Bug 1878062

Summary: auth operator goes degraded with 404 error message when .well-known is not served yet with unclear error
Product: OpenShift Container Platform Reporter: Stefan Schimanski <sttts>
Component: apiserver-authAssignee: Stefan Schimanski <sttts>
Status: CLOSED ERRATA QA Contact: pmali
Severity: high Docs Contact:
Priority: high    
Version: 4.6CC: aos-bugs, mfojtik, pasik
Target Milestone: ---   
Target Release: 4.6.0   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-10-27 16:40:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Stefan Schimanski 2020-09-11 08:38:22 UTC
Description of problem:

The authentication operator waits for kube-apiserver to serve the .well-known endpoint. The error message suggests that it is auth operator fault if that does not happen in time, although it is kube-apiserver not deploying which can have many root cause, e.g. that networking is not working.

Comment 5 errata-xmlrpc 2020-10-27 16:40:10 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.