Bug 1821683
Summary: | On recovery flow the csr-controller-ca isn't propagated to openshift-config-managed namespace | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Tomáš Nožička <tnozicka> |
Component: | kube-controller-manager | Assignee: | Tomáš Nožička <tnozicka> |
Status: | CLOSED ERRATA | QA Contact: | zhou ying <yinzhou> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 4.4 | CC: | aos-bugs, maszulik, mfojtik, xxia, yinzhou |
Target Milestone: | --- | ||
Target Release: | 4.4.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | No Doc Update | |
Doc Text: | Story Points: | --- | |
Clone Of: | 1821680 | Environment: | |
Last Closed: | 2020-05-04 11:48:34 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1818420, 1821680 | ||
Bug Blocks: |
Description
Tomáš Nožička
2020-04-07 12:09:51 UTC
Confirmed with payload: 4.4.0-0.nightly-2020-04-15-095927, after stop more than 24hours , the issue can't reproduce now: [root@dhcp-140-138 ~]# oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.4.0-0.nightly-2020-04-15-095927 True False 35h Cluster version is 4.4.0-0.nightly-2020-04-15-095927 [root@dhcp-140-138 ~]# oc get secrets csr-signer -n openshift-kube-controller-manager -o json |jq -r '.data."tls.crt"' |base64 -d |openssl x509 -in - --text Certificate: Data: Version: 3 (0x2) Serial Number: 5204450091857526175 (0x4839ebc8c06abd9f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN = openshift-kube-controller-manager-operator_csr-signer-signer@1587082310 Validity Not Before: Apr 17 00:11:50 2020 GMT Not After : May 17 00:11:51 2020 GMT [root@dhcp-140-138 ~]# oc get configmap csr-controller-ca -n openshift-config-managed -o json |jq -r '.data."ca-bundle.crt"' |openssl x509 -in - --text Certificate: Data: Version: 3 (0x2) Serial Number: 5204450091857526175 (0x4839ebc8c06abd9f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN = openshift-kube-controller-manager-operator_csr-signer-signer@1587082310 Validity Not Before: Apr 17 00:11:50 2020 GMT Not After : May 17 00:11:51 2020 GMT Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:0581 *** Bug 1817997 has been marked as a duplicate of this bug. *** |