Started around 8am UTC on Monday, Dec 7th. Example failure: https://prow.ci.openshift.org/view/gs/origin-ci-test/logs/periodic-ci-openshift-release-master-ocp-4.7-e2e-metal-ipi/1335944963518631936 +(./02_configure_host.sh:169): main(): sudo virsh net-destroy ostestbm Network ostestbm destroyed +(./02_configure_host.sh:170): main(): sudo virsh net-start ostestbm error: Failed to start network ostestbm error: internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table filter --insert LIBVIRT_INP --in-interface ostestbm --protocol tcp --destination-port 67 --jump ACCEPT: iptables: No chain/target/match by that name. There are also a lot of deprecation warnings around this bit, not sure if they're related. Bug 1683174 suggests something may be messing with libvirt's iptables rules (or a bug in CentOS).
We suspect ordering problem between starting libvirt and firewalld.
dev-scripts isn't hooked up to the OCP bugzilla automation so probably need to put this ON_QA ourselves. QE: This should be able to be moved to verified, this was a CI-only bug that is now resolved.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633