Bug 1741260 - [RFE] Add validation on LoadBalancer migration to ensure externalIPs are allowed [NEEDINFO]
Summary: [RFE] Add validation on LoadBalancer migration to ensure externalIPs are allowed
Keywords:
Status: CLOSED DEFERRED
Alias: None
Product: Migration Toolkit for Containers
Classification: Red Hat
Component: General
Version: 1.3.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 1.4.z
Assignee: John Matthews
QA Contact: Xin jiang
Avital Pinnick
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-08-14 15:46 UTC by Sergio
Modified: 2021-04-08 02:54 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-04-08 02:54:29 UTC
Target Upstream Version:
dymurray: needinfo? (sregidor)


Attachments (Terms of Use)

Comment 1 Dylan Murray 2019-12-18 21:10:00 UTC
After digging into this, it appears that it's possible the OCP4 cluster may not be configured to allow users to create services with externalIPs. In OCP3 this was a setting in the `master-config-yaml` file. I am trying to learn more about how the cluster network operator can be configured to allow for external IPs.

Comment 2 Dylan Murray 2020-01-02 21:31:04 UTC
Okay, I have learned more and it appears that the migration here will succeed assuming the OCP4 cluster has been configured to allow for externalIPs. I was able to migrate a loadbalancer service to my OCP 4.2 cluster, but looking at the network configuration (Go to Administration->Cluster Settings->Global Configuration->Network) I do not have a configured `externalIP` policy:

spec:
  clusterNetwork:
    - cidr: 10.128.0.0/14
      hostPrefix: 23
  externalIP:
    policy: {}
  networkType: OpenshiftSDN
  serviceNetwork:
    - 172.30.0.0/16

I migrated a loadbalancer service and our plugin properly cleared the `externalIPs` from the service so that the OCP4 cluster assigned the svc a new external IP.

Sergio, could you please look at your cluster configuration on the target and see if it matches mine? I'm curious if different externalIP policies could be breaking this. If this is the case, we may need to solve this in the CPMA tool.

Comment 3 John Matthews 2020-03-28 15:10:04 UTC
Assuming that Sergio confirms this issue was related to a cluster configuration, I'd like to treat this BZ as a RFE to add more validations to CAM.
Tracking this under an epic in JIRA:  https://issues.redhat.com/browse/MIG-167
My initial thoughts are a validation at this level would require a different pattern than we've implemented up to now, I'm assigning this to next release as we build up more use-cases for expanded validation.

Comment 4 Erik Nelson 2021-04-08 02:54:29 UTC
Closing as this is quite old, and I expect that we'll continue to track this via the RFE Jira.


Note You need to log in before you can comment on or make changes to this bug.