Bug 1950113

Summary:	in-cluster operators need an API for additional AWS tags
Product:	OpenShift Container Platform	Reporter:	Matthew Staebler <mstaeble>
Component:	Installer	Assignee:	Matthew Staebler <mstaeble>
Installer sub component:	openshift-installer	QA Contact:	Pedro Amoedo <pamoedom>
Status:	CLOSED ERRATA	Docs Contact:
Severity:	urgent
Priority:	urgent	Keywords:	FastFix
Version:	4.8
Target Milestone:	---
Target Release:	4.8.0
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	No Doc Update
Doc Text:	No feature tracked in epic	Story Points:	---
Clone Of:		Environment:
Last Closed:	2021-07-27 23:01:26 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:	1954152

Description Matthew Staebler 2021-04-15 19:04:24 UTC

When a cluster is installed with user-provided tags to add to AWS resources, the in-cluster operators need to be able to read those tags from somewhere so that the operators can also apply the tags.

Comment 1 Matthew Staebler 2021-04-15 19:05:11 UTC

https://github.com/openshift/enhancements/pull/706

Comment 10 Pedro Amoedo 2021-04-28 16:33:39 UTC

[QA Status]

Since the current nightly "4.8.0-0.nightly-2021-04-28-124654" doesn't contain yet the corresponding PRs, I've proceeded with version "4.8.0-0.ci-2021-04-28-134626" and the resourceTags are now present as expected:

[Installer Parameters]

~~~
platform:
  aws:
    region: eu-west-3
    userTags:
      adminContact: pamoedo
      costCenter: 1981
      customTag: test
    experimentalPropagateUserTags: true
~~~

[Cluster Version]

~~~
$ oc get clusterversion
NAME      VERSION                        AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.8.0-0.ci-2021-04-28-134626   True        False         12m     Cluster version is 4.8.0-0.ci-2021-04-28-134626
~~~

[Infra Resource Tags]

~~~
$ oc get infrastructures.config.openshift.io -o yaml | grep -A6 " resourceTags"
        resourceTags:
        - key: adminContact
          value: pamoedo
        - key: costCenter
          value: "1981"
        - key: customTag
          value: test
~~~

[Additional Checks]

The tags are still present in the rest of resources created by the installer, including now also the volumes, for example:

~~~
$ aws ec2 describe-tags | grep customTag
TAGS	customTag	igw-0ba4ca659f2b092d8	internet-gateway	test
TAGS	customTag	subnet-010631284c3765029	subnet	test
TAGS	customTag	subnet-0187098a1f2fe706b	subnet	test
TAGS	customTag	subnet-03676fa23461b0c7c	subnet	test
TAGS	customTag	subnet-08cd5beb4ef8c3945	subnet	test
TAGS	customTag	subnet-0b5e70bcb16008c44	subnet	test
TAGS	customTag	subnet-0de03fe63889cff16	subnet	test
TAGS	customTag	sg-040821bec73d0aed7	security-group	test
TAGS	customTag	sg-087cf3366b1cd10a1	security-group	test
TAGS	customTag	sg-0c2168fb59962fb0a	security-group	test
TAGS	customTag	eipalloc-0516f20a21eaa6b03	elastic-ip	test
TAGS	customTag	eipalloc-07b155607c352bdfd	elastic-ip	test
TAGS	customTag	eipalloc-0bab68b05378ec621	elastic-ip	test
TAGS	customTag	rtb-0095b149c845adf74	route-table	test
TAGS	customTag	rtb-012d2892ca671261b	route-table	test
TAGS	customTag	rtb-097506381f76403e5	route-table	test
TAGS	customTag	rtb-0ad9880c820432594	route-table	test
TAGS	customTag	rtb-0ed89d867ec78d52b	route-table	test
TAGS	customTag	rtb-0ee5dc72a57311536	route-table	test
TAGS	customTag	eni-0617206a2c6a1c308	network-interface	test
TAGS	customTag	eni-080caed74b7682304	network-interface	test
TAGS	customTag	eni-0bd51addf56920964	network-interface	test
TAGS	customTag	i-042878c25d0b92b49	instance	test
TAGS	customTag	i-047dd8d0896aadeac	instance	test
TAGS	customTag	i-07bbf8cee335ac691	instance	test
TAGS	customTag	i-08efe7f38df7323bb	instance	test
TAGS	customTag	i-0e863588898608d29	instance	test
TAGS	customTag	i-0ea8dcc861571d688	instance	test
TAGS	customTag	vpc-04b79e71f80adcf18	vpc	test
TAGS	customTag	nat-001bc3c67c15ed952	natgateway	test
TAGS	customTag	nat-03ce2964094f818d8	natgateway	test
TAGS	customTag	nat-050b1e6da085ff1a4	natgateway	test
TAGS	customTag	vpce-01f64913efbfad6f0	vpc-endpoint	test
TAGS	customTag	vpce-096a66730fe93dbc9	vpc-endpoint	test
TAGS	customTag	vpce-0c9d765bedb63f9d3	vpc-endpoint	test
TAGS	customTag	dopt-01d655ea112a11850	dhcp-options	test
TAGS	customTag	dopt-06c416d45122ab043	dhcp-options	test
TAGS	customTag	dopt-0febbeb7a97f52adb	dhcp-options	test
TAGS	customTag	vol-0092e61a05313681f	volume	test
TAGS	customTag	vol-01343392325f6f4e4	volume	test
TAGS	customTag	vol-04adb99059c4424ce	volume	test
TAGS	customTag	vol-04b2b90c2c85076d5	volume	test
TAGS	customTag	vol-08eadeec209602a2d	volume	test
TAGS	customTag	vol-0d91403f4d3dd030d	volume	test
~~~

Best Regards.

Comment 13 errata-xmlrpc 2021-07-27 23:01:26 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:2438