Bug 1855345

Summary: Missing/invalid RHVM certificate
Product: OpenShift Container Platform Reporter: Peter Larsen <plarsen>
Component: InstallerAssignee: Douglas Schilling Landgraf <dougsland>
Installer sub component: OpenShift on RHV QA Contact: Guilherme Santos <gdeolive>
Status: CLOSED ERRATA Docs Contact:
Severity: medium    
Priority: medium CC: jzmeskal
Version: 4.6   
Target Milestone: ---   
Target Release: 4.6.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-10-27 16:13:27 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Peter Larsen 2020-07-09 15:25:58 UTC 
Running the installer the first time against RHVM, you're prompted for the RHVM hostname, and when validated for a user-name and password.  The installer extracts a certificate and enters it into 

$HOME/.ovirt/ovirt-config.yaml as "ovirt_ca_bundle".
The retrieved certificate is invalid - and as the machineset operator attempts to create worker nodes, it fails authentication with RHVM and no worker nodes are found.  Replacing the ovirt_ca_bundle in the ovirt-credentials secret fixes the problem.

Another work-around is to manually edit the ovirt-config.yaml file and restart the installer. 

Version-Release number of the following components:
[ocp@bastion ovirt]$ bin/openshift-install version
bin/openshift-install unreleased-master-3266-g3828ad50cde20a7836556403684991468cecfeb3
built from commit 3828ad50cde20a7836556403684991468cecfeb3
release image registry.svc.ci.openshift.org/origin/release:4.5
Comment 3 Jan Zmeskal 2020-09-29 12:13:29 UTC 
Verified with 4.6.0-0.nightly-2020-09-28-212756
Verification steps:
1. openshift-install create install-config
2. cat ~/.ovirt/ovirt-config.yaml && cat /etc/pki/ovirt-engine/ca.pem  # Verify the certificates are the same
3. openshift-install create cluster
4. Check that worker nodes have been created and started successfully
Comment 5 errata-xmlrpc 2020-10-27 16:13:27 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:4196