Bug 1678537
| Summary: | defaultCertificateSecret is gone in clusteringress after change it to other value then change back to default | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Hongan Li <hongli> |
| Component: | Networking | Assignee: | Miciah Dashiel Butler Masters <mmasters> |
| Networking sub component: | router | QA Contact: | Hongan Li <hongli> |
| Status: | CLOSED ERRATA | Docs Contact: | |
| Severity: | medium | ||
| Priority: | unspecified | CC: | aos-bugs |
| Version: | 4.1.0 | ||
| Target Milestone: | --- | ||
| Target Release: | 4.1.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | No Doc Update | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2019-06-04 10:44:14 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Hongan Li
2019-02-19 02:50:18 UTC
I could not reproduce the reported issue:
% oc -n openshift-ingress-operator get ingresscontrollers/default -o yaml
apiVersion: operator.openshift.io/v1
kind: IngressController
metadata:
creationTimestamp: 2019-03-12T04:18:33Z
finalizers:
- ingress.openshift.io/ingress-controller
generation: 3
name: default
namespace: openshift-ingress-operator
resourceVersion: "22766"
selfLink: /apis/operator.openshift.io/v1/namespaces/openshift-ingress-operator/ingresscontrollers/default
uid: e62ead31-447d-11e9-9dbb-0a80bd621726
spec:
nodePlacement:
nodeSelector:
matchLabels:
node-role.kubernetes.io/worker: ""
status:
availableReplicas: 2
domain: apps.mmasters.devcluster.openshift.com
endpointPublishingStrategy:
type: LoadBalancerService
selector: app=router,router=router-default
% oc create secret tls mynew --cert=/home/mmasters/src/httpclient/test/server.cert --key=/home/mmasters/src/httpclient/test/server.key -n openshift-ingress
secret/mynew created
% oc -n openshift-ingress-operator patch ingresscontrollers/default --type=merge --patch='{"spec":{"defaultCertificate":{"name":"mynew"}}}'
ingresscontroller.operator.openshift.io/default patched
% oc -n openshift-ingress-operator get ingresscontrollers/default -o yaml
apiVersion: operator.openshift.io/v1
kind: IngressController
metadata:
creationTimestamp: 2019-03-12T04:18:33Z
finalizers:
- ingress.openshift.io/ingress-controller
generation: 4
name: default
namespace: openshift-ingress-operator
resourceVersion: "23948"
selfLink: /apis/operator.openshift.io/v1/namespaces/openshift-ingress-operator/ingresscontrollers/default
uid: e62ead31-447d-11e9-9dbb-0a80bd621726
spec:
defaultCertificate:
name: mynew
nodePlacement:
nodeSelector:
matchLabels:
node-role.kubernetes.io/worker: ""
status:
availableReplicas: 2
domain: apps.mmasters.devcluster.openshift.com
endpointPublishingStrategy:
type: LoadBalancerService
selector: app=router,router=router-default
% oc -n openshift-ingress-operator patch ingresscontrollers/default --type=merge --patch='{"spec":{"defaultCertificate":null}}'
ingresscontroller.operator.openshift.io/default patched
% oc -n openshift-ingress-operator get ingresscontrollers/default -o yaml
apiVersion: operator.openshift.io/v1
kind: IngressController
metadata:
creationTimestamp: 2019-03-12T04:18:33Z
finalizers:
- ingress.openshift.io/ingress-controller
generation: 5
name: default
namespace: openshift-ingress-operator
resourceVersion: "24120"
selfLink: /apis/operator.openshift.io/v1/namespaces/openshift-ingress-operator/ingresscontrollers/default
uid: e62ead31-447d-11e9-9dbb-0a80bd621726
spec:
nodePlacement:
nodeSelector:
matchLabels:
node-role.kubernetes.io/worker: ""
status:
availableReplicas: 2
domain: apps.mmasters.devcluster.openshift.com
endpointPublishingStrategy:
type: LoadBalancerService
selector: app=router,router=router-default
%
Note that the API has changed some since this report was opened. In particular, the "ClusterIngress" resource was renamed to "IngressController", its .spec.defaultCertificateSecret field was renamed to .spec.defaultCertificate, and this field's type was changed from a string pointer to a local object reference pointer.
However, even taking those API changes into account, the reported behavior is weird—I see no reason why you would ever see an explicit "null" value in the yaml output for that field.
Can you try to reproduce the problem again? If you still see it, can you include the full output of the `oc get` commands?
Thank you for your update, Miciah. Since the latest nightly build QE can installed successfully is 4.0.0-0.nightly-2019-03-06-074438, and it is still using "ClusterIngress" resource, so I will check this later with latest build and let you know the result. $ oc -n openshift-ingress-operator get ingresscontrollers error: the server doesn't have a resource type "ingresscontrollers" $ oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.0.0-0.nightly-2019-03-06-074438 True False 22h Cluster version is 4.0.0-0.nightly-2019-03-06-074438 verified with 4.0.0-0.nightly-2019-03-13-233958 and fixed Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0758 |