OCPBUGS-81526: Branch Sync release-4.20 to release-4.19 [03-03-2026] by openshift-pr-manager[bot] · Pull Request #3034 · openshift/ovn-kubernetes

openshift-pr-manager · 2026-03-03T18:01:44Z

Automated branch sync: release-4.20 to release-4.19.

On breth0 we had the following flow for serviceCIDR: https://github.com/ovn-kubernetes/ovn-kubernetes/blob/6082160282cf263efd162c0d04ca81ae3c9ecda7/go-controller/pkg/node/gateway_shared_intf.go#L427 that was pinned to `ip` and hence ipv6 singlestack environments were not getting created correcly. We would end up with this following error: E0708 08:42:22.397822 12930 openflow_manager.go:133] Failed to add flows, error: exit status 1, stderr, ovs-ofctl: -:2: fd02::1: invalid IP address , flows: map[DEFAULT:[cookie=0xdeff105, priority=205, in_port=1, dl_dst=00:35:01:a6:81:fe, udp6, udp_dst=6081, actions=output:LOCAL cookie=0xdeff105, priority=200, in_port=1, udp6, udp_dst=6081, actions=NORMAL cookie=0xdeff105, priority=200, in_port=LOCAL, udp6, udp_dst=6081, actions=output:1 cookie=0xdeff105, priority=500, in_port=2, ipv6, ipv6_dst=fd69::2, ipv6_src=fd2e:6f44:5dd8:c956::19,actions=ct(commit,zone=64001,nat(dst=fd2e:6f44:5dd8:c956::19),table=4) cookie=0xdeff105, priority=500, in_port=3, ipv6, ipv6_dst=fd69::2, ipv6_src=fd2e:6f44:5dd8:c956::19,actions=ct(commit,zone=64001,nat(dst=fd2e:6f44:5dd8:c956::19),table=4) cookie=0xdeff105, priority=500, in_port=2, ipv6, ipv6_dst=fd00:1101::1bcd:4ef3:764:ec61, ipv6_src=fd2e:6f44:5dd8:c956::19,actions=ct(commit,zone=64001,table=4) cookie=0xdeff105, priority=500, in_port=3, ipv6, ipv6_dst=fd00:1101::1bcd:4ef3:764:ec61, ipv6_src=fd2e:6f44:5dd8:c956::19,actions=ct(commit,zone=64001,table=4) cookie=0xdeff105, priority=500, in_port=2, ipv6, ipv6_dst=fd2e:6f44:5dd8:ca56::19, ipv6_src=fd2e:6f44:5dd8:c956::19,actions=ct(commit,zone=64001,table=4) cookie=0xdeff105, priority=500, in_port=3, ipv6, ipv6_dst=fd2e:6f44:5dd8:ca56::19, ipv6_src=fd2e:6f44:5dd8:c956::19,actions=ct(commit,zone=64001,table=4) cookie=0xdeff105, priority=500, in_port=LOCAL, ipv6, ipv6_dst=fd69::1,actions=ct(zone=64002,nat,table=5) cookie=0xdeff105, priority=500, in_port=LOCAL, ipv6, ipv6_dst=fd02::/112, actions=ct(commit,zone=64001,nat(src=fd69::2),table=2) cookie=0xdeff105, priority=550, in_port=LOCAL, ipv6, ipv6_src=fd69::/112, ipv6_dst=fd02::/112, actions=ct(commit,zone=64001,table=2) cookie=0xdeff105, priority=550, in_port=LOCAL, ipv6, ipv6_src=fdc4:1042:13::/56, ipv6_dst=fd02::/112, actions=ct(commit,zone=64001,table=2) cookie=0xdeff105, priority=500, in_port=2, ipv6, ipv6_src=fd02::/112, ipv6_dst=fd69::/112,actions=ct(zone=64001,nat,table=3) cookie=0xdeff105, priority=105, in_port=2, ipv6, ipv6_dst=fd02::/112,actions=drop cookie=0xdeff105, priority=500, in_port=3, ipv6, ipv6_src=fd02::/112, ipv6_dst=fd69::/112,actions=ct(zone=64001,nat,table=3) cookie=0xdeff105, priority=105, in_port=3, ipv6, ipv6_dst=fd02::/112,actions=drop cookie=0xdeff105, priority=110, table=0, in_port=1, ipv6, nw_frag=yes, actions=ct(table=0,zone=64004) cookie=0xdeff105, priority=100, table=1, ipv6, ct_state=+trk+est, ct_mark=0x1, actions=output:2 cookie=0xdeff105, priority=100, table=1, ipv6, ct_state=+trk+rel, ct_mark=0x1, actions=output:2 cookie=0xdeff105, priority=100, table=1, ipv6, ct_state=+trk+est, ct_mark=0x4, actions=output:3 cookie=0xdeff105, priority=100, table=1, ipv6, ct_state=+trk+rel, ct_mark=0x4, actions=output:3 cookie=0xdeff105, priority=100, table=1, ip6, ct_state=+trk+est, ct_mark=0x2, actions=output:LOCAL cookie=0xdeff105, priority=100, table=1, ip6, ct_state=+trk+rel, ct_mark=0x2, actions=output:LOCAL cookie=0xdeff105, priority=10, table=1, dl_dst=00:35:01:a6:81:fe, actions=output:LOCAL cookie=0xdeff105, priority=100, table=2, actions=set_field:00:35:01:a6:81:fe->eth_dst,output:2 cookie=0xdeff105, priority=200, table=2, ip6, ipv6_src=fdc4:1042:13::/56, actions=set_field:00:35:01:a6:81:fe->eth_dst,output:3 cookie=0xdeff105, priority=200, table=2, ip6, pkt_mark=0x1001, actions=set_field:00:35:01:a6:81:fe->eth_dst,output:3 cookie=0xdeff105, table=3, actions=move:NXM_OF_ETH_DST[]->NXM_OF_ETH_SRC[],set_field:00:35:01:a6:81:fe->eth_dst,output:LOCAL cookie=0xdeff105, table=4,ipv6, actions=ct(commit,zone=64002,nat(src=fd69::1),table=3) cookie=0xdeff105, table=5, ipv6, actions=ct(commit,zone=64001,nat,table=2) cookie=0xdeff105, priority=10, table=0, in_port=1, dl_dst=00:35:01:a6:81:fe, actions=output:2,output:3,output:LOCAL cookie=0xdeff105, priority=10, table=0, in_port=3, dl_src=00:35:01:a6:81:fe, actions=output:NORMAL cookie=0xdeff105, priority=9, table=0, in_port=3, actions=drop cookie=0xdeff105, priority=10, table=0, in_port=2, dl_src=00:35:01:a6:81:fe, actions=output:NORMAL cookie=0xdeff105, priority=9, table=0, in_port=2, actions=drop cookie=0xdeff105, priority=105, in_port=2, dl_src=00:35:01:a6:81:fe, ipv6, pkt_mark=0x3f0 actions=ct(commit, zone=64000, nat(src=fd2e:6f44:5dd8:c956::19), exec(set_field:0x1->ct_mark)),output:1 cookie=0xdeff105, priority=100, in_port=2, dl_src=00:35:01:a6:81:fe, ipv6, actions=ct(commit, zone=64000, exec(set_field:0x1->ct_mark)), output:1 cookie=0xdeff105, priority=102, in_port=2, dl_src=00:35:01:a6:81:fe, ipv6, ipv6_dst=fd00:1101::1bcd:4ef3:764:ec61/128, actions=ct(commit, zone=64000, exec(set_field:0x1->ct_mark)), output:NORMAL cookie=0xdeff105, priority=102, in_port=2, dl_src=00:35:01:a6:81:fe, ipv6, ipv6_dst=fd2e:6f44:5dd8:c956::19/128, actions=ct(commit, zone=64000, exec(set_field:0x1->ct_mark)), output:NORMAL cookie=0xdeff105, priority=102, in_port=2, dl_src=00:35:01:a6:81:fe, ipv6, ipv6_dst=fd2e:6f44:5dd8:ca56::19/128, actions=ct(commit, zone=64000, exec(set_field:0x1->ct_mark)), output:NORMAL cookie=0xdeff105, priority=102, in_port=2, dl_src=00:35:01:a6:81:fe, icmp6, icmpv6_type=135, actions=ct(commit, zone=64000, exec(set_field:0x1->ct_mark)), output:NORMAL cookie=0xdeff105, priority=102, in_port=2, dl_src=00:35:01:a6:81:fe, icmp6, icmpv6_type=136, actions=ct(commit, zone=64000, exec(set_field:0x1->ct_mark)), output:NORMAL cookie=0xdeff105, priority=105, in_port=3, dl_src=00:35:01:a6:81:fe, ipv6, pkt_mark=0x3f0 actions=ct(commit, zone=64000, nat(src=fd2e:6f44:5dd8:c956::19), exec(set_field:0x4->ct_mark)),output:1 cookie=0xdeff105, priority=100, in_port=3, dl_src=00:35:01:a6:81:fe, ipv6, ipv6_src=fd69::b, actions=ct(commit, zone=64000, nat(src=fd2e:6f44:5dd8:c956::19), exec(set_field:0x4->ct_mark)), output:1 cookie=0xdeff105, priority=100, in_port=LOCAL, ipv6, actions=ct(commit, zone=64000, exec(set_field:0x2->ct_mark)), output:1 cookie=0xdeff105, priority=50, in_port=1, ipv6, actions=ct(zone=64000, nat, table=1) cookie=0xdeff105, priority=104, in_port=2, ipv6, ipv6_src=fd01::/48, actions=drop cookie=0xdeff105, priority=109, in_port=2, dl_src=00:35:01:a6:81:fe, ipv6, ipv6_src=fd01:0:0:6::/64actions=ct(commit, zone=64000, exec(set_field:0x1->ct_mark)), output:1 cookie=0xdeff105, priority=15, table=1, ipv6, ipv6_dst=fd01::/48, actions=output:2 cookie=0xdeff105, priority=16, table=1, ipv6, ipv6_dst=fd01:0:0:6::2, actions=output:LOCAL cookie=0xdeff105, priority=15, table=1, ipv6, ipv6_dst=fdc4:1042:13::/56, actions=output:3 cookie=0xdeff105, priority=16, table=1, ipv6, ipv6_dst=fdc4:1042:13:3::2, actions=output:LOCAL cookie=0xdeff105, priority=10, table=1, dl_dst=00:35:01:a6:81:fe, actions=output:LOCAL cookie=0xdeff105, priority=14, table=1,icmp6,icmpv6_type=134 actions=FLOOD cookie=0xdeff105, priority=14, table=1,icmp6,icmpv6_type=136 actions=FLOOD cookie=0xdeff105, priority=13, table=1, in_port=1, udp6, tp_dst=3784, actions=output:2,output:LOCAL cookie=0xdeff105, priority=0, table=1, actions=output:NORMAL] NORMAL:[table=0,priority=0,actions=NORMAL This commit fixes that but also, fixes the Unit tests which were already dualstack aware but to take IPV6 serviceCIDR family which by default was only the IPV4 address, so the v6 service cidr rules were not getting installed correctly. This commit also changes a few spots to consistently use `ipv6` protocol prefix rather than `ip6` so that pattern matching used in unit tests works correctly w/o the need to account for both types of matches. Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit 38935ee) Conflicts: go-controller/pkg/node/bridgeconfig/bridgeflows.go because f8ad956 was already backported to 4.20

Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit 1f6964c) Conflicts: go-controller/pkg/node/gateway_shared_intf.go because f8ad956 already was backported to 4.20

Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit e2625f4) Conflicts: go-controller/pkg/node/bridgeconfig/bridgeflows.go because f8ad956 was already backported to 4.20

Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit 1bbb7f3)

kapi service can never be dualstack. In order to test the ipv6 service cidr for kapi server, we need a singlestack ipv6 lane Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit 8000cfd)

Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit b9ecb33)

Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit d268c01)

Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit e717e42)

When ovnkube-node restarts, it runs syncPodsForUserDefinedNetwork which calls allocatePodIPs. For IPAM-less localnet networks (switches with no subnets), IsNonHostSubnetSwitch returns true, causing allocatePodIPs to return empty string. This prevents the pod from being added to expectedLogicalPorts map, causing deleteStaleLogicalSwitchPorts to delete the LSP. This change add an explicit flag at the subnet allocator to denote that that allocator was created as part of a no host subnet switch, this way code explicitly diferenciates between localnet ipamless and no host subnet since both do no have a subnet but no host subnet do not even have LSPs Signed-off-by: Enrique Llorente <ellorent@redhat.com> (cherry picked from commit d1c55f1) (cherry picked from commit 440dab6)

OCPBUGS-74268: release-4.20 fix(localnet, ipamless): Prevent LSP deletion on sync

[release-4.20] OCPBUGS-73788: Fix service flows for BGP on IPV6

Remove the temporary migration code that was added in 2023 to support the transition to OVN Interconnect (IC) architecture. This HACK code tracked whether remote zone nodes had completed migration using the "k8s.ovn.org/remote-zone-migrated" annotation. This code is no longer needed. Changes: - Remove OvnNodeMigratedZoneName constant and helper functions (SetNodeZoneMigrated, HasNodeMigratedZone, NodeMigratedZoneAnnotationChanged) - Remove migrated field from nodeInfo struct in node_tracker.go - Simplify isLocalZoneNode() in base_network_controller.go and egressip.go - Remove HACK helper functions (checkOVNSBNodeLRSR, fetchLBNames, lbExists, portExists) and migration sync flow from default_node_network_controller.go - Remove remote-zone-migrated annotation from webhook allowed annotations - Update tests to remove references to the migration annotation Assisted by Claude Opus 4.5 <noreply@anthropic.com> Signed-off-by: Riccardo Ravaioli <rravaiol@redhat.com> (cherry picked from commit 7d408c1) (cherry picked from commit 83de58c) Signed-off-by: Riccardo Ravaioli <rravaiol@redhat.com>

The layer2 UDN cleanup tests for IC clusters were failing because of a zone mismatch between the controller and the test node: - Controller zone: read from NBGlobal.Name ("global") - Node zone: set via annotation ("test" when IC enabled) This mismatch was previously masked in two spots: 1. The HACK in isLocalZoneNode() (removed by commit 7d408c1): When the controller's zone was "global" (the default), the HACK bypassed the zone comparison entirely and instead checked whether the node had a migration annotation. Since the test node had no migration annotation, it was treated as local despite the zone mismatch. 2. Unconditional gateway cleanup in deleteNodeEvent (changed by commit 8725a93 to only cleanup nodes tracked in localZoneNodes) With both items above removed/changed, the test correctly fails because the node is treated as remote (zones don't match), so it's not added to localZoneNodes, and cleanup is skipped. Fix the test by: - using setupConfig() to set config.Default.Zone to testICZone when IC is enabled - setting NBGlobal.Name to config.Default.Zone (which setupConfig() already configured correctly) This ensures the controller and node are in the same zone, so the node is correctly treated as local and its gateway entities are cleaned up. 🤖 Assisted by [Claude Code](https://claude.com/claude-code) Signed-off-by: Riccardo Ravaioli <rravaiol@redhat.com> (cherry picked from commit acb088c) (cherry picked from commit e950ad5)

When the hybrid overlay feature is enabled (specifically when hybrid overlay cluster subnets are configured), the HandleDeleteNode function would return early after releasing the hybrid overlay subnet. This caused the regular cluster subnets allocated to the node to never be released, leading to a subnet leak that eventually exhausts the cluster CIDR pool. This commit fixes the issue by removing the early return, ensuring that both the hybrid overlay subnets and the standard node subnets are properly released upon node deletion. A new test case TestNodeAllocator_HandleDeleteNode is added to verify that both types of subnets are correctly released. Signed-off-by: Aswin Suryanarayanan <asuryan@redhat.com> (cherry picked from commit c44cbbf) (cherry picked from commit 7826344)

OCPBUGS-77081,OCPBUGS-77094: [release-4.20] combined backport PR for 2 escalations

…4.20-to-release-4.19-03-03-2026

openshift-pr-manager · 2026-03-03T18:01:47Z

/ok-to-test
/payload 4.19 ci blocking
/payload 4.19 nightly blocking

openshift-ci-robot · 2026-03-03T18:01:49Z

@openshift-pr-manager[bot]: This pull request explicitly references no jira issue.

Details

In response to this:

Automated branch sync: release-4.20 to release-4.19.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

openshift-ci · 2026-03-03T18:02:02Z

@openshift-pr-manager[bot]: trigger 5 job(s) of type blocking for the ci release of OCP 4.19

periodic-ci-openshift-release-main-ci-4.19-upgrade-from-stable-4.18-e2e-aws-ovn-upgrade
periodic-ci-openshift-release-main-ci-4.19-upgrade-from-stable-4.18-e2e-azure-ovn-upgrade
periodic-ci-openshift-release-main-ci-4.19-e2e-gcp-ovn-upgrade
periodic-ci-openshift-hypershift-release-4.19-periodics-e2e-aks
periodic-ci-openshift-hypershift-release-4.19-periodics-e2e-aws-ovn

See details on https://pr-payload-tests.ci.openshift.org/runs/ci/0c27bf00-172b-11f1-988a-2b32b02fd983-0

trigger 11 job(s) of type blocking for the nightly release of OCP 4.19

periodic-ci-openshift-release-main-nightly-4.19-e2e-aws-ovn-serial
periodic-ci-openshift-release-main-ci-4.19-e2e-aws-upgrade-ovn-single-node
periodic-ci-openshift-release-main-ci-4.19-e2e-aws-ovn-techpreview
periodic-ci-openshift-release-main-ci-4.19-e2e-aws-ovn-techpreview-serial
periodic-ci-openshift-release-main-nightly-4.19-e2e-aws-ovn-upgrade-fips
periodic-ci-openshift-release-main-ci-4.19-e2e-azure-ovn-upgrade
periodic-ci-openshift-release-main-ci-4.19-upgrade-from-stable-4.18-e2e-gcp-ovn-rt-upgrade
periodic-ci-openshift-hypershift-release-4.19-periodics-e2e-azure-aks-ovn-conformance
periodic-ci-openshift-hypershift-release-4.19-periodics-e2e-aws-ovn-conformance
periodic-ci-openshift-release-main-nightly-4.19-e2e-metal-ipi-ovn-bm
periodic-ci-openshift-release-main-nightly-4.19-e2e-metal-ipi-ovn-ipv6

See details on https://pr-payload-tests.ci.openshift.org/runs/ci/0c27bf00-172b-11f1-988a-2b32b02fd983-1

jluhrsen · 2026-03-03T21:50:44Z

/payload-job periodic-ci-openshift-hypershift-release-4.19-periodics-e2e-aws-ovn-conformance
/payload-job periodic-ci-openshift-release-main-nightly-4.19-e2e-metal-ipi-ovn-bm
/payload-job periodic-ci-openshift-release-main-ci-4.19-upgrade-from-stable-4.18-e2e-gcp-ovn-rt-upgrade
/payload-job periodic-ci-openshift-release-main-nightly-4.19-e2e-metal-ipi-ovn-ipv6

jluhrsen · 2026-03-03T21:50:44Z

/test e2e-aws-ovn-edge-zones
/test e2e-aws-ovn-hypershift
/test e2e-metal-ipi-ovn-dualstack-bgp
/test e2e-metal-ipi-ovn-ipv6

openshift-ci · 2026-03-03T21:50:50Z

@jluhrsen: trigger 4 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command

periodic-ci-openshift-hypershift-release-4.19-periodics-e2e-aws-ovn-conformance
periodic-ci-openshift-release-main-nightly-4.19-e2e-metal-ipi-ovn-bm
periodic-ci-openshift-release-main-ci-4.19-upgrade-from-stable-4.18-e2e-gcp-ovn-rt-upgrade
periodic-ci-openshift-release-main-nightly-4.19-e2e-metal-ipi-ovn-ipv6

See details on https://pr-payload-tests.ci.openshift.org/runs/ci/085cedd0-174b-11f1-9a78-b4b414b1dc03-0

jluhrsen · 2026-03-04T03:14:29Z

/test 4.19-upgrade-from-stable-4.18-e2e-aws-ovn-upgrade
/test e2e-aws-ovn-edge-zones
/test e2e-aws-ovn-hypershift

jluhrsen · 2026-03-04T03:14:46Z

/payload-job periodic-ci-openshift-hypershift-release-4.19-periodics-e2e-aws-ovn-conformance
/payload-job periodic-ci-openshift-release-main-ci-4.19-upgrade-from-stable-4.18-e2e-azure-ovn-upgrade
/payload-job periodic-ci-openshift-release-main-ci-4.19-e2e-aws-ovn-techpreview-serial

openshift-ci · 2026-03-04T03:14:50Z

@jluhrsen: trigger 3 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command

periodic-ci-openshift-hypershift-release-4.19-periodics-e2e-aws-ovn-conformance
periodic-ci-openshift-release-main-ci-4.19-upgrade-from-stable-4.18-e2e-azure-ovn-upgrade
periodic-ci-openshift-release-main-ci-4.19-e2e-aws-ovn-techpreview-serial

See details on https://pr-payload-tests.ci.openshift.org/runs/ci/4d0ae4f0-1778-11f1-9f19-16819d782f77-0

jluhrsen · 2026-03-05T16:58:58Z

/test 4.19-upgrade-from-stable-4.18-e2e-aws-ovn-upgrade
/test e2e-aws-ovn-edge-zones

jluhrsen · 2026-03-31T17:03:24Z

/retitle OCPBUGS-48709: Branch Sync release-4.20 to release-4.19 [03-03-2026]

openshift-ci-robot · 2026-03-31T17:03:36Z

@openshift-pr-manager[bot]: This pull request references Jira Issue OCPBUGS-48709, which is valid.

7 validation(s) were run on this bug

bug is open, matching expected state (open)
bug target version (4.19.z) matches configured target version for branch (4.19.z)
bug is in the state POST, which is one of the valid states (NEW, ASSIGNED, POST)
release note type set to "Release Note Not Required"
dependent bug Jira Issue OCPBUGS-59349 is in the state Closed (Done), which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA))
dependent Jira Issue OCPBUGS-59349 targets the "4.20.0" version, which is one of the valid target versions: 4.20.0, 4.20.z
bug has dependents

Requesting review from QA contact:
/cc @anuragthehatter

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

Automated branch sync: release-4.20 to release-4.19.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

jluhrsen · 2026-03-31T17:20:18Z

@jluhrsen : some of these are duplicate commits right? or are all of them fresh ones?

@tssurya , from the below it looks like there are 4 merge commits, 8 new commits and 4 duplicates:

> gh api 'repos/openshift/ovn-kubernetes/pulls/3034/commits?per_page=100' --jq '.[].commit.message | split("\n")[0]' | while IFS= read -r msg; do count=$(git log upstream/release-4.19 --oneline --grep="$msg" | wc -l); if [ "$count" -gt 0 ]; then echo "DUP: $msg"; else echo "NEW: $msg" | rg -v 'Merge'; fi; done
NEW: Fix UDN service CIDR flows that had protocol prefix pinned to `ip`
NEW: Consider more than 1 family serviceCIDR range for UDN service flows
NEW: Make ip and ipv6 constants in flow code
NEW: Add e2e test towards kapi ipv6 address from udn pods
NEW: Add singlestack ipv6 bgp lane
NEW: Fix bgp tests to work on single stack ipv6
NEW: Skip Multi Homing tests on ipv6 singlestack BGP lane
NEW: Replace 0/1 index var to utilnet ipFamily
DUP: fix(localnet, ipamless): Prevent LSP deletion on sync
DUP: Remove IC zone migration HACK code
DUP: Fix IC cluster cleanup tests zone configuration
DUP: nodeallocator: fix subnet leak when hybrid overlay is enabled

jluhrsen · 2026-03-31T17:20:51Z

/verified by ci

openshift-ci-robot · 2026-03-31T17:21:04Z

@jluhrsen: This PR has been marked as verified by ci.

Details

In response to this:

/verified by ci

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

jluhrsen · 2026-03-31T17:21:20Z

/hold

jluhrsen · 2026-03-31T17:28:09Z

@jluhrsen I think you need to satisfy the JIRA for the BGP bug
@jechen0648 was the original QE

I don't know which BGP bug it is. I retitled it with our dummy bug for 4.19 syncs. I think all labels are here now as
I also added /verified by ci

However, I added a /hold since I'm now worried we actually want the exact BGP bug in the title and maybe for @jechen0648 to do that verification before letting this in. /hold cancel will remove it and this PR would have everything to merge.

tssurya · 2026-03-31T18:03:47Z

@jluhrsen I think you need to satisfy the JIRA for the BGP bug
@jechen0648 was the original QE

I don't know which BGP bug it is. I retitled it with our dummy bug for 4.19 syncs. I think all labels are here now as I also added /verified by ci

#2934 is being automatically brought in

jluhrsen · 2026-03-31T19:40:06Z

/jira cherry-pick OCPBUGS-73788

jluhrsen · 2026-03-31T20:15:37Z

/jira cherry-pick OCPBUGS-73788

jluhrsen · 2026-03-31T20:52:35Z

/retitle OCPBUGS-81526: Branch Sync release-4.20 to release-4.19 [03-03-2026]

openshift-ci-robot · 2026-03-31T20:52:46Z

@openshift-pr-manager[bot]: This pull request references Jira Issue OCPBUGS-81526, which is valid. The bug has been moved to the POST state.

7 validation(s) were run on this bug

bug is open, matching expected state (open)
bug target version (4.19.z) matches configured target version for branch (4.19.z)
bug is in the state New, which is one of the valid states (NEW, ASSIGNED, POST)
release note text is set and does not match the template
dependent bug Jira Issue OCPBUGS-73788 is in the state Closed (Done), which is one of the valid states (VERIFIED, RELEASE PENDING, CLOSED (ERRATA), CLOSED (CURRENT RELEASE), CLOSED (DONE), CLOSED (DONE-ERRATA))
dependent Jira Issue OCPBUGS-73788 targets the "4.20.z" version, which is one of the valid target versions: 4.20.0, 4.20.z
bug has dependents

No GitHub users were found matching the public email listed for the QA contact in Jira (jechen@redhat.com), skipping review request.

The bug has been updated to refer to the pull request using the external bug tracker.

Details

In response to this:

Automated branch sync: release-4.20 to release-4.19.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

jluhrsen · 2026-03-31T20:57:12Z

@jluhrsen I think you need to satisfy the JIRA for the BGP bug
@jechen0648 was the original QE

I don't know which BGP bug it is. I retitled it with our dummy bug for 4.19 syncs. I think all labels are here now as I also added /verified by ci

#2934 is being automatically brought in

that looks like it's for OCPBUGS-73788. I tried the jira cherry-pick comment twice here but zero feedback. I think it actually created two new bugs, but I didn't realize until after I also manually created a release-4.19 clone of 73788 and tagged this PR with that.

jechen0648 · 2026-04-03T21:04:54Z

https://redhat.atlassian.net/browse/OCPBUGS-73788
/verified by "pre-merge" test

openshift-ci-robot · 2026-04-03T21:05:05Z

@jechen0648: This PR has been marked as verified by "pre-merge" test.

Details

In response to this:

https://redhat.atlassian.net/browse/OCPBUGS-73788
/verified by "pre-merge" test

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

jluhrsen · 2026-04-03T21:51:06Z

https://redhat.atlassian.net/browse/OCPBUGS-73788 /verified by "pre-merge" test

/hold cancel

openshift-merge-bot · 2026-04-03T23:49:34Z

/retest-required

Remaining retests: 0 against base HEAD 208e0c7 and 2 for PR HEAD 525c2f1 in total

openshift-ci · 2026-04-04T02:35:49Z

@openshift-pr-manager: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

openshift-ci-robot · 2026-04-04T02:40:11Z

@openshift-pr-manager[bot]: Jira Issue Verification Checks: Jira Issue OCPBUGS-81526
✔️ This pull request was pre-merge verified.
✔️ All associated pull requests have merged.
✔️ All associated, merged pull requests were pre-merge verified.

Jira Issue OCPBUGS-81526 has been moved to the MODIFIED state and will move to the VERIFIED state when the change is available in an accepted nightly payload. 🕓

Details

In response to this:

Automated branch sync: release-4.20 to release-4.19.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

tssurya and others added 16 commits January 14, 2026 08:52

Consider more than 1 family serviceCIDR range for UDN service flows

983ea56

Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit 1f6964c) Conflicts: go-controller/pkg/node/gateway_shared_intf.go because f8ad956 already was backported to 4.20

Make ip and ipv6 constants in flow code

83fa5f7

Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit e2625f4) Conflicts: go-controller/pkg/node/bridgeconfig/bridgeflows.go because f8ad956 was already backported to 4.20

Add e2e test towards kapi ipv6 address from udn pods

925ae3b

Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit 1bbb7f3)

Add singlestack ipv6 bgp lane

4235964

kapi service can never be dualstack. In order to test the ipv6 service cidr for kapi server, we need a singlestack ipv6 lane Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit 8000cfd)

Fix bgp tests to work on single stack ipv6

a4ef8dc

Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit b9ecb33)

Skip Multi Homing tests on ipv6 singlestack BGP lane

484a18f

Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit d268c01)

Replace 0/1 index var to utilnet ipFamily

3e2e21c

Signed-off-by: Surya Seetharaman <suryaseetharaman.9@gmail.com> (cherry picked from commit e717e42)

Merge pull request #2941 from qinqon/release-4.20-ocpbug-66994

3f6615b

OCPBUGS-74268: release-4.20 fix(localnet, ipamless): Prevent LSP deletion on sync

Merge pull request #2934 from tssurya/backport-ocpbugs-58501

92a2808

[release-4.20] OCPBUGS-73788: Fix service flows for BGP on IPV6

Merge pull request #2985 from ricky-rav/OCPBUGS-70130_420

238410b

OCPBUGS-77081,OCPBUGS-77094: [release-4.20] combined backport PR for 2 escalations

Merge remote-tracking branch 'origin/release-4.20' into sync-release-…

525c2f1

…4.20-to-release-4.19-03-03-2026

openshift-ci-robot added the jira/valid-reference Indicates that this PR references a valid Jira ticket of any type. label Mar 3, 2026

openshift-ci Bot requested review from kyrtapz and martinkennelly March 3, 2026 18:04

openshift-ci Bot added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Mar 3, 2026

openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Mar 31, 2026

openshift-ci Bot changed the title ~~NO-JIRA: Branch Sync release-4.20 to release-4.19 [03-03-2026]~~ OCPBUGS-48709: Branch Sync release-4.20 to release-4.19 [03-03-2026] Mar 31, 2026

openshift-ci-robot added the jira/valid-bug Indicates that a referenced Jira bug is valid for the branch this PR is targeting. label Mar 31, 2026

openshift-ci Bot requested a review from anuragthehatter March 31, 2026 17:03

openshift-ci-robot added the verified Signifies that the PR passed pre-merge verification criteria label Mar 31, 2026

openshift-ci Bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Mar 31, 2026

openshift-ci Bot changed the title ~~OCPBUGS-48709: Branch Sync release-4.20 to release-4.19 [03-03-2026]~~ OCPBUGS-81526: Branch Sync release-4.20 to release-4.19 [03-03-2026] Mar 31, 2026

openshift-ci-robot added the jira/severity-important Referenced Jira bug's severity is important for the branch this PR is targeting. label Mar 31, 2026

openshift-ci Bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 3, 2026

openshift-merge-bot Bot merged commit 253d3ed into release-4.19 Apr 4, 2026
27 of 28 checks passed

jluhrsen mentioned this pull request Apr 5, 2026

NO-JIRA: Branch Sync release-4.19 to release-4.18 [03-02-2026] #3017

Closed

Conversation

openshift-pr-manager Bot commented Mar 3, 2026

Uh oh!

openshift-pr-manager Bot commented Mar 3, 2026

Uh oh!

openshift-ci-robot commented Mar 3, 2026

Uh oh!

openshift-ci Bot commented Mar 3, 2026

Uh oh!

jluhrsen commented Mar 3, 2026

Uh oh!

jluhrsen commented Mar 3, 2026

Uh oh!

openshift-ci Bot commented Mar 3, 2026

Uh oh!

jluhrsen commented Mar 4, 2026

Uh oh!

jluhrsen commented Mar 4, 2026

Uh oh!

openshift-ci Bot commented Mar 4, 2026

Uh oh!

jluhrsen commented Mar 5, 2026

Uh oh!

jluhrsen commented Mar 31, 2026

Uh oh!

openshift-ci-robot commented Mar 31, 2026

Uh oh!

jluhrsen commented Mar 31, 2026

Uh oh!

jluhrsen commented Mar 31, 2026

Uh oh!

openshift-ci-robot commented Mar 31, 2026

Uh oh!

jluhrsen commented Mar 31, 2026

Uh oh!

jluhrsen commented Mar 31, 2026

Uh oh!

tssurya commented Mar 31, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

jluhrsen commented Mar 31, 2026

Uh oh!

jluhrsen commented Mar 31, 2026

Uh oh!

jluhrsen commented Mar 31, 2026

Uh oh!

openshift-ci-robot commented Mar 31, 2026

Uh oh!

jluhrsen commented Mar 31, 2026

Uh oh!

jechen0648 commented Apr 3, 2026

Uh oh!

openshift-ci-robot commented Apr 3, 2026

Uh oh!

jluhrsen commented Apr 3, 2026

Uh oh!

openshift-merge-bot Bot commented Apr 3, 2026

Uh oh!

openshift-ci Bot commented Apr 4, 2026

Uh oh!

Uh oh!

openshift-ci-robot commented Apr 4, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

14 participants

tssurya commented Mar 31, 2026 •

edited

Loading