Bug 1264975
| Summary: | certificate signed by unknown authority | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Nicholas Schuetz <nick> |
| Component: | Node | Assignee: | Scott Dodson <sdodson> |
| Status: | CLOSED NOTABUG | QA Contact: | Jianwei Hou <jhou> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 3.0.0 | CC: | aos-bugs, jokerman, mmccomas, nick, nschuetz, xtian |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-09-30 21:07:00 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Nicholas, This will happen when you re-install without cleaning up root's .kube/config file. Can you try copying /etc/openshift/master/admin.kubeconfig to /root/.kube/config and re-run ansible? That's just a workaround, we can clean it up so that it uses that file directly but I want to make sure that fixes it for you so I know that there's not another problem. -- Scott i think the problem is related to a TLS intercepting proxy, or transparent proxy. Nick, Do you have access to that CA? I'd be interested to know what happens if you import the CA used for the proxy into the host's trust chain per this solution https://access.redhat.com/solutions/1174393 |
I'm working through a PoC with a customer. When attempting to run the ansible installer, we are getting this: TASK: [openshift_examples | Import RHEL streams] ****************************** failed: [master.blah.com] => {"changed": false, "cmd": ["oc", "create", "-n", "openshift", "-f", "/usr/share/openshift/examples/image-streams/image-streams-rhel7.json"], "delta": "0:00:00.425396", "end": "2015-09-21 11:21:48.461989", "failed": true, "failed_when_result": true, "rc": 1, "start": "2015-09-21 11:21:48.036593", "stdout_lines": [], "warnings": []} stderr: Unable to connect to the server: x509: certificate signed by unknown authority Unable to connect to the server: x509: certificate signed by unknown authority How reproducible: Run the ansible installer subscribed to the latest updates.