1613438 – OpenShift on OpenStack Ansible Installer creates CNS security group when openshift_openstack_num_cns is set to zero

Bug 1613438 - OpenShift on OpenStack Ansible Installer creates CNS security group when openshift_openstack_num_cns is set to zero

Summary: OpenShift on OpenStack Ansible Installer creates CNS security group when open...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Installer
Sub Component:
Version:	3.10.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	3.11.z
Assignee:	aos-install
QA Contact:	Gaoyun Pei
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-08-07 14:28 UTC by rlopez
Modified:	2021-07-21 18:20 UTC (History)
CC List:	8 users (show)
Fixed In Version:	3.11
Doc Type:	Bug Fix
Doc Text:	Cause: The Openshift Ansible Installer did not check if any CNS are created before creating a security group. Consequence: It would create a security group for CNS even when there were none created. Fix: The Openshift Ansible Installer checks that openshift_openstack_num_cns is greater than zero before creating a security group for CNS. Result: CNS security groups are only created when there is at least one CNS created
Clone Of:
Environment:
Last Closed:	2019-01-10 09:03:58 UTC
Target Upstream Version:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2019:0024	0	None	None	None	2019-01-10 09:04:05 UTC

Description rlopez 2018-08-07 14:28:05 UTC

Description of problem:

During the provisioning process, the openshift ansible installer creates a security group labeled: "openshift-ansible-openshift.example.com-cns-secgrp" , even though no CNS is used during the deployment. 

Can we set a flag not to create the security group if the variable "openshift_openstack_num_cns" within all.yml is set to zero?

Comment 1 Tzu-Mainn Chen 2018-09-14 15:27:18 UTC

https://github.com/openshift/openshift-ansible/pull/10081

Comment 2 Vadim Rutkovsky 2018-10-12 11:03:18 UTC

3.11 cherrypick - https://github.com/openshift/openshift-ansible/pull/10391

Comment 3 Vadim Rutkovsky 2018-10-15 09:10:17 UTC

Fix is available in openshift-ansible-3.11.23-1

Comment 4 egarcia 2018-10-22 12:40:17 UTC

https://github.com/openshift/openshift-ansible/pull/10081

Comment 5 egarcia 2018-10-29 13:52:14 UTC

A patch has been merged.

Comment 7 Wei Sun 2018-11-06 05:50:37 UTC

Please help check if this bug could be verified,thanks!

Comment 10 errata-xmlrpc 2019-01-10 09:03:58 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0024

Note You need to log in before you can comment on or make changes to this bug.