OCPBUGS-82032, OCPBUGS-77150: Branch Sync release-4.20 to release-4.19 [04-04-2026]#3116
Conversation
Combine all ipBlocks in a NetworkPolicy rule into single ACL instead of creating one ACL per ipBlock. This reduces ACL bloat when policy having multiple ipBlocks for ingress/egress rules. Signed-off-by: Periyasamy Palanisamy <pepalani@redhat.com> (cherry picked from commit fd27015) (cherry picked from commit 14b7309) (cherry picked from commit 21ef647)
When an EndpointSlice for a UDP NodePort or loadbalancer type of service is updated, stale conntrack entries for removed endpoints must be flushed. The existing logic failed to do this correctly if the backend pod was on a different node. This patch fixes the issue by flushing conntrack entries by filtering the nodePort when the node is not hosting the backend pod. In case that the backend pod was on the same node as the service, this issue won't happen. Since all old pod entries are removed from the node by the function deletePodConntrack when the pod is deleted. Signed-off-by: Peng Liu <pliu@redhat.com> (cherry picked from commit b426934) Signed-off-by: Venkata Charan Sunku <vsunku@redhat.com>
It should be able to preserve UDP traffic when server pod cycles for a NodePort service via a different node. Signed-off-by: Peng Liu <pliu@redhat.com> (cherry picked from commit 4e55026) Signed-off-by: Venkata Charan Sunku <vsunku@redhat.com>
[release-4.20] OCPBUGS-77357: Clear stale conntrack UDP entries for nodePorts
[release-4.20] OCPBUGS-77148: Minimize ACLs by combining ipBlocks into single ACL
…NS names Signed-off-by: arkadeepsen <arsen@redhat.com> (cherry picked from commit 1d5ee82)
[release-4.20] OCPBUGS-79537: EgressFirewall: Use exponential backoff to refresh IP addresses for DNS names
…4.20-to-release-4.19-04-04-2026
|
/ok-to-test |
openshift-ci-robot
added
the
jira/valid-reference
|
@openshift-pr-manager[bot]: trigger 5 job(s) of type blocking for the ci release of OCP 4.19
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/a5dce1b0-2fd2-11f1-94db-b43806ddd98d-0 trigger 9 job(s) of type blocking for the nightly release of OCP 4.19
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/a5dce1b0-2fd2-11f1-94db-b43806ddd98d-1 |
|
@openshift-pr-manager[bot]: This pull request explicitly references no jira issue. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci
Bot
added
the
ok-to-test
|
@openshift-pr-manager[bot]: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
/test 4.19-upgrade-from-stable-4.18-e2e-aws-ovn-upgrade-ipsec |
|
/payload-job periodic-ci-openshift-release-main-ci-4.19-e2e-gcp-ovn-upgrade |
|
@jluhrsen: trigger 3 job(s) for the /payload-(with-prs|job|aggregate|job-with-prs|aggregate-with-prs) command
See details on https://pr-payload-tests.ci.openshift.org/runs/ci/02df8720-3134-11f1-9a21-5f3f93b2f372-0 |
|
/retitle OCPBUGS-82032: Branch Sync release-4.20 to release-4.19 [04-04-2026] |
openshift-ci
Bot
changed the title
openshift-ci-robot
added
jira/severity-critical
|
@openshift-pr-manager[bot]: This pull request references Jira Issue OCPBUGS-82032, which is invalid:
Comment The bug has been updated to refer to the pull request using the external bug tracker. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira refresh |
openshift-ci-robot
added
jira/valid-bug
|
@arkadeepsen: This pull request references Jira Issue OCPBUGS-82032, which is valid. The bug has been moved to the POST state. 7 validation(s) were run on this bug
Requesting review from QA contact: DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-ci
Bot
added
the
backport-risk-assessed
openshift-ci
Bot
assigned
anuragthehatter,
asood-rh,
barbora137,
huiran0826,
jechen0648,
meinali566,
mffiedler,
qiowang721,
rbbratta and
weliang1
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: openshift-pr-manager[bot], tssurya The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
Bot
added
the
approved
|
/verified by @weliang |
openshift-ci-robot
added
the
verified
|
@weliang1: This PR has been marked as verified by DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/tide refresh |
|
@openshift-pr-manager[bot]: Jira Issue Verification Checks: Jira Issue OCPBUGS-82032 Jira Issue OCPBUGS-82032 has been moved to the MODIFIED state and will move to the VERIFIED state when the change is available in an accepted nightly payload. 🕓 DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
Fix included in release 4.19.0-0.nightly-2026-04-15-102604 |
|
/retitle OCPBUGS-82032, OCPBUGS-77151: Branch Sync release-4.20 to release-4.19 [04-04-2026] |
openshift-ci
Bot
changed the title
|
@openshift-pr-manager[bot]: Jira Issue OCPBUGS-82032 is in an unrecognized state (Verified) and will not be moved to the MODIFIED state. Jira Issue OCPBUGS-77151: Some pull requests linked via external trackers have merged: The following pull request, linked via external tracker, has not merged:
All associated pull requests must be merged or unlinked from the Jira bug in order for it to move to the next state. Once unlinked, request a bug refresh with Jira Issue OCPBUGS-77151 has not been moved to the MODIFIED state. This PR is marked as verified. If the remaining PRs listed above are marked as verified before merging, the issue will automatically be moved to VERIFIED after all of the changes from the PRs are available in an accepted nightly payload. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/retitle OCPBUGS-82032, OCPBUGS-77150: Branch Sync release-4.20 to release-4.19 [04-04-2026] |
openshift-ci
Bot
changed the title
|
@openshift-pr-manager[bot]: Jira Issue OCPBUGS-82032 is in an unrecognized state (Verified) and will not be moved to the MODIFIED state. Jira Issue OCPBUGS-77150: Some pull requests linked via external trackers have merged: The following pull request, linked via external tracker, has not merged:
All associated pull requests must be merged or unlinked from the Jira bug in order for it to move to the next state. Once unlinked, request a bug refresh with Jira Issue OCPBUGS-77150 has not been moved to the MODIFIED state. This PR is marked as verified. If the remaining PRs listed above are marked as verified before merging, the issue will automatically be moved to VERIFIED after all of the changes from the PRs are available in an accepted nightly payload. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/jira refresh |
|
@arkadeepsen: Jira Issue OCPBUGS-82032 is in an unrecognized state (Verified) and will not be moved to the MODIFIED state. Jira Issue Verification Checks: Jira Issue OCPBUGS-77150 Jira Issue OCPBUGS-77150 has been moved to the MODIFIED state and will move to the VERIFIED state when the change is available in an accepted nightly payload. 🕓 DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
17 participants
Automated branch sync: release-4.20 to release-4.19.