1868751 – MachineSets in GCP are failing to create Machines in a Shared (XPN) VPC environment

Bug 1868751 - MachineSets in GCP are failing to create Machines in a Shared (XPN) VPC environment

Summary: MachineSets in GCP are failing to create Machines in a Shared (XPN) VPC envir...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Cloud Compute
Sub Component:
Version:	4.5
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	4.5.z
Assignee:	Joel Speed
QA Contact:	Milind Yadav
Docs Contact:
URL:
Whiteboard:
Depends On:	1867262
Blocks:
TreeView+	depends on / blocked

Reported:	2020-08-13 17:43 UTC by OpenShift BugZilla Robot
Modified:	2021-01-31 12:05 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:	Feature: Added the projectID field to the networkInterfaces Reason: To allow machines to be booted in shared VPCs Result: Machines can now request to be created in a shared VPC
Clone Of:
Environment:
Last Closed:	2020-09-08 10:54:47 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	openshift cluster-api-provider-gcp pull 116	None	closed	[release-4.5] BUG 1868751: Support networks shared from a different project	2021-01-31 11:40:10 UTC
Red Hat Knowledge Base (Solution)	5757301	None	None	None	2021-01-31 12:05:52 UTC
Red Hat Product Errata	RHBA-2020:3510	None	None	None	2020-09-08 10:55:15 UTC

Comment 5 Milind Yadav 2020-08-20 12:45:43 UTC

VALIDATED ON - 4.5.0-0.nightly-2020-08-20-051434

Steps:
1. Do an cluster install on GCP using upi-on-gcp/versioned-installer-xpn profile [choose - disable_worker_machineset: "no"]
2. Update machineset with below for network and projectID values based on your env.
      .
      .
        networkInterfaces:
          - network: aos-qe-network
            projectID: openshift-qe-shared-vpc
            subnetwork: aos-qe-master-subnet
          projectID: openshift-qe
     .
     .
[you can get these values from the machines in gcp console after installation]
3.Add "Compute Network User" role to service account miyadav-751--openshift-m-fpzdb.gserviceaccount.com on the GCP host project mentioned in the template during installation - #host_project: "openshift-qe-shared-vpc"
get the service account name using - oc get credentialsrequests -n openshift-cloud-credential-operator openshift-machine-api-gcp -o json | jq -r '.status.providerStatus.serviceAccountID'

4.Scale the edited machineset 
new machines will be provisioned successfully and nodes are in ready state .
oc get machines -o wide 
.
.
miyadav-751-r6xv7-worker-n-cmrwk   Running   n1-standard-4   us-central1   us-central1-f   4m36s   miyadav-751-r6xv7-worker-n-cmrwk.c.openshift-qe.internal   gce://openshift-qe/us-central1-f/miyadav-751-r6xv7-worker-n-cmrwk   RUNNING


Expected - Machines should be provisioned successfully .

Additional Info:
Moved to VERIFIED

Comment 7 errata-xmlrpc 2020-09-08 10:54:47 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.5.8 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:3510

Note You need to log in before you can comment on or make changes to this bug.