Bug 1924701 - Cluster destroy fails when using byo with Kuryr
Summary: Cluster destroy fails when using byo with Kuryr
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Networking
Version: 4.7
Hardware: Unspecified
OS: Unspecified
high
medium
Target Milestone: ---
: 4.8.0
Assignee: Maysa Macedo
QA Contact: GenadiC
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-02-03 13:30 UTC by Maysa Macedo
Modified: 2022-03-28 14:54 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-07-27 22:40:55 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift installer pull 4616 0 None closed Bug 1924701: Fix cluster destroy when byo is used with Kuryr 2021-02-14 08:58:27 UTC
Github openshift installer pull 4637 0 None open bug 1924701: Fix FIP detach from Router 2021-02-15 07:42:44 UTC
Red Hat Product Errata RHSA-2021:2438 0 None None None 2021-07-27 22:41:21 UTC

Description Maysa Macedo 2021-02-03 13:30:20 UTC 
Description of problem:

With the recent removal of tagging the provided primary Network used for the Nodes the cluster destroy is unable to identify the custom Router and remove the interfaces attached to it.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 2 rlobillo 2021-02-09 17:10:22 UTC 
Failed on OCP4.7.0-0.nightly-2021-02-09-024347 on OSP13 (2021-01-20.1) with amphoras

The cluster destroy operation is unexpectedly removing a FIP that was created before running the installation:

1. Subnet creation:
$ openstack network create manual-machine-network
$ openstack subnet create manual-machine-subnet --network manual-machine-network --gateway 10.196.0.1 --subnet-range 10.196.0.0/16 --dns-nameserver 10.46.0.31
$ openstack router create machine-router
$ openstack router set machine-router  --external-gateway nova
$ openstack router add subnet machine-router manual-machine-subnet

2. Installer VM creation:
(overcloud)
$ openstack flavor create --ram 8192 --disk 40 --vcpus 2 --public m1.medium
(shiftstackrc)
$ wget http://download.devel.redhat.com/released/RHEL-8/8.2.0/BaseOS/x86_64/images/rhel-guest-image-8.2-290.x86_64.qcow2
$ openstack image create "rhel74"   --file rhel-guest-image-8.2-290.x86_64.qcow2   --disk-format qcow2 --container-format bare
$ openstack security group create admin_sg --description admin_sg_group
$ openstack security group rule create --protocol tcp --dst-port 22:22 --remote-ip 0.0.0.0/0 admin_sg
$ openstack security group rule create --protocol icmp admin_sg
$ openstack server create --flavor m1.medium --image rhel74 --key-name id_rsa --nic net-id=manual-machine-network --security-group admin_sg installer	
$ openstack floating ip set --port $port_id <FLOATING_IP>
>> Login on the installer server and modify /etc/hosts to the vip
>> copy shiftstackrc, overcloudrc, clouds.yaml, install-config.yaml, oc client and openshift-intaller.
>> install certificate and run update-ca-trust extract
>> cp ~/.ssh/id_rsa from undercloud to installer

3. Perform installation:

$ ./4.7.0-0.nightly-2021-02-09-024347/openshift-install create cluster --dir ostest --log-level debug

with this install-config.yaml:

# This file is autogenerated by infrared openshift plugin                                                                                                                                    
apiVersion: v1                                                                                                                                                                               
baseDomain: "shiftstack.com"                                                                                                                                                                 
clusterID:  "8854a853-fe89-5a0f-a2d6-e73a0d36db72"                                                                                                                                           
compute:                                                                                                                                                                                     
- name: worker                                                                                                                                                                               
  platform:                                                                                                                                                                                  
    openstack:
      zones: []
  replicas: 3                                                                                                                                                                                
controlPlane:                                                                                                                                                                                
  name: master                                                                                                                                                                               
  platform:
    openstack:
      zones: []
    replicas: 3
metadata:
  name: "ostest"
networking:
  clusterNetworks:
  - cidr:             10.128.0.0/14
    hostSubnetLength: 9
  serviceCIDR: 172.30.0.0/16
  machineCIDR: 10.196.0.0/16
  type: "Kuryr"
platform:
  openstack:
    externalNetwork:  "nova"
    cloud:            "shiftstack"
    region:           "regionOne"
    computeFlavor:    "m4.xlarge"
    machinesSubnet: 4366eda4-fc14-4c90-b283-4ada12be45c5
pullSecret: <hidden>

once installation is finished, run the destroy:

(shiftstack) [cloud-user@installer ~]$ ./4.7.0-0.nightly-2021-02-09-024347/openshift-install destroy cluster --dir ostest --log-level debug                                                  
DEBUG OpenShift Installer 4.7.0-0.nightly-2021-02-09-024347
DEBUG Built from commit c0489117068cb00c5222bb0762a87605f41ebe04
DEBUG Removing interfaces from custom router
DEBUG Removing Subnet "c15427a2-93c4-4375-b09a-12fed0275c57" from Router "86c37080-31a2-4aca-a361-5f9ba19b8ab5"          

...and lost connectivity to the installer VM.

I reconnected to the undercloud and I checked that the installer VM had lost its FIP. 
I attached again and saw that the cluster destroy was performed successfully.
Comment 4 rlobillo 2021-02-23 13:12:01 UTC 
Verified on OCP4.8.0-0.nightly-2021-02-21-102854 over OSP13 (2021-01-20.1) with amphora provider.

FIPless Cluster is correctly destroyed without removing unexpected resources:

$ openshift-install destroy cluster --dir ostest --log-level debug
[...]
DEBUG Purging asset "Metadata" from disk           
DEBUG Purging asset "Master Ignition Customization Check" from disk 
DEBUG Purging asset "Worker Ignition Customization Check" from disk 
DEBUG Purging asset "Terraform Variables" from disk 
DEBUG Purging asset "Kubeconfig Admin Client" from disk 
DEBUG Purging asset "Kubeadmin Password" from disk 
DEBUG Purging asset "Certificate (journal-gatewayd)" from disk 
DEBUG Purging asset "Cluster" from disk            
INFO Time elapsed: 16m32s
Comment 7 errata-xmlrpc 2021-07-27 22:40:55 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:2438
Note You need to log in before you can comment on or make changes to this bug.