Bug 1892372
Summary: | operator pod with OLM webhooks is getting terminated and created several times during the installation | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | OpenShift BugZilla Robot <openshift-bugzilla-robot> |
Component: | OLM | Assignee: | Alexander Greene <agreene> |
OLM sub component: | OLM | QA Contact: | kuiwang |
Status: | CLOSED ERRATA | Docs Contact: | |
Severity: | urgent | ||
Priority: | medium | CC: | agreene, bluddy, danken, ecordell, fdeutsch, krizza, msluiter, ncredi, nhale, stirabos, vdinh, yturgema |
Version: | 4.5 | Keywords: | Reopened, TestBlockerForLayeredProduct |
Target Milestone: | --- | ||
Target Release: | 4.5.z | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
Cause: When OLM is reconciling a CSV that is in the
InstallReady phase, OLM will create the CA from scratch even if it had previously created valid and unexpired CAs.
Consequence: New CAs Certs are created each time the operator is installed.
Fix: Rather than regenerate the CA Certs from scratch, OLM now reuses existing certs created for the operator if they are available, unexpired, and valid.
Result: OLM no longer creates new CA Certs if an operator re-enters the InstallReady phase.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-03-03 04:40:29 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1868712 | ||
Bug Blocks: |
Comment 5
kuiwang
2020-11-23 06:10:32 UTC
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.5.21 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5194 Moving back to Verified state, QE had already verified the fix and the errata bot should not have closed this BZ. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Important: OpenShift Container Platform 4.5.33 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:0428 |