact: zhaozhanqi <zzhao>
Status: CLOSED ERRATA Docs Contact:
Severity: high    
Priority: high CC: anusaxen, astoycos, bbennett, bleanhar, cblecker, danw, dmoessne, jhou, jminter, maschmid, palonsor, palshure, rbohne, rh-container, sdodson, skrenger, sreber, suchaudh, travi, wking, zzhao
Version: 4.6Keywords: ServiceDeliveryBlocker, Upgrades
Target Milestone: ---   
Target Release: 4.6.z   
Hardware: x86_64   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: Problems with NetworkPolicy in 4.6.9 Consequence: After upgrading to 4.6.9 customers who have any NetworkPolicies in their clusters might experience network connectivity problems (even in namespaces that don't have NetworkPolicies). Fix: Reverted several performance-related fixes that had been made to the NetworkPolicy code. Result: NetworkPolicy works again, though without the performance improvements that had shipped in 4.6.9.
Story Points: ---
Clone Of: 1914284
: 1915008 (view as bug list) Environment:
Last Closed: 2021-01-18 18:00:27 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1914284    
Bug Blocks: 1915008    

Comment 1 Scott Dodson 2021-01-11 18:05:18 UTC
Please note that when testing this it was fixed by reverting the changes in bug 1904455, that bug has been moved back to ASSIGNED to be fixed in the future.

Comment 7 errata-xmlrpc 2021-01-18 18:00:27 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.6.12 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Comment 8 W. Trevor King 2021-03-31 04:17:51 UTC
Converting UpgradeBlocker to Upgrades per [1].

[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1914284#c38