Bug 1950113 - in-cluster operators need an API for additional AWS tags
Summary: in-cluster operators need an API for additional AWS tags
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 4.8
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: ---
: 4.8.0
Assignee: Matthew Staebler
QA Contact: Pedro Amoedo
URL:
Whiteboard:
Depends On:
Blocks: 1954152
TreeView+ depends on / blocked
 
Reported: 2021-04-15 19:04 UTC by Matthew Staebler
Modified: 2021-07-27 23:01 UTC (History)
0 users

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
No feature tracked in epic
Clone Of:
Environment:
Last Closed: 2021-07-27 23:01:26 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift api pull 864 0 None open Bug 1950113: config: add aws usertags to infrastructure 2021-04-15 19:06:15 UTC
Github openshift cluster-config-operator pull 199 0 None open Bug 1950113: vendor: bump to the latest openshift/api 2021-04-26 13:39:16 UTC
Github openshift installer pull 4755 0 None open Bug 1950113: manifests: populate aws user tags in infrastructure 2021-04-21 05:18:54 UTC
Red Hat Product Errata RHSA-2021:2438 0 None None None 2021-07-27 23:01:42 UTC

Description Matthew Staebler 2021-04-15 19:04:24 UTC 
When a cluster is installed with user-provided tags to add to AWS resources, the in-cluster operators need to be able to read those tags from somewhere so that the operators can also apply the tags.
Comment 1 Matthew Staebler 2021-04-15 19:05:11 UTC 
https://github.com/openshift/enhancements/pull/706
Comment 10 Pedro Amoedo 2021-04-28 16:33:39 UTC 
[QA Status]

Since the current nightly "4.8.0-0.nightly-2021-04-28-124654" doesn't contain yet the corresponding PRs, I've proceeded with version "4.8.0-0.ci-2021-04-28-134626" and the resourceTags are now present as expected:

[Installer Parameters]

~~~
platform:
  aws:
    region: eu-west-3
    userTags:
      adminContact: pamoedo
      costCenter: 1981
      customTag: test
    experimentalPropagateUserTags: true
~~~

[Cluster Version]

~~~
$ oc get clusterversion
NAME      VERSION                        AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.8.0-0.ci-2021-04-28-134626   True        False         12m     Cluster version is 4.8.0-0.ci-2021-04-28-134626
~~~

[Infra Resource Tags]

~~~
$ oc get infrastructures.config.openshift.io -o yaml | grep -A6 " resourceTags"
        resourceTags:
        - key: adminContact
          value: pamoedo
        - key: costCenter
          value: "1981"
        - key: customTag
          value: test
~~~

[Additional Checks]

The tags are still present in the rest of resources created by the installer, including now also the volumes, for example:

~~~
$ aws ec2 describe-tags | grep customTag
TAGS	customTag	igw-0ba4ca659f2b092d8	internet-gateway	test
TAGS	customTag	subnet-010631284c3765029	subnet	test
TAGS	customTag	subnet-0187098a1f2fe706b	subnet	test
TAGS	customTag	subnet-03676fa23461b0c7c	subnet	test
TAGS	customTag	subnet-08cd5beb4ef8c3945	subnet	test
TAGS	customTag	subnet-0b5e70bcb16008c44	subnet	test
TAGS	customTag	subnet-0de03fe63889cff16	subnet	test
TAGS	customTag	sg-040821bec73d0aed7	security-group	test
TAGS	customTag	sg-087cf3366b1cd10a1	security-group	test
TAGS	customTag	sg-0c2168fb59962fb0a	security-group	test
TAGS	customTag	eipalloc-0516f20a21eaa6b03	elastic-ip	test
TAGS	customTag	eipalloc-07b155607c352bdfd	elastic-ip	test
TAGS	customTag	eipalloc-0bab68b05378ec621	elastic-ip	test
TAGS	customTag	rtb-0095b149c845adf74	route-table	test
TAGS	customTag	rtb-012d2892ca671261b	route-table	test
TAGS	customTag	rtb-097506381f76403e5	route-table	test
TAGS	customTag	rtb-0ad9880c820432594	route-table	test
TAGS	customTag	rtb-0ed89d867ec78d52b	route-table	test
TAGS	customTag	rtb-0ee5dc72a57311536	route-table	test
TAGS	customTag	eni-0617206a2c6a1c308	network-interface	test
TAGS	customTag	eni-080caed74b7682304	network-interface	test
TAGS	customTag	eni-0bd51addf56920964	network-interface	test
TAGS	customTag	i-042878c25d0b92b49	instance	test
TAGS	customTag	i-047dd8d0896aadeac	instance	test
TAGS	customTag	i-07bbf8cee335ac691	instance	test
TAGS	customTag	i-08efe7f38df7323bb	instance	test
TAGS	customTag	i-0e863588898608d29	instance	test
TAGS	customTag	i-0ea8dcc861571d688	instance	test
TAGS	customTag	vpc-04b79e71f80adcf18	vpc	test
TAGS	customTag	nat-001bc3c67c15ed952	natgateway	test
TAGS	customTag	nat-03ce2964094f818d8	natgateway	test
TAGS	customTag	nat-050b1e6da085ff1a4	natgateway	test
TAGS	customTag	vpce-01f64913efbfad6f0	vpc-endpoint	test
TAGS	customTag	vpce-096a66730fe93dbc9	vpc-endpoint	test
TAGS	customTag	vpce-0c9d765bedb63f9d3	vpc-endpoint	test
TAGS	customTag	dopt-01d655ea112a11850	dhcp-options	test
TAGS	customTag	dopt-06c416d45122ab043	dhcp-options	test
TAGS	customTag	dopt-0febbeb7a97f52adb	dhcp-options	test
TAGS	customTag	vol-0092e61a05313681f	volume	test
TAGS	customTag	vol-01343392325f6f4e4	volume	test
TAGS	customTag	vol-04adb99059c4424ce	volume	test
TAGS	customTag	vol-04b2b90c2c85076d5	volume	test
TAGS	customTag	vol-08eadeec209602a2d	volume	test
TAGS	customTag	vol-0d91403f4d3dd030d	volume	test
~~~

Best Regards.
Comment 13 errata-xmlrpc 2021-07-27 23:01:26 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:2438
Note You need to log in before you can comment on or make changes to this bug.