To land k8s bump (https://github.com/openshift/kubernetes/pull/862) I've disabled: - `[Feature:ServiceInternalTrafficPolicy]`, - `[sig-network] Networking Granular Checks: Services should function for node-Service: http` - `[sig-network] Netpol NetworkPolicy between server and client should enforce policy to allow traffic from pods within server namespace based on PodSelector` - `[sig-network] Netpol NetworkPolicy between server and client should enforce policy based on PodSelector with MatchExpressions` - `[sig-network] Netpol NetworkPolicy between server and client should enforce policy based on NamespaceSelector with MatchExpressions using default ns label` - `[sig-network] Netpol NetworkPolicy between server and client should enforce policy based on PodSelector or NamespaceSelector` - `[sig-network] Conntrack should be able to preserve UDP traffic when server pod cycles for a ClusterIP service` in openshift/kubernetes
Waiting for PR to merge before proceeding.
`[sig-network] Networking Granular Checks: Services should function for node-Service: http` `[sig-network] Conntrack should be able to preserve UDP traffic when server pod cycles for a ClusterIP service` The suites/tests above are passing on PRs latest test runs - e.g. https://storage.googleapis.com/origin-ci-test/pr-logs/pull/openshift_kubernetes/862/pull-ci-openshift-kubernetes-master-e2e-gcp/1423849437725200384/build-log.txt Netpol tests have been disabled and re-enabling won't be handled by this BZ.
I can see the tests: `[sig-network] Conntrack should be able to preserve UDP traffic when server pod cycles for a ClusterIP service` `[sig-network] Networking Granular Checks: Services should function for node-Service: http` ..are passing in the latest CI runs for your PR. I am trying to understand why they are disabled when I see them passing on the PR CI. Thanks,
For openshift-sdn, all tests are passing except 2 which I have left disabled until possible upstream fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1993845 Investigating ovn-k now.
For ovn-k, conformance is passing for the relevant test cases in the original PR, except for the 2 test cases outlined in: https://bugzilla.redhat.com/show_bug.cgi?id=1993845
2 PRs submitted to k8 upstream. Failing tests disable for now.
Added URL to remaining disabled netpol tests: https://bugzilla.redhat.com/show_bug.cgi?id=1980141 Looking for merge support now.
Could you have a look at the PR? Thank you.
Patch for openshift/kubernetes is merged. Produced PR in openshift/origin to consume the updates. PR: https://github.com/openshift/origin/pull/26428
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759