Bug 2100822 - [GCP] create gcpcluster get error
Summary: [GCP] create gcpcluster get error
Keywords:
Status: CLOSED DUPLICATE of bug 2107564
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Cloud Compute
Version: 4.11
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.11.z
Assignee: Alexander Demicev
QA Contact: Huali Liu
URL:
Whiteboard:
Depends On: 2107566
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-06-24 11:19 UTC by Huali Liu
Modified: 2022-08-25 10:08 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
: 2107566 (view as bug list)
Environment:
Last Closed: 2022-07-18 15:15:06 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift cluster-capi-operator pull 64 0 None open Bug 2100822: Add E2E for GCP 2022-06-24 13:17:24 UTC
Github openshift cluster-capi-operator pull 66 0 None open [release-4.11] Bug 2100822: Add E2E for GCP 2022-07-15 12:18:02 UTC

Description Huali Liu 2022-06-24 11:19:04 UTC 
Description of problem:
create gcpcluster get error

Version-Release number of selected component (if applicable):
4.11.0-0.nightly-2022-06-23-153912

How reproducible:
Always

Steps to Reproduce:
1. install a fresh cluster with feature gate
liuhuali@Lius-MacBook-Pro huali-test % oc get clusterversion
NAME      VERSION                              AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.11.0-0.nightly-2022-06-23-153912   True        False         97m     Cluster version is 4.11.0-0.nightly-2022-06-23-153912

2. create gcpcluster, yaml file as below:

apiVersion: infrastructure.cluster.x-k8s.io/v1beta1
kind: GCPCluster
metadata:
  name: huliu-gcp18-w98g7
  namespace: openshift-cluster-api
spec:
  region: us-central1
  project: openshift-qe
  network:
    name: huliu-gcp18-w98g7-network


liuhuali@Lius-MacBook-Pro huali-test % oc create -f my-gcpcluster.yaml
gcpcluster.infrastructure.cluster.x-k8s.io/huliu-gcp18-w98g7 created
liuhuali@Lius-MacBook-Pro huali-test % oc get gcpcluster             
NAME                CLUSTER             READY   NETWORK
huliu-gcp18-w98g7   huliu-gcp18-w98g7           huliu-gcp18-w98g7-network
liuhuali@Lius-MacBook-Pro huali-test % oc describe gcpcluster huliu-gcp18-w98g7 
Name:         huliu-gcp18-w98g7
Namespace:    openshift-cluster-api
Labels:       cluster.x-k8s.io/cluster-name=huliu-gcp18-w98g7
Annotations:  <none>
API Version:  infrastructure.cluster.x-k8s.io/v1beta1
Kind:         GCPCluster
Metadata:
  Creation Timestamp:             2022-06-24T08:36:21Z
  Deletion Grace Period Seconds:  0
  Deletion Timestamp:             2022-06-24T09:19:08Z
  Finalizers:
    gcpcluster.infrastructure.cluster.x-k8s.io
  Generation:  3
  Managed Fields:
    API Version:  infrastructure.cluster.x-k8s.io/v1beta1
    Fields Type:  FieldsV1
    fieldsV1:
      f:spec:
        .:
        f:project:
        f:region:
    Manager:      kubectl-create
    Operation:    Update
    Time:         2022-06-24T08:36:21Z
    API Version:  infrastructure.cluster.x-k8s.io/v1beta1
    Fields Type:  FieldsV1
    fieldsV1:
      f:metadata:
        f:labels:
          .:
          f:cluster.x-k8s.io/cluster-name:
        f:ownerReferences:
          .:
          k:{"uid":"fc2698c2-30fb-402d-a04b-2fcf1a72f975"}:
    Manager:      cluster-api-controller-manager
    Operation:    Update
    Time:         2022-06-24T08:36:26Z
    API Version:  infrastructure.cluster.x-k8s.io/v1beta1
    Fields Type:  FieldsV1
    fieldsV1:
      f:metadata:
        f:finalizers:
          .:
          v:"gcpcluster.infrastructure.cluster.x-k8s.io":
    Manager:      cluster-api-provider-gcp-controller-manager
    Operation:    Update
    Time:         2022-06-24T08:36:26Z
    API Version:  infrastructure.cluster.x-k8s.io/v1beta1
    Fields Type:  FieldsV1
    fieldsV1:
      f:metadata:
        f:annotations:
          .:
          f:kubectl.kubernetes.io/last-applied-configuration:
      f:spec:
        f:network:
          .:
          f:name:
    Manager:    kubectl-client-side-apply
    Operation:  Update
    Time:       2022-06-24T09:20:14Z
  Owner References:
    API Version:           cluster.x-k8s.io/v1beta1
    Block Owner Deletion:  true
    Controller:            true
    Kind:                  Cluster
    Name:                  huliu-gcp18-w98g7
    UID:                   fc2698c2-30fb-402d-a04b-2fcf1a72f975
  Resource Version:        78484
  UID:                     04098aca-61b6-49ad-80e1-bb46b207bb18
Spec:
  Network:
    Name:   huliu-gcp18-w98g7-network
  Project:  openshift-qe
  Region:   us-central1
Events:
  Type     Reason               Age                  From            Message
  ----     ------               ----                 ----            -------
  Warning  GCPClusterReconcile  4m8s (x24 over 45m)  gcp-controller  Reconcile error - googleapi: Error 403: Required 'compute.firewalls.create' permission for 'projects/openshift-qe/global/firewalls/allow-huliu-gcp18-w98g7-healthchecks'
More details:
Reason: forbidden, Message: Required 'compute.firewalls.create' permission for 'projects/openshift-qe/global/firewalls/allow-huliu-gcp18-w98g7-healthchecks'
Reason: forbidden, Message: Required 'compute.networks.updatePolicy' permission for 'projects/openshift-qe/global/networks/default'

Actual results:
create gcpcluster succeed, but cannot get Ready, reporting error.

Expected results:
create gcpcluster succeed, and can get Ready, no error.

Additional info:
Comment 3 Joel Speed 2022-07-14 15:38:50 UTC 
Could we check if this has been resolved in 4.12, if it has, we will attempt to backport the resolution to 4.11 as well
Comment 4 Huali Liu 2022-07-18 00:49:09 UTC 
(In reply to Joel Speed from comment #3)
> Could we check if this has been resolved in 4.12, if it has, we will attempt
> to backport the resolution to 4.11 as well

Thanks Joel, I just checked this has been resolved in 4.12 and verified https://bugzilla.redhat.com/show_bug.cgi?id=2107566
Comment 5 Joel Speed 2022-07-18 15:10:46 UTC 
PR is in place, waiting for the first 4.11.z stream release to merge
Comment 6 Joel Speed 2022-07-18 15:15:06 UTC 

*** This bug has been marked as a duplicate of bug 2107564 ***
Note You need to log in before you can comment on or make changes to this bug.