Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1952917

Summary: LoadBalancer Service type with invalid external loadbalancer IP breaks the datapath
Product: OpenShift Container Platform Reporter: Aravindh Puthiyaparambil <aravindh>
Component: Windows ContainersAssignee: Aravindh Puthiyaparambil <aravindh>
Status: CLOSED ERRATA QA Contact: gaoshang <sgao>
Severity: high Docs Contact:
Priority: high    
Version: 4.7CC: aos-bugs, rrasouli, sgao
Target Milestone: ---   
Target Release: 4.7.z   
Hardware: x86_64   
OS: Windows   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Cause: empty IP address value in the load balancer ingress IP field is breaking the data path. Consequence: Kube proxy doesn't honor the ingress IP address being empty and plumbs an invalid HNS policy. Fix: The fix prevents the plumbing of such invalid HNS policy. Result: Data path is no longer broken
 Story Points: ---
Clone Of: 1952914 Environment:
Last Closed: 2021-06-23 05:39:31 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1952914    
Bug Blocks:    

Comment 1 Ronnie Rasouli 2021-05-06 12:46:20 UTC 
oc get all
NAME                                   READY   STATUS    RESTARTS   AGE
pod/linux-webserver-7bbd7888f9-l6gd7   1/1     Running   0          7m27s
pod/win-webserver-549cd7495d-kr8f4     1/1     Running   0          7m28s

NAME                      TYPE           CLUSTER-IP      EXTERNAL-IP                            PORT(S)          AGE
service/kubernetes        ClusterIP      172.30.0.1      <none>                                 443/TCP          140m
service/linux-webserver   LoadBalancer   172.30.46.206   20.40.246.84                           8080:32747/TCP   7m28s
service/openshift         ExternalName   <none>          kubernetes.default.svc.cluster.local   <none>           133m
service/win-webserver     LoadBalancer   172.30.135.82   20.40.246.81                           80:30131/TCP     7m28s

NAME                              READY   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/linux-webserver   1/1     1            1           7m27s
deployment.apps/win-webserver     1/1     1            1           7m28s

NAME                                         DESIRED   CURRENT   READY   AGE
replicaset.apps/linux-webserver-7bbd7888f9   1         1         1       7m27s
replicaset.apps/win-webserver-549cd7495d     1         1         1       7m28s
[cloud-user@PSI-VM ~]>curl 20.40.246.84:8080
Linux Container Web Server[cloud-user@PSI-VM ~]>curl 20.40.246.81
<html><body><H1>Windows Container Web Server</H1></body></html>[cloud-user@PSI-VM ~]>

Server Version: 4.7.0-0.nightly-2021-05-05-092347
Comment 4 errata-xmlrpc 2021-06-23 05:39:31 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Windows Container Support for Red Hat OpenShift 2.0.1 security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:2130