Bug 2083659

G2Bsync 1122583790 comment 
 skitt Tue, 10 May 2022 15:55:11 UTC 
 G2Bsync this will limit the usefulness of `subctl gather`, so I think it’s a good candidate for backporting to 2.5, in a z-stream update.

@Vishal, can you help Noam figure out what's the best way to verify this? Even if he deploys via ACM, he can control the cable driver: https://github.com/stolostron/submariner-addon/blob/main/pkg/apis/submarinerconfig/v1alpha1/0000_00_submarineraddon.open-cluster-management.io_submarinerconfigs.crd.yaml - but I am not sure if the bug itself is valid for the ACM use case.

Other option is to test it manually via `subctl`.


Thanks
Nir

Not sure as we don't have information on how to reproduce it. submarineraddon will always add libreswan ot submariner CR if none specified.

So for testing purposes, we have to use subctl and join with cableDriver="" or not specify it at all.

On ACM 2.5.1 with Submariner 0.12.1 this was verified:
https://qe-jenkins-csb-skynet.apps.ocp-c1.prod.psi.redhat.com/job/ACM-Upgrade-2.5.1-Submariner-0.12.1-AWS-GCP-Globalnet/44/Test-Report/

Creating SubmarinerConfig with an empty cable driver:

apiVersion: submarineraddon.open-cluster-management.io/v1alpha1 kind: SubmarinerConfig metadata: name: submariner namespace: acm-aws-nmanos-cluster-a-1 spec: IPSecIKEPort: 501 IPSecNATTPort: 4501 cableDriver:   credentialsSecret: name: acm-aws-nmanos-cluster-a-1-aws-creds gatewayConfig: aws: instanceType: c5d.large gateways: 1 imagePullSpecs: lighthouseAgentImagePullSpec: '' lighthouseCoreDNSImagePullSpec: '' submarinerImagePullSpec: '' submarinerRouteAgentImagePullSpec: '' subscriptionConfig: channel: stable-0.12 source: submariner-stable-0-12-catalog sourceNamespace: submariner-operator startingCSV: submariner.v0.12.1

Has set the default cable driver to "libreswan" in the created resource:

Spec:
  IP Sec IKE Port:      501
  IP Sec NATT Port:     4501
  NATT Discovery Port:  4900
  NATT Enable:          true
  Cable Driver:         libreswan
  Credentials Secret:
    Name:  acm-aws-nmanos-cluster-a-1-aws-creds
  Gateway Config:
    Aws:
      Instance Type:  c5d.large
    Gateways:         1
  Image Pull Specs:
    Lighthouse Agent Image Pull Spec:        
    Lighthouse Core DNS Image Pull Spec:     
    Submariner Image Pull Spec:              
    Submariner Route Agent Image Pull Spec:  
  Load Balancer Enable:                      false
  Subscription Config:
    Channel:           stable-0.12
    Source:            submariner-stable-0-12-catalog
    Source Namespace:  submariner-operator
    Starting CSV:      submariner.v0.12.1
Status:
  Conditions:
    Last Transition Time:  2022-06-29T06:30:07Z
    Message:               Submariner cluster environment was prepared
    Reason:                SubmarinerClusterEnvPrepared
    Status:                True
    Type:                  SubmarinerClusterEnvironmentPrepared
    Last Transition Time:  2022-06-29T06:33:23Z
    Message:               1 node(s) ("ip-10-16-56-118.us-west-1.compute.internal") are labeled as gateways
    Reason:                Success
    Status:                True
    Type:                  SubmarinerGatewaysLabeled
    Last Transition Time:  2022-06-29T06:30:14Z
    Message:               SubmarinerConfig was applied
    Reason:                SubmarinerConfigApplied
    Status:                True
    Type:                  SubmarinerConfigApplied
  Managed Cluster Info:
    Cluster Name:  acm-aws-nmanos-cluster-a-1
    Infra Id:      aws-nmanos-cluster-a-vwwbr
    Platform:      AWS
    Region:        us-west-1
    Vendor:        OpenShift
Events:            <none>

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Critical: Red Hat Advanced Cluster Management 2.5.2 security fixes and bug fixes), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:6507