Bug 2048222

Summary: [AWS GovCloud] Cluster can not be installed on AWS GovCloud regions via terminal interactive UI.
Product: OpenShift Container Platform Reporter: Yunfei Jiang <yunjiang>
Component: InstallerAssignee: Aditya Narayanaswamy <anarayan>
Installer sub component: openshift-installer QA Contact: Yunfei Jiang <yunjiang>
Status: CLOSED ERRATA Docs Contact:
Severity: medium    
Priority: medium    
Version: 4.10   
Target Milestone: ---   
Target Release: 4.11.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause:Clusters cannot be installed in the AWS GovCloud regions with the minimum input information the user enters through the installer and needs some extra fields to be populated. Consequences: Errors when creating cluster in normal IPI route. Fix: Removing all regions that are not supported by public AWS cloud. Result: Restricts user from going down a path that will lead to errors.
 Story Points: ---
Clone Of:
: 2051334 (view as bug list) Environment:
Last Closed: 2022-08-10 10:45:08 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2051334    

Description Yunfei Jiang 2022-01-30 09:38:19 UTC 
Description of problem:

installer only supports creating private cluster on GovCloud regions, which means the existing VPC/subnets are required. [1]
But terminal interactive UI does not supports:
1. Setting `publish` to `Internal`
2. Providing subnets to the config.

[1] https://docs.openshift.com/container-platform/4.9/installing/installing_aws/installing-aws-government-region.html

Version-Release number of selected component (if applicable):
4.10.0-0.nightly-2022-01-29-215708

How reproducible:
Always

Steps to Reproduce:
openshift-install create cluster --dir yunjiang-ccc
? Platform aws
INFO Credentials loaded from the "gov" profile in file "/home/ec2-user/.aws/credentials"
? Region us-gov-east-1
? Base Domain qe.devcluster.openshift.com
? Cluster Name yunjiang-ccc
? Pull Secret [? for help] 
FATAL failed to fetch Metadata: failed to fetch dependency of "Metadata": failed to fetch dependency of "Bootstrap Ignition Config": failed to fetch dependency of "Common Manifests": failed to generate asset "DNS Config": getting public zone for "qe.devcluster.openshift.com": No public route53 zone found matching name "qe.devcluster.openshift.com"

Suggestion:
remove AWS GovCloud regions (us-gov-east-1, us-gov-west-1) from the list in terminal interactive UI.

Additional info:
Comment 1 Matthew Staebler 2022-01-31 21:15:15 UTC 
The installer should not be presenting us-gov-east-1 as a valid region to select from the survey.
Comment 2 Matthew Staebler 2022-02-01 01:36:28 UTC 
(In reply to Matthew Staebler from comment #1)
> The installer should not be presenting us-gov-east-1 as a valid region to
> select from the survey.

To elaborate a bit further, the installer should only support creating an install-config.yaml for the public AWS partition.
Comment 5 Yunfei Jiang 2022-02-07 03:44:40 UTC 
verified. PASS.

OCP version: 4.11.0-0.nightly-2022-02-06-113143
Comment 10 errata-xmlrpc 2022-08-10 10:45:08 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:5069