Description of problem:
Customer is leveraging NodePort for service access through their DMZ for firewall purposes.
One of their application was idled and never came back when traffic resumed.
The observation is that the pod returned to service but was not accessible via the NodePort. The pod was accessible directly via its endpoints, non NodePort service / Route and via a new NodePort service.
The NodePort was correctly bound and listening on the host, but was not receiving any traffic.
Deleting the NodePort service did not remove the in use port from the host, but it did remove the service from etcd.
Version-Release number of selected component (if applicable):
First time this has been observed. Customer has 60 NodePort services.
Steps to Reproduce:
Service is inaccessible.
Should recover after unidling.
Verified this bug on 4.6.0-0.nightly-2020-08-20-234448
Following step in comment 9
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.