Failed to provision GKE cluster as the clusterIpv4CidrBlock and clusterSecondaryRangeName fields conflict

[niusmallnan]

Setup

• Rancher version: v2.7.2
• Browser type & version: Chrome on Mac

Describe the bug

The API request payload is illegal, causing Google API to refuse to execute the request.

To Reproduce

To provision the GKE cluster like this:

The payload details:

...
      "ipAllocationPolicy": {
        "clusterIpv4CidrBlock": "10.160.0.0/21",  <-- conflict here
        "clusterSecondaryRangeName": "pod-range", <-- conflict here
        "createSubnetwork": false,
        "nodeIpv4CidrBlock": null,
        "servicesIpv4CidrBlock": "10.160.8.0/21",
        "servicesSecondaryRangeName": "svc-range",
        "subnetworkName": null,
        "useIpAliases": true,
        "clusterIpv4Cidr": ""
      },
...

Result GKE provisioning failed.

Expected Result

GKE provisioning can succeed

Screenshots

Additional context

The Google API declares that these two fields cannot be used at the same time.

Specify cluster_secondary_range_name or cluster_ipv4_cidr_block but not both.

https://googleapis.dev/dotnet/Google.Apis.CloudComposer.v1beta1/latest/api/Google.Apis.CloudComposer.v1beta1.Data.IPAllocationPolicy.html#Google_Apis_CloudComposer_v1beta1_Data_IPAllocationPolicy_ClusterIpv4CidrBlock

workaround: https://ranchermanager.docs.rancher.com/pages-for-subheaders/about-the-api#capturing-rancher-api-calls

[gaktive]

Internal reference: SURE-7026

[gaktive]

Solution here: allow a title and radio buttons before selecting which dropdown from the first two options since only one can be picked.

[nwmac]

The UI does the right thing here when you select a name from the dropdown - it changes the CIDR block input to be a label rather than an input and shows you the current value.

I think the problem is that we send both values in this case, where we should only send the name, not the IP address that corresponds to the name - so I don't think we need any UX changes.

One change we might make is to allow the user to unset the rancher names - you can not do this at the moment, so once you have selected one, you can't unset to then specify a CIDR block.

[nwmac]

Useful doc: https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters#Cluster.IPAllocationPolicy

[IsaSih]

Tested this in v2.9-3ae1c6ac8d3524f8ded4544f1db75fc9e07911a5-head and the UI is still allowing the user to create GKE clusters setting different values for both clusterIpv4CidrBlock and clusterSecondaryRangeName. When the cluster is provisioned, the UI just displays an error message, but there are no available logs or details about the error. Shouldn't the UI be locking one of the fields if the other one already has an input? @nwmac

[cpinjani]

Build details: Rancher - v2.9-3c4ccdc5bc9fde3510089153b5ad58fdbe604880-head Dashboard - master 206ad94

Hitting the initial reported issue.

[cpinjani]

Is this issue still planned to addressed in v2.9.0 ?

[gaktive]

@cpinjani it's not a blocker but I'll check with @nwmac on what to do here. For now, we should release note this and target this for 2.10.0 and back port to 2.9.x if we can't unblock QA quickly here.

[nwmac]

The fix was made to the old GKE UI which has been ported to Vue - looks like it is an issue there @mantis-toboggan-md - for now, we'll need to go with the what @gaktive says in his comment above.

[gaktive]

I'll reopen this for 2.10.0 and list it as a backport candidate for 2.9.x. For @rancher/docs since this has happened in earlier versions, I don't know if we have a known issue for this in place already.

[sunilarjun]

I'll reopen this for 2.10.0 and list it as a backport candidate for 2.9.x. For @rancher/docs since this has happened in earlier versions, I don't know if we have a known issue for this in place already.

@gaktive Can't find anything in recent release notes but I will add this to the v2.9.0 RN in the long standing known issues section if that works?