Antrea-native policies stayed in realizing status in some cases #5097

tnqn · 2023-06-07T15:02:37Z

Describe the bug

When no-op changes are applied to Antrea-native policies, such as adding or removing a non-existing group, there will be no datapath change but the generation has changed.

status:
  currentNodesRealized: 1
  desiredNodesRealized: 2
  observedGeneration: 4
  phase: Realizing

To Reproduce

Create the following policy:

apiVersion: crd.antrea.io/v1alpha1
kind: NetworkPolicy
metadata:
  name: allow-client-to-server
spec:
  priority: 1
  ingress:
    - action: Drop
      appliedTo:
      - podSelector: {}
      - group: abc # non-existing group
      name: abc

Then apply the following one which removes the group from appliedTo:

apiVersion: crd.antrea.io/v1alpha1
kind: NetworkPolicy
metadata:
  name: allow-client-to-server
spec:
  priority: 1
  ingress:
    - action: Drop
      appliedTo:
      - podSelector: {}
      name: abc

The policy will stay in "realizing"

Versions:

Antrea version (Docker image tag). ~v1.12.0

The text was updated successfully, but these errors were encountered:

tnqn added the kind/bug Categorizes issue or PR as related to a bug. label Jun 7, 2023

tnqn mentioned this issue Jun 7, 2023

Fix status report when no-op changes are applied to Antrea-native policies #5096

Merged

tnqn closed this as completed in #5096 Jun 8, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Antrea-native policies stayed in realizing status in some cases #5097

Antrea-native policies stayed in realizing status in some cases #5097

tnqn commented Jun 7, 2023

Antrea-native policies stayed in realizing status in some cases #5097

Antrea-native policies stayed in realizing status in some cases #5097

Comments

tnqn commented Jun 7, 2023