Bug 1939281
Summary: | aws-vpc-move-ip: Enable eni lookup for AWS shared networks via RAM [RHEL 8] | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Reid Wahl <nwahl> | |
Component: | resource-agents | Assignee: | Oyvind Albrigtsen <oalbrigt> | |
Status: | CLOSED ERRATA | QA Contact: | Brandon Perkins <bperkins> | |
Severity: | medium | Docs Contact: | ||
Priority: | medium | |||
Version: | --- | CC: | aackerma, agk, bperkins, cfeist, cluster-maint, dhellard, fdinitto, fguilher, juholmes, phagara, sanichol, toneata, xzhou | |
Target Milestone: | rc | Keywords: | FeatureBackport, FutureFeature, Triaged, ZStream | |
Target Release: | --- | |||
Hardware: | All | |||
OS: | Linux | |||
Whiteboard: | ||||
Fixed In Version: | resource-agents-4.1.1-91.el8 | Doc Type: | Enhancement | |
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1939282 1943093 1943095 1943111 1943728 (view as bug list) | Environment: | ||
Last Closed: | 2021-11-09 17:27:32 UTC | Type: | Feature Request | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1943093, 1943095, 1943111, 1943728 |
Description
Reid Wahl
2021-03-15 22:23:11 UTC
@fguilher, would you be able to help us with this? Our QE engineer asked:
> I think I'm going to need a test case for this bug as it isn't entirely
> clear to me how this is supposed to work. The best description I could find
> was in:
>
> https://github.com/ClusterLabs/resource-agents/pull/1549#issuecomment-
> 682127846
>
> but even there, I couldn't tell if we are talking about different
> organization accounts, user accounts, VPCs or what. So, if someone can
> point me to implementation documentation or give me a simple positive test
> case, I should be able to test that plus create negative test cases for it.
Thanks in advance if so!
ON_QA bug without Verified:Tested should be in the MODIFIED state. ON_QA bug without Verified:Tested should be in the MODIFIED state. Hello, I met with the QAE assigned to this BZ and explained the basic architecture and the important things to consider to test this BZ. I'm going to follow up with him in the next few days to ensure we can move ahead with the testing. In summary, VPC sharing allows multiple AWS accounts to create their application resources, such as Amazon EC2 instances, into shared, centrally-managed Amazon Virtual Private Clouds (VPCs). In this model, the account that owns the VPC (owner) shares one or more VPC subnets with other accounts (participants/consumers) that belong to the same AWS Organization. After a VPC subnet is shared, the AWS accounts which the VPC has been shared with, can launch the EC2 instances (cluster nodes) using these shared VPC subnets. In order to properly test, the proper AWS setup is required, including AWS IAM permissions, AWS Organizations and sharing a VPC using AWS Resource Access Manager (RAM). This BZ introduces all the code changes required to enable a participants/consumers AWS Accounts to make mutable API calls to the account owning the VPC, and to lookup the EC2 resources correctly. Basic test cases are: - Ensure backward compatibility (all scenarios working before this BZ should still work!) - Ensure no regressions were introduced - Test the new parameters: - lookup_type - either NetworkInterfaceId or InstanceId - routing_table_role - required for Shared VPC scenarios Please, let me know any other questions arrises and I'm available for further discussions. Set Customer Escalation Flag=Yes, per ACE EN-39654. Per the RH Account team, "This bug at is having a major impact on Toyota's their SAP-Hana implementation and project timeline. This issue has very high visibility at Toyota." Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: resource-agents security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:4139 |