Skip to content

[release-4.21] OCPBUGS-77154: Refrain from adding Egress IP to public LB backend pool#205

Open
openshift-cherrypick-robot wants to merge 2 commits intoopenshift:release-4.21from
openshift-cherrypick-robot:cherry-pick-180-to-release-4.21
Open

[release-4.21] OCPBUGS-77154: Refrain from adding Egress IP to public LB backend pool#205
openshift-cherrypick-robot wants to merge 2 commits intoopenshift:release-4.21from
openshift-cherrypick-robot:cherry-pick-180-to-release-4.21

Conversation

@openshift-cherrypick-robot
Copy link

@openshift-cherrypick-robot openshift-cherrypick-robot commented Feb 23, 2026

This is an automated cherry-pick of #180

/assign arghosh93

@arghosh93
Rfrain from adding Egress IP to public LB backend pool
d07b19a 
This PR is to stop adding Egress IP to public load balancer
backend pool regardless of presence of an OutBoundRule in any
Azure cluster.

This change comes with a consequence of no outbound connectivity
except to the infrastructure subnet even if there is no OutBoundRule.

However this is required to tackle following situation:

- If an infra node is being used as an egressNode then health
check for egress IP also succeeds when it is added to public load
balancer and LB considers it as a legitimate ingress router backend.

- Limits the number of egress IP which can be created on a cluster
due to some Azure specific limitation.

Signed-off-by: Arnab Ghosh <arnabghosh89@gmail.com>
@arghosh93
Remove any Egress IP from Azure public LB backend
4301a69 
The consensus is to not add egress IP to public load balancer
backend pool regardless of the presence of an OutBoundRule.
During upgrade this PR let cobtroller removes any egress IP
added to public load balancer backend pool previously.

Signed-off-by: Arnab Ghosh <arnabghosh89@gmail.com>
@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Feb 23, 2026
Merged
@openshift-ci-robot
Copy link

openshift-ci-robot commented Feb 23, 2026

@openshift-cherrypick-robot: Jira Issue OCPBUGS-57447 has been cloned as Jira Issue OCPBUGS-77154. Will retitle bug to link to clone.

Jira Issue OCPBUGS-45056 has been cloned as Jira Issue OCPBUGS-77155. Will retitle bug to link to clone.
/retitle [release-4.21] OCPBUGS-77154,OCPBUGS-77155: Refrain from adding Egress IP to public LB backend pool

Details

In response to this:

This is an automated cherry-pick of #180

/assign arghosh93

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci bot changed the title [release-4.21] OCPBUGS-57447,OCPBUGS-45056: Refrain from adding Egress IP to public LB backend pool [release-4.21] OCPBUGS-77154,OCPBUGS-77155: Refrain from adding Egress IP to public LB backend pool Feb 23, 2026
@openshift-ci openshift-ci bot requested review from jcaamano and pliurh February 23, 2026 10:49
@openshift-ci-robot openshift-ci-robot added jira/severity-critical Referenced Jira bug's severity is critical for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. labels Feb 23, 2026
@openshift-ci-robot
Copy link

openshift-ci-robot commented Feb 23, 2026

@openshift-cherrypick-robot: This pull request references Jira Issue OCPBUGS-77154, which is invalid:

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

This pull request references Jira Issue OCPBUGS-77155, which is invalid:

  • release note text must be set and not match the template OR release note type must be set to "Release Note Not Required". For more information you can reference the OpenShift Bug Process.
  • expected dependent Jira Issue OCPBUGS-45056 to target a version in 4.22.0, but it targets "4.22" instead

Comment /jira refresh to re-evaluate validity if changes to the Jira bug are made, or edit the title of this pull request to link to a different bug.

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

This is an automated cherry-pick of #180

/assign arghosh93

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci-robot openshift-ci-robot added the jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. label Feb 23, 2026
@arghosh93
Copy link
Contributor

arghosh93 commented Feb 23, 2026

/retitle [release-4.21] OCPBUGS-77154: Refrain from adding Egress IP to public LB backend pool

@openshift-ci openshift-ci bot changed the title [release-4.21] OCPBUGS-77154,OCPBUGS-77155: Refrain from adding Egress IP to public LB backend pool [release-4.21] OCPBUGS-77154: Refrain from adding Egress IP to public LB backend pool Feb 23, 2026
@openshift-ci-robot openshift-ci-robot added jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. and removed jira/invalid-bug Indicates that a referenced Jira bug is invalid for the branch this PR is targeting. labels Feb 23, 2026
@openshift-ci-robot
Copy link

openshift-ci-robot commented Feb 23, 2026

@openshift-cherrypick-robot: This pull request references Jira Issue OCPBUGS-77154, which is valid. The bug has been moved to the POST state.

7 validation(s) were run on this bug
  • bug is open, matching expected state (open)
  • bug target version (4.21.z) matches configured target version for branch (4.21.z)
  • bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST)
  • release note text is set and does not match the template
  • dependent bug Jira Issue OCPBUGS-57447 is in the state Verified, which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA))
  • dependent Jira Issue OCPBUGS-57447 targets the "4.22.0" version, which is one of the valid target versions: 4.22.0
  • bug has dependents

Requesting review from QA contact:
/cc @anuragthehatter

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

This is an automated cherry-pick of #180

/assign arghosh93

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@arghosh93
Copy link
Contributor

arghosh93 commented Feb 26, 2026

/retest-required

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Feb 26, 2026
edited
Loading

@openshift-cherrypick-robot: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/security 4301a69 link false /test security

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@kyrtapz
Copy link
Contributor

kyrtapz commented Feb 26, 2026

/lgtm
/label backport-risk-assessed

@openshift-ci openshift-ci bot added the backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. label Feb 26, 2026
@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Feb 26, 2026
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Feb 26, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kyrtapz, openshift-cherrypick-robot

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 26, 2026
@arghosh93
Copy link
Contributor

arghosh93 commented Feb 26, 2026

/retest-required

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jcaamano jcaamano Awaiting requested review from jcaamano

@pliurh pliurh Awaiting requested review from pliurh

@anuragthehatter anuragthehatter Awaiting requested review from anuragthehatter

Assignees

@mffiedler mffiedler

@rbbratta rbbratta

@anuragthehatter anuragthehatter

@arghosh93 arghosh93

@huiran0826 huiran0826

@asood-rh asood-rh

@jechen0648 jechen0648

@qiowang721 qiowang721

@Meina-rh Meina-rh

@barbora137 barbora137

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. backport-risk-assessed Indicates a PR to a release branch has been evaluated and considered safe to accept. jira/severity-critical Referenced Jira bug's severity is critical for the branch this PR is targeting. jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. lgtm Indicates that a PR is ready to be merged.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.