Bug 1404343

Summary: Unable to install 3.4.0.35 - invalid certificate importing RHEL streams
Product: OpenShift Container Platform Reporter: Mike Fiedler <mifiedle>
Component: InstallerAssignee: Scott Dodson <sdodson>
Status: CLOSED NOTABUG QA Contact: Johnny Liu <jialiu>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 3.4.0CC: aos-bugs, jokerman, mmccomas
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-12-13 16:34:16 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Mike Fiedler 2016-12-13 16:01:59 UTC 
Using mirror.openshift.com on AWS, attempting to install 3.4.0.35 using the byo/config.yml playbook consistently gives the following error.

TASK [openshift_examples : Import RHEL streams] ********************************
failed: [ec2-54-201-171-154.us-west-2.compute.amazonaws.com] (item=/usr/share/openshift/examples/image-streams/image-streams-rhel7.json) => {
    "changed": false, 
    "cmd": [
        "oc", 
        "create", 
        "-n", 
        "openshift", 
        "-f", 
        "/usr/share/openshift/examples/image-streams/image-streams-rhel7.json"
    ], 
    "delta": "0:00:00.193462", 
    "end": "2016-12-13 10:56:11.753399", 
    "failed": true, 
    "failed_when_result": true, 
    "item": "/usr/share/openshift/examples/image-streams/image-streams-rhel7.json", 
    "rc": 1, 
    "start": "2016-12-13 10:56:11.559937", 
    "warnings": []
}

STDERR:

Unable to connect to the server: x509: certificate signed by unknown authority

failed: [ec2-54-201-171-154.us-west-2.compute.amazonaws.com] (item=/usr/share/openshift/examples/image-streams/dotnet_imagestreams.json) => {
    "changed": false, 
    "cmd": [
        "oc", 
        "create", 
        "-n", 
        "openshift", 
        "-f", 
        "/usr/share/openshift/examples/image-streams/dotnet_imagestreams.json"
    ], 
    "delta": "0:00:00.196409", 
    "end": "2016-12-13 10:56:12.168042", 
    "failed": true, 
    "failed_when_result": true, 
    "item": "/usr/share/openshift/examples/image-streams/dotnet_imagestreams.json", 
    "rc": 1, 
    "start": "2016-12-13 10:56:11.971633", 
    "warnings": []
}

STDERR:

Unable to connect to the server: x509: certificate signed by unknown authority
Comment 1 Mike Fiedler 2016-12-13 16:34:16 UTC 
Re-trying on a clean system is successful.   Will have to investigate further why removing rpms and cleaning /etc/origin did not allow install to continue.   Cancelling for now.
Comment 2 Mike Fiedler 2016-12-13 19:53:54 UTC 
Root cause was leftover system:admin .kube/config after failed install.