CNO will (try to) let you migrate from single-stack to dual-stack regardless of what platform you are running on; it ought to only allow it on bare metal or "none". (That is, the `infrastructure.config.openshift.io` object named "cluster" should have a `.Status.PlatformStatus.Type` of `configv1.BareMetalPlatformType` or `configv1.NonePlatformType`.) (At least one customer has apparently tried to migrate a vSphere cluster to dual-stack.) Also, there's a FIXME in pkg/network/render.go:isNetworkChangeSafe(): // FIXME: the errors here currently do not actually mention dual-stack since it's // not supported yet. ie, all the errors just say "cannot change ClusterNetwork" / "cannot change ServiceNetwork", but now that we're not hiding the existence of dual-stack, we should give clearer errors like "unsupported change to ClusterNetwork" or "cannot change primary IP family when migrating to dual-stack"
(commented on PR)
Verification steps: Create a singlestack cluster in AWS. Once the cluster is up, apply this patch to start a migration to dualstack: ~~~ cat <<'EOF' > patch.yaml - op: add path: /spec/clusterNetwork/- value: cidr: fd01::/48 hostPrefix: 64 - op: add path: /spec/serviceNetwork/- value: fd02::/112 EOF ~~~ ~~~ oc patch network.config.openshift.io cluster \ --type='json' --patch-file patch.yaml ~~~ Make sure that you get the following error message: ~~~ $ oc get co | grep network network 4.10.0-0.nightly-2022-01-18-044014 True True True 8h The cluster configuration is invalid (DualStack deployments are allowed only for the BareMetal Platform type or the None Platform type). Use 'oc edit network.config.openshift.io cluster' to fix. ~~~ Make sure that migration from singlestack to dualstack works in a baremetal cluster.
Migration to dualstack prevented on AWS. network 4.11.0-0.nightly-2022-02-18-121223 True False True 29m The cluster configuration is invalid (DualStack deployments are allowed only for the BareMetal Platform type or the None Platform type). Use 'oc edit network.config.openshift.io cluster' to fix. status: conditions: - lastTransitionTime: "2022-02-22T11:41:13Z" status: "False" type: ManagementStateDegraded - lastTransitionTime: "2022-02-22T12:13:28Z" message: The cluster configuration is invalid (DualStack deployments are allowed only for the BareMetal Platform type or the None Platform type). Use 'oc edit network.config.openshift.io cluster' to fix. Testing baremetal migration.
Hi Ross! Could you get to testing the baremetal migration? Thanks!
Verified dual-stack conversion allowed on baremetal 4.11.0-0.nightly-2022-03-29-152521 platform: baremetal: apiVIP: 192.168.123.5 bootstrapProvisioningIP: 172.22.0.2 clusterProvisioningIP: 172.22.0.3 externalBridge: baremetal-0 hosts: - bmc: address: redfish://192.168.123.1:8000/redfish/v1/Systems/5ec73a70-55a9-4730-9a3e-98aff549566f disableCertificateVerification: true spec: clusterNetwork: - cidr: 10.128.0.0/14 hostPrefix: 23 - cidr: fd01::/48 hostPrefix: 64 defaultNetwork: ovnKubernetesConfig: gatewayConfig: routingViaHost: false genevePort: 6081 mtu: 1400 policyAuditConfig: destination: "null" maxFileSize: 50 rateLimit: 20 syslogFacility: local0 type: OVNKubernetes deployKubeProxy: false disableMultiNetwork: false disableNetworkDiagnostics: false logLevel: Normal managementState: Managed observedConfig: null operatorLogLevel: Normal serviceNetwork: - 172.30.0.0/16 - fd02::/112
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: OpenShift Container Platform 4.11.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:5069