Bug 1698180

Summary: Enable insecure option for configuring vsphere cloudprovider
Product: OpenShift Container Platform Reporter: Hemant Kumar <hekumar>
Component: InstallerAssignee: Matthew Staebler <mstaeble>
Installer sub component: openshift-installer QA Contact: Gaoyun Pei <gpei>
Status: CLOSED ERRATA Docs Contact:
Severity: unspecified    
Priority: unspecified CC: bleanhar, chaoyang, gpei, lxia, mstaeble, wehe, wsun
Version: 4.1.0Keywords: BetaBlocker
Target Milestone: ---   
Target Release: 4.1.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-04 10:47:18 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Hemant Kumar 2019-04-09 18:18:46 UTC 
Currently I had to manually edit the generated configmap.
Comment 1 Hemant Kumar 2019-04-09 18:27:18 UTC 
We need to update install-config API to enable insecure option for vsphere cloudprovider. I manually edited cloud-config configmap in openshift-config namespace to enable insecure option and which fixed this for me.
Comment 2 Matthew Staebler 2019-04-09 19:23:55 UTC 
https://github.com/openshift/installer/pull/1571
Comment 3 Brenton Leanhardt 2019-04-11 18:04:25 UTC 
https://github.com/openshift/installer/pull/1591
Comment 4 Matthew Staebler 2019-04-11 19:55:18 UTC 
The insecure-flag will always be set to 1 by the installer. If the user wants to run securely, then they will need to manually modify the manifest and provide a cert for trust verification.
Comment 5 Hemant Kumar 2019-04-12 14:06:02 UTC 
*** Bug 1699253 has been marked as a duplicate of this bug. ***
Comment 8 Gaoyun Pei 2019-04-23 05:14:47 UTC 
Verify this bug with payload 4.1.0-0.nightly-2019-04-22-005054. 

# ./openshift-install version
./openshift-install v4.1.0-201904211700-dirty
built from commit f3b726cc151f5a3d66bc7e23e81b3013f1347a7e
release image registry.svc.ci.openshift.org/ocp/release@sha256:3f3628cd9b694705cb0627ce72e61932df5d9938a291fabba1ed691230f7b548


After fresh install for upi-on-vsphere, check the cloud-provider-config configmap

# oc get configmap cloud-provider-config -o yaml -n openshift-config |grep insecure-flag
    insecure-flag    = 1
Comment 10 errata-xmlrpc 2019-06-04 10:47:18 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0758