Bug 1956980

Summary: OVN-Kubernetes leaves stale AddressSets around if the deletion was missed.
Product: OpenShift Container Platform Reporter: Casey Callendrello <cdc>
Component: NetworkingAssignee: Casey Callendrello <cdc>
Networking sub component: ovn-kubernetes QA Contact: Anurag saxena <anusaxen>
Status: CLOSED ERRATA Docs Contact:
Severity: low    
Priority: low    
Version: 4.7   
Target Milestone: ---   
Target Release: 4.7.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-06-15 09:27:08 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1947176    
Bug Blocks:    

Description Casey Callendrello 2021-05-04 19:30:28 UTC
This bug was initially created as a copy of Bug #1947176

I am copying this bug because: 



Upstream PR https://github.com/ovn-org/ovn-kubernetes/pull/2152 fixes a bug where ForEachAddressSet didn't work.

This means that we won't delete old address sets if the deletion is missed, say, because ovn-k was restarting.

If another namespace or NetworkPolicy comes into existence with the same name, it will have spurious IPs in the address set.

We should backport this fix as appropriate.

Comment 4 Siddharth Sharma 2021-06-04 18:39:14 UTC
This bug will be shipped as part of next z-stream release 4.7.15 on June 14th, as 4.7.14 was dropped due to a regression https://bugzilla.redhat.com/show_bug.cgi?id=1967614

Comment 8 errata-xmlrpc 2021-06-15 09:27:08 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.7.16 security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:2286