Description of problem (please be detailed as possible and provide log snippests): CIDR ranges entered as part of a cluster in the DRPolicy is not validated for correctness and allows incorrect values. Request addition of CIDR validation in DRPolicy.
Tested with 3 OCP clusters, say hub, c1, and c2 Version: OCP: 4.11.0-0.nightly-2022-07-29-173905 ODF: 4.11.0-129 CEPH: 16.2.7-112.el8cp (e18db2ff03ac60c64a18f3315c032b9d5a0a3b8f) pacific (stable) ACM: 2.5.1 Updated with invalid format CIDRs as: 10.1.161@42/32, 10.1.161-43/32, 10.1.161.ab/32, and validation of CIDrs fails as expected. Based on observation moving bz to verified state. Snippet output: apiVersion: ramendr.openshift.io/v1alpha1 kind: DRCluster metadata: annotations: drcluster.ramendr.openshift.io/storage-clusterid: openshift-storage drcluster.ramendr.openshift.io/storage-driver: openshift-storage.rbd.csi.ceph.com drcluster.ramendr.openshift.io/storage-secret-name: rook-csi-rbd-provisioner drcluster.ramendr.openshift.io/storage-secret-namespace: openshift-storage creationTimestamp: "2022-07-31T07:37:09Z" finalizers: - drclusters.ramendr.openshift.io/ramen generation: 10 labels: cluster.open-cluster-management.io/backup: resource name: akrai-j31-c2 resourceVersion: "6717243" uid: 2477f79e-9f16-418f-b99b-1a47278a051b spec: cidrs: - 10.1.161@42/32 - 10.1.161.13/32 - 10.1.161.14/32 - 10.1.161.10/32 - 10.1.161.38/32 - 10.1.161.11/32 s3ProfileName: s3profile-akrai-j31-c2-ocs-external-storagecluster status: conditions: - lastTransitionTime: "2022-08-02T06:53:19Z" message: Cluster Clean observedGeneration: 9 reason: Clean status: "False" type: Fenced - lastTransitionTime: "2022-08-02T06:53:19Z" message: Cluster Clean observedGeneration: 9 reason: Clean status: "True" type: Clean - lastTransitionTime: "2022-08-02T07:00:51Z" message: invalid CIDRs specified 10.1.161@42/32 observedGeneration: 10 reason: ValidationFailed status: "False" type: Validated phase: Available Ramen failure logs: 1.6594231194428225e+09 INFO controllers.drcluster util/mw_util.go:245 ManifestWork exists. {"name": "akrai-j31-c2", "name": "ramen-dr-cluster", "namespace": "akrai-j31-c2"} 1.6594231194710832e+09 ERROR controllers.drcluster controllers/drcluster_controller.go:137 ValidationFailed {"name": "akrai-j31-c2", "error": "invalid CIDR address: 10.1.161.ab/32"} github.com/ramendr/ramen/controllers.(*DRClusterReconciler).Reconcile /remote-source/app/controllers/drcluster_controller.go:137 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Reconcile /remote-source/deps/gomod/pkg/mod/sigs.k8s.io/controller-runtime.2/pkg/internal/controller/controller.go:114 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler /remote-source/deps/gomod/pkg/mod/sigs.k8s.io/controller-runtime.2/pkg/internal/controller/controller.go:311 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem /remote-source/deps/gomod/pkg/mod/sigs.k8s.io/controller-runtime.2/pkg/internal/controller/controller.go:266 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2 /remote-source/deps/gomod/pkg/mod/sigs.k8s.io/controller-runtime.2/pkg/internal/controller/controller.go:227 1.6594231194711561e+09 INFO controllers.drcluster controllers/drcluster_controller.go:279 condition unchanged {"name": "akrai-j31-c2", "type": "Validated", "status": "False", "reason": "ValidationFailed", "message": "invalid CIDRs specified 10.1.161.ab/32", "generation": 7} 1.6594231194712183e+09 INFO controllers.drcluster controllers/drcluster_controller.go:281 Nothing to update {Phase:Available Conditions:[{Type:Fenced Status:False ObservedGeneration:6 LastTransitionTime:2022-08-02 06:47:42 +0000 UTC Reason:Clean Message:Cluster Clean} {Type:Clean Status:True ObservedGeneration:6 LastTransitionTime:2022-08-02 06:47:42 +0000 UTC Reason:Clean Message:Cluster Clean} {Type:Validated Status:False ObservedGeneration:7 LastTransitionTime:2022-08-02 06:50:37 +0000 UTC Reason:ValidationFailed Message:invalid CIDRs specified 10.1.161.ab/32}]} {"name": "akrai-j31-c2"} 1.659423119471228e+09 INFO controllers.drcluster controller/controller.go:114 reconcile exit {"name": "akrai-j31-c2"} 1.6594231194713376e+09 ERROR controller.drcluster controller/controller.go:266 Reconciler error {"reconciler group": "ramendr.openshift.io", "reconciler kind": "DRCluster", "name": "akrai-j31-c2", "namespace": "", "error": "drclusters CIDRs validate: invalid CIDRs specified 10.1.161.ab/32"} sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem /remote-source/deps/gomod/pkg/mod/sigs.k8s.io/controller-runtime.2/pkg/internal/controller/controller.go:266 sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2 /remote-source/deps/gomod/pkg/mod/sigs.k8s.io/controller-runtime.2/pkg/internal/controller/controller.go:227 Screenshot: http://rhsqe-repo.lab.eng.blr.redhat.com/OCS/ocs-qe-bugs/bz2058211
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: Red Hat OpenShift Data Foundation 4.11.0 security, enhancement, & bugfix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2022:6156