Description of problem: externalIPNetworkCIDR was introduced in release 3.2 but can not be set from the ansible installer. Also, As per the documentation : The new networkConfig.externalIPNetworkCIDR parameter has been added to the master-config.yaml file to control the allowable values for external IPs. By default, it is empty, which rejects all values. Cluster administrators can set it to 0.0.0.0/0 to emulate the behavior from OpenShift Enterprise 3.1. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. Installed 3.2 2. the parameter is not there in /etc/origin/master/master-config.yaml 3. Also, this cannot be set from the ansible installer. Actual results: The parameter is not there to make if effective Expected results: It should be there as the feature is clearly released-notes Additional info:
I believe the behavior was changed in this commit: https://github.com/openshift/origin/pull/7810/files#diff-381e09db7a55a712234f2c2413f7d987R315 I think the correct option name is 'externalIPNetworkCIDRs' (note the 's')? Clayton?
Jaspreet can you confirm that you use the correct option?
Current plan is to do the following: - Add support for configuring externalIPNetworkCIDRs to openshift-ansible - For 3.1 to 3.2 upgrades, set externalIPNetworkCIDRs to 0.0.0.0/0 (and persist the value in openshift-facts) to maintain the previous behavior - For new 3.2 installs, Only set externalIPNetworkCIDRs when the user specifies a value.
https://github.com/openshift/openshift-ansible/pull/2100
Verify this bug with openshift-ansible-3.3.15-1.git.0.a9fd72e.el7 rpm package Without setting openshift_master_external_ip_network_cidrs option in ansible inventory, externalIPNetworkCIDRs would be set as "0.0.0.0/0" by default ... externalIPNetworkCIDRs: - 0.0.0.0/0 With setting openshift_master_external_ip_network_cidrs=['10.100.0.0/16'] in inventory file, openshift-ansible will configure this IP range in master-config.yaml ... externalIPNetworkCIDRs: - 10.100.0.0/16
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2016:1933
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days