Bug 1988425

Summary: [4.8] drop-icmp pod blocks direct SSH access to cluster nodes
Product: OpenShift Container Platform Reporter: mcambria <mcambria>
Component: NetworkingAssignee: mcambria <mcambria>
Networking sub component: openshift-sdn QA Contact: Mike Fiedler <mifiedle>
Status: CLOSED ERRATA Docs Contact:
Severity: urgent    
Priority: urgent CC: aconstan, gpei, jialiu, ljakubow, mcambria, memodi, mifiedle, pmagotra, sreber, tsze
Version: 4.8Keywords: FastFix
Target Milestone: ---   
Target Release: 4.8.z   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1984449 Environment:
Last Closed: 2021-08-31 16:17:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1984449    
Bug Blocks: 1988426    

Comment 1 mcambria@redhat.com 2021-08-04 14:09:56 UTC 
*** Bug 1989599 has been marked as a duplicate of this bug. ***
Comment 4 Mike Fiedler 2021-08-11 21:32:09 UTC 
FastFix verification complete on cluster-bot cluster built from https://github.com/openshift/cluster-network-operator/pull/1169.   See PR for test notes.
Comment 7 Mike Fiedler 2021-08-18 13:05:50 UTC 
Verified on 4.8.0-0.nightly-2021-08-17-004424.   ssh to worker on Azure works well - no hang.
Comment 8 ximhan 2021-08-20 07:26:57 UTC 
OpenShift engineering has decided to NOT ship 4.8.6 on 8/23 due to the following issue.
https://bugzilla.redhat.com/show_bug.cgi?id=1995785
All the fixes part will be now included in 4.8.7 on 8/30.
Comment 12 errata-xmlrpc 2021-08-31 16:17:11 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.8.9 bug fix), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:3247
Comment 13 Mehul Modi 2021-11-19 01:19:05 UTC 
Added https://polarion.engineering.redhat.com/polarion/#/project/OSE/workitem?id=OCP-44995