Description of problem:
When adding dns rules within an egress firewall, (seemingly random, more than 5), the firewall never applies successfully nor generates error messages indicating a failure.
This is reproduced on a clean OCP 4.7.4 cluster.
Version-Release number of selected component (if applicable):
If you add more than 5 DNS rules, it's more likely to reproduce. It's been seen with one. Doesn't always reproduce the same result.
Steps to Reproduce:
1. Install 4.7.4 cluster on vmware ipi, designate OVN-Kubernetes
2. Apply egress firewall definition yaml
Firewall does not apply, leaving egress unsecured.
Assigning to Jacob to investigate
We agreed that embargo is not necessary for this case.
The CVE-2021-3499 is public since now.
*** Bug 1949530 has been marked as a duplicate of this bug. ***
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.