Bug 1892799
Summary: | Mounting additionalTrustBundle in the operator | |||
---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Oleg Bulatov <obulatov> | |
Component: | Image Registry | Assignee: | Oleg Bulatov <obulatov> | |
Status: | CLOSED ERRATA | QA Contact: | Wenjing Zheng <wzheng> | |
Severity: | high | Docs Contact: | ||
Priority: | high | |||
Version: | 4.6 | CC: | alchan, aos-bugs, fgrosjea, jrosenta, pamoedom, wewang | |
Target Milestone: | --- | |||
Target Release: | 4.7.0 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Bug Fix | ||
Doc Text: |
Cause: the image registry operator did not use its entrypoint because an explicit command was provided
Consequence: cluster-wide trusted-ca was not used by the operator and the operator couldn't connect to storage providers that don't work without custom trusted-ca
Fix: remove explicit command from the pod spec
Result: the image entrypoint is used by the container that applies trusted-ca
|
Story Points: | --- | |
Clone Of: | ||||
: | 1896423 (view as bug list) | Environment: | ||
Last Closed: | 2021-02-24 15:29:18 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1894195, 1896423 |
Description
Oleg Bulatov
2020-10-29 16:30:14 UTC
Below warning can be found in operator log and I can see user-ca-bundle content in /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem: Overwriting root TLS certificate authority trust store sh-4.4$ diff /var/run/configmaps/trusted-ca/tls-ca-bundle.pem /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem sh-4.4$ Verified on 4.7.0-0.nightly-2020-11-09-190845. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633 |