Bug 1707573
Summary: | Installer configures KAS with legacy CA | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Scott Dodson <sdodson> |
Component: | Installer | Assignee: | Sam Batschelet <sbatsche> |
Installer sub component: | openshift-installer | QA Contact: | ge liu <geliu> |
Status: | CLOSED CURRENTRELEASE | Docs Contact: | |
Severity: | urgent | ||
Priority: | urgent | CC: | eparis, sponnaga, vrutkovs, wking, wsun |
Version: | 4.1.0 | Keywords: | BetaBlocker |
Target Milestone: | --- | ||
Target Release: | 4.1.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-05-10 11:49:53 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Scott Dodson
2019-05-07 19:37:05 UTC
Checked latest paylaod(4.1.0-0.nightly-2019-05-08-012425) until now, the pr have not been in it. change status to modify, and I will continue to watch it. $ oc adm release info --commits registry.svc.ci.openshift.org/ocp/release:4.1.0-0.nightly-2019-05-08-195152 | grep installer installer https://github.com/openshift/installer c91435c84a7ac35404b6062a45ae48b82b1f76ab installer-artifacts https://github.com/openshift/installer 6e5093d4e4d0e2069957a54db95c69b9eaa2b3a2 $ git log --first-parent --format='%ad %h %d %s' --date=iso -5 origin/master | cat 2019-05-08 22:52:53 +0200 3b6832c2a (HEAD -> master, origin/release-4.2, origin/release-4.1, origin/master, origin/HEAD) Merge pull request #1727 from abhinavdahiya/infra_api_changes_public 2019-05-08 19:56:40 +0200 c91435c84 Merge pull request #1730 from abhinavdahiya/upi_image_fix 2019-05-08 05:06:26 +0200 23aac5288 Merge pull request #1718 from abhinavdahiya/infra_api_changes 2019-05-08 01:27:39 +0200 d506a01c8 Merge pull request #1720 from hexfusion/remove_etcd_ca 2019-05-07 19:56:54 +0200 6e5093d4e Merge pull request #1711 from mandre/openstack-resolver So the associated installer has the fix, but installer-artifacts (which is what gets extracted, I think) does not. The disconnect may be another symptom of bug 1707928, and will hopefully be addressed by the current builds going on as part of that. $ oc adm release info --commits registry.svc.ci.openshift.org/ocp/release:4.1.0-0.nightly-2019-05-08-220123 | grep installer installer https://github.com/openshift/installer 3b6832c2a12e0d3e0edc91ee1266e8eba51aeebc installer-artifacts https://github.com/openshift/installer 3b6832c2a12e0d3e0edc91ee1266e8eba51aeebc``` Moving back to ON_QA. Verified with Beta 5 Final Build(4.1.0-rc.1), install ocp cluster on aws, and when bootstrap node is initialed, login on it and check the tls dir: etcdca have been deprecated, and etcdsign prompted $ pwd /opt/openshift/tls [core@ip-10-0-12-112 tls]$ ls *etcd* etcd-ca-bundle.crt etcd-client.key etcd-metric-signer-client.crt etcd-metric-signer.crt etcd-signer.crt etcd-client.crt etcd-metric-ca-bundle.crt etcd-metric-signer-client.key etcd-metric-signer.key etcd-signer.key [core@ip-10-0-12-112 tls]$ check the bootstrap logs: #journalctl -b -f -u bootkube.service May 10 07:40:44 ip-10-0-12-112 bootkube.sh[1398]: Created "etcd-ca-bundle-configmap.yaml" configmaps.v1./etcd-ca-bundle -n openshift-config May 10 07:40:44 ip-10-0-12-112 bootkube.sh[1398]: Created "etcd-client-secret.yaml" secrets.v1./etcd-client -n openshift-config May 10 07:40:45 ip-10-0-12-112 bootkube.sh[1398]: Created "etcd-metric-client-secret.yaml" secrets.v1./etcd-metric-client -n openshift-config May 10 07:40:45 ip-10-0-12-112 bootkube.sh[1398]: Created "etcd-metric-serving-ca-configmap.yaml" configmaps.v1./etcd-metric-serving-ca -n openshift-config May 10 07:40:45 ip-10-0-12-112 bootkube.sh[1398]: Created "etcd-metric-signer-secret.yaml" secrets.v1./etcd-metric-signer -n openshift-config May 10 07:40:46 ip-10-0-12-112 bootkube.sh[1398]: Created "etcd-namespace.yaml" namespaces.v1./openshift-etcd -n May 10 07:40:46 ip-10-0-12-112 bootkube.sh[1398]: Created "etcd-service.yaml" services.v1./etcd -n openshift-etcd May 10 07:40:46 ip-10-0-12-112 bootkube.sh[1398]: Created "etcd-serving-ca-configmap.yaml" configmaps.v1./etcd-serving-ca -n openshift-config May 10 07:40:46 ip-10-0-12-112 bootkube.sh[1398]: Created "etcd-signer-secret.yaml" secrets.v1./etcd-signer -n openshift-config May 10 07:40:46 ip-10-0-12-112 bootkube.sh[1398]: Created "kube-apiserver-serving-ca-configmap.yaml" configmaps.v1./initial-kube-apiserver-server-ca -n openshift-config |