Description of problem: MCO is supposed to monitor Network.Status.Migration in an OVN cluster. Hypershift has a different equivalent to MCO that is supposed to monitor Network changes? MCO monitors Network.Status.Migration from the cluster network configuration. This Network.Status.Migration is being already updated by CNO with the validated contents of Network.Spec.Migration from the operator network configuration. MCO should react to changes in Migration.MTU and if MTU.Machine.To is set render the appropriate MachineConfig containing the MTU configuration file with TARGET_MTU set to MTU.Machine.To and a dummy parameter (that will be ignored other than causing a reboot) for MTU.Network.To. This will result in the required rolling reboots as MTU.Machine.To or MTU.Network.To are set and then unset during the MTU migration procedure. https://github.com/openshift/enhancements/blob/master/enhancements/network/allow-mtu-changes.md#mco-automating-mtu-migration-rolling-reboots Version-Release number of selected component (if applicable): 4.11.0-0.nightly-2022-06-15-222801 How reproducible: Always Steps to Reproduce: 1. oc patch Network.operator.openshift.io cluster --type=merge --patch '{"spec": { "migration": { "mtu": { "network": { "from": 8901, "to": 8001 } , "machine": { "to" : 9001 } } } } }' 2. Wait for hosted cluster nodes to reboot 3. Actual results: Hosted cluster nodes don't reboot. Expected results: Hosted cluster nodes should reboot twice to perform the migration Additional info: MTU migration is required for runtime IPsec because we need to reduce the MTU by 46 bytes for ESP overhead.
Hi @rravaiol i think this bug is not related to ipsec and more related to mtu runtime change and i think you maybe need to assign it to jcaamano since he is the owner of the mtu change feature.
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days