Bug 1887718
| Summary: | need to be able to disable kube-apiserver connectivity checks | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | OpenShift BugZilla Robot <openshift-bugzilla-robot> |
| Component: | kube-apiserver | Assignee: | Luis Sanchez <sanchezl> |
| Status: | CLOSED ERRATA | QA Contact: | Ke Wang <kewang> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 4.6 | CC: | aos-bugs, mfojtik, minmli, sanchezl, sttts, xxia |
| Target Milestone: | --- | ||
| Target Release: | 4.6.z | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-06-08 13:54:19 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1876166 | ||
| Bug Blocks: | |||
|
Comment 1
Luis Sanchez
2020-10-13 12:43:35 UTC
*** Bug 1889677 has been marked as a duplicate of this bug. *** $ oc get clusterversion
NAME VERSION AVAILABLE PROGRESSING SINCE STATUS
version 4.6.19 True False 5h30m Cluster version is 4.6.19
By default, disabled PodNetworkConnectivityCheck,
$ oc get kubeapiservers cluster -o yaml | grep ' unsupport'
unsupportedConfigOverrides: null
$ oc get PodNetworkConnectivityCheck -n openshift-kube-apiserver
No resources found in openshift-kube-apiserver namespace.
Enabled PodNetworkConnectivityCheck,
$ oc edit kubeapiservers cluster
$ oc get kubeapiservers cluster -o yaml | grep -A2 ' unsupport'
unsupportedConfigOverrides:
operator:
enableConnectivityCheckController: "True"
$ $ oc get PodNetworkConnectivityCheck -n openshift-kube-apiserver
NAME AGE
kube-apiserver-kewang0361-pxhkz-control-plane-0-to-etcd-server-kewang0361-pxhkz-control-plane-0 13s
kube-apiserver-kewang0361-pxhkz-control-plane-0-to-etcd-server-kewang0361-pxhkz-control-plane-1 13s
kube-apiserver-kewang0361-pxhkz-control-plane-0-to-etcd-server-kewang0361-pxhkz-control-plane-2 13s
kube-apiserver-kewang0361-pxhkz-control-plane-0-to-etcd-server-localhost 13s
kube-apiserver-kewang0361-pxhkz-control-plane-0-to-load-balancer-api-external 11s
kube-apiserver-kewang0361-pxhkz-control-plane-0-to-load-balancer-api-internal 11s
kube-apiserver-kewang0361-pxhkz-control-plane-0-to-openshift-apiserver-endpoint-kewang0361-pxhkz-control-plane-0 12s
kube-apiserver-kewang0361-pxhkz-control-plane-0-to-openshift-apiserver-endpoint-kewang0361-pxhkz-control-plane-1 12s
kube-apiserver-kewang0361-pxhkz-control-plane-0-to-openshift-apiserver-endpoint-kewang0361-pxhkz-control-plane-2 11s
kube-apiserver-kewang0361-pxhkz-control-plane-0-to-openshift-apiserver-service-cluster 13s
kube-apiserver-kewang0361-pxhkz-control-plane-1-to-etcd-server-kewang0361-pxhkz-control-plane-0 9s
kube-apiserver-kewang0361-pxhkz-control-plane-1-to-etcd-server-kewang0361-pxhkz-control-plane-1 10s
kube-apiserver-kewang0361-pxhkz-control-plane-1-to-etcd-server-kewang0361-pxhkz-control-plane-2 10s
kube-apiserver-kewang0361-pxhkz-control-plane-1-to-etcd-server-localhost 9s
kube-apiserver-kewang0361-pxhkz-control-plane-1-to-load-balancer-api-external 7s
kube-apiserver-kewang0361-pxhkz-control-plane-1-to-load-balancer-api-internal 7s
kube-apiserver-kewang0361-pxhkz-control-plane-1-to-openshift-apiserver-endpoint-kewang0361-pxhkz-control-plane-0 8s
kube-apiserver-kewang0361-pxhkz-control-plane-1-to-openshift-apiserver-endpoint-kewang0361-pxhkz-control-plane-1 8s
kube-apiserver-kewang0361-pxhkz-control-plane-1-to-openshift-apiserver-endpoint-kewang0361-pxhkz-control-plane-2 7s
kube-apiserver-kewang0361-pxhkz-control-plane-1-to-openshift-apiserver-service-cluster 9s
kube-apiserver-kewang0361-pxhkz-control-plane-2-to-etcd-server-kewang0361-pxhkz-control-plane-0 5s
kube-apiserver-kewang0361-pxhkz-control-plane-2-to-etcd-server-kewang0361-pxhkz-control-plane-1 6s
kube-apiserver-kewang0361-pxhkz-control-plane-2-to-etcd-server-kewang0361-pxhkz-control-plane-2 6s
kube-apiserver-kewang0361-pxhkz-control-plane-2-to-etcd-server-localhost 5s
kube-apiserver-kewang0361-pxhkz-control-plane-2-to-load-balancer-api-external 3s
kube-apiserver-kewang0361-pxhkz-control-plane-2-to-load-balancer-api-internal 3s
kube-apiserver-kewang0361-pxhkz-control-plane-2-to-openshift-apiserver-endpoint-kewang0361-pxhkz-control-plane-0 4s
kube-apiserver-kewang0361-pxhkz-control-plane-2-to-openshift-apiserver-endpoint-kewang0361-pxhkz-control-plane-1 4s
kube-apiserver-kewang0361-pxhkz-control-plane-2-to-openshift-apiserver-endpoint-kewang0361-pxhkz-control-plane-2 3s
kube-apiserver-kewang0361-pxhkz-control-plane-2-to-openshift-apiserver-service-cluster 5s
Disabled PodNetworkConnectivityCheck again,
$ oc edit kubeapiservers cluster
$ oc get kubeapiservers cluster -o yaml | grep -A2 ' unsupport'
unsupportedConfigOverrides:
operator:
enableConnectivityCheckController: "False"
$ oc get PodNetworkConnectivityCheck -n openshift-kube-apiserver
No resources found in openshift-kube-apiserver namespace.
From above results, we are able to temporarily disable/enable the connectivity checks.
Per Comment #4, the bug was verified. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (OpenShift Container Platform 4.6.32 bug fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:2157 |