Bug 1641083

Summary: Installation failing because master controller pods fail to start.
Product: OpenShift Container Platform Reporter: Josh Foots <jfoots>
Component: InstallerAssignee: Vadim Rutkovsky <vrutkovs>
Status: CLOSED DUPLICATE QA Contact: Johnny Liu <jialiu>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 3.11.0CC: aclewett, algonzal, aos-bugs, erich, jfoots, jokerman, mmccomas, sdodson
Target Milestone: ---   
Target Release: 3.11.z   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-10-23 12:41:42 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Josh Foots 2018-10-19 15:14:26 UTC 
Description of problem:

 Message:  Control plane pods didn't come up


Version-Release number of selected component (if applicable):

└──> grep openshift* sosreport-malhamada.02233123-20181017171945/installed-rpms 
atomic-openshift-3.11.16-1.git.0.b48b8f8.el7.x86_64         Wed Oct 17 14:07:50 2018
atomic-openshift-clients-3.11.16-1.git.0.b48b8f8.el7.x86_64 Wed Oct 17 13:55:05 2018
atomic-openshift-docker-excluder-3.11.16-1.git.0.b48b8f8.el7.noarch Wed Oct 17 13:52:37 2018
atomic-openshift-excluder-3.11.16-1.git.0.b48b8f8.el7.noarch Wed Oct 17 13:53:10 2018
atomic-openshift-hyperkube-3.11.16-1.git.0.b48b8f8.el7.x86_64 Wed Oct 17 13:55:01 2018
atomic-openshift-node-3.11.16-1.git.0.b48b8f8.el7.x86_64    Wed Oct 17 13:55:02 2018
openshift-ansible-3.11.16-1.git.0.4ac6f81.el7.noarch        Wed Oct 17 12:45:00 2018
openshift-ansible-docs-3.11.16-1.git.0.4ac6f81.el7.noarch   Wed Oct 17 12:45:00 2018
openshift-ansible-playbooks-3.11.16-1.git.0.4ac6f81.el7.noarch Wed Oct 17 12:45:00 2018
openshift-ansible-roles-3.11.16-1.git.0.4ac6f81.el7.noarch  Wed Oct 17 12:45:00 2018


How reproducible:

Very

Steps to Reproduce:
1. Run the installer
2.
3.

Actual results:

     Play:     Configure masters
     Task:     Report control plane errors
     Message:  Control plane pods didn't come up

Expected results:


Additional info:
Comment 8 Scott Dodson 2018-10-22 20:34:40 UTC 
The controllers pod indicates that it cannot read the LDAP CA.

Invalid MasterConfig /etc/origin/master/master-config.yaml
  oauthConfig.identityProvider[0].provider.ca: Invalid value: "/etc/origin/master/LDAP_ldap_ca.crt": could not read file: stat /etc/origin/master/LDAP_ldap_ca.crt: no such file or directory

A workaround would be to copy the LDAP server's certificate authority into place.

Vadim, you've worked on similar problems in 3.10, is this still an outstanding problem in 3.11?
Comment 10 Scott Dodson 2018-10-23 12:41:42 UTC 
The customer has closed the case and it's my understanding the problem has been resolved through updated configuration.

You must set openshift_master_ldap_ca_file to the local path of a file to be copied to the target hosts as the LDAP CA or manually ensure that the LDAP CA is copied otherwise.
Comment 12 Red Hat Bugzilla 2023-09-14 04:40:33 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days