From a426c349e47dbd3203bd378cc0599899fdb33775 Mon Sep 17 00:00:00 2001 From: Max Bridges Date: Mon, 28 Oct 2024 12:09:38 -0400 Subject: [PATCH] Add 'configDrive: true' to SR-IOV ShiftStack CR YAMLs Address OCPBUGS-43891 --- modules/machineset-yaml-osp-sr-iov-port-security.adoc | 4 +++- modules/machineset-yaml-osp-sr-iov.adoc | 2 ++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/modules/machineset-yaml-osp-sr-iov-port-security.adoc b/modules/machineset-yaml-osp-sr-iov-port-security.adoc index 149244158a..a094f24c90 100644 --- a/modules/machineset-yaml-osp-sr-iov-port-security.adoc +++ b/modules/machineset-yaml-osp-sr-iov-port-security.adoc @@ -82,10 +82,12 @@ spec: trunk: false userDataSecret: name: worker-user-data + configDrive: true <4> ---- <1> Specify allowed address pairs for the API and ingress ports. <2> Specify the machines network and subnet. <3> Specify the compute machines security group. +<4> The value of the `configDrive` parameter must be `true`. [NOTE] ==== @@ -94,4 +96,4 @@ Trunking is enabled for ports that are created by entries in the networks and su You can enable trunking for each port. Optionally, you can add tags to ports as part of their `tags` lists. -==== \ No newline at end of file +==== diff --git a/modules/machineset-yaml-osp-sr-iov.adoc b/modules/machineset-yaml-osp-sr-iov.adoc index 6715fa59f6..9dad5442e7 100644 --- a/modules/machineset-yaml-osp-sr-iov.adoc +++ b/modules/machineset-yaml-osp-sr-iov.adoc @@ -91,6 +91,7 @@ spec: userDataSecret: name: -user-data availabilityZone: + configDrive: true <5> ---- <1> Enter a network UUID for each port. <2> Enter a subnet UUID for each port. @@ -98,6 +99,7 @@ spec: <4> The value of the `portSecurity` parameter must be `false` for each port. + You cannot set security groups and allowed address pairs for ports when port security is disabled. Setting security groups on the instance applies the groups to all ports that are attached to it. +<5> The value of the `configDrive` parameter must be `true`. [IMPORTANT] ====