Bug 1916454
Summary: | teach CCO about upgradeability from 4.6 to 4.7 | |||
---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Joel Diaz <jdiaz> | |
Component: | Cloud Credential Operator | Assignee: | Joel Diaz <jdiaz> | |
Status: | CLOSED ERRATA | QA Contact: | wang lin <lwan> | |
Severity: | medium | Docs Contact: | ||
Priority: | unspecified | |||
Version: | 4.7 | CC: | lwan, tsze, yunjiang | |
Target Milestone: | --- | Flags: | lwan:
needinfo-
|
|
Target Release: | 4.7.0 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | No Doc Update | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1916868 (view as bug list) | Environment: | ||
Last Closed: | 2021-02-24 15:53:18 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1916868 |
Description
Joel Diaz
2021-01-14 19:48:52 UTC
Verified on 4.7.0-0.nightly-2021-01-17-211555 1. install cluster on gcp with cco in Manual, 2. delete secret openshift-cluster-csi-drivers/gcp-pd-cloud-credentials, openshift-cloud-credential-operator/cloud-credential-operator-gcp-ro-creds 3. check .status.conditions of co cloud-credential $ oc get co cloud-credential -o json | jq -r ".status.conditions" [ { "lastTransitionTime": "2021-01-18T07:32:00Z", "message": "Credential minting is disabled by cluster admin", "reason": "OperatorDisabledByAdmin", "status": "True", "type": "Available" }, { "lastTransitionTime": "2021-01-18T06:44:49Z", "status": "False", "type": "Degraded" }, { "lastTransitionTime": "2021-01-18T06:59:22Z", "status": "False", "type": "Progressing" }, { "lastTransitionTime": "2021-01-18T08:20:20Z", "message": "Cannot upgrade manual mode cluster to 4.7 due to missing secret(s): [openshift-cluster-csi-drivers/gcp-pd-cloud-credentials openshift-cloud-credential-operator/cloud-credential-operator-gcp-ro-creds] Please see Manualy Creating IAM documentation for the cluster's platform.", "reason": "ManualModeMissingSecrets", "status": "False", "type": "Upgradeable" } ] 4. recreate secret openshift-cloud-credential-operator/cloud-credential-operator-gcp-ro-creds again, check .status.conditions of co cloud-credential $ oc get co cloud-credential -o json | jq -r ".status.conditions" [ { "lastTransitionTime": "2021-01-18T07:32:00Z", "message": "Credential minting is disabled by cluster admin", "reason": "OperatorDisabledByAdmin", "status": "True", "type": "Available" }, { "lastTransitionTime": "2021-01-18T06:44:49Z", "status": "False", "type": "Degraded" }, { "lastTransitionTime": "2021-01-18T06:59:22Z", "status": "False", "type": "Progressing" }, { "lastTransitionTime": "2021-01-18T08:21:50Z", "message": "Cannot upgrade manual mode cluster to 4.7 due to missing secret(s): [openshift-cluster-csi-drivers/gcp-pd-cloud-credentials] Please see Manualy Creating IAM documentation for the cluster's platform.", "reason": "ManualModeMissingSecrets", "status": "False", "type": "Upgradeable" } ] 5. recreate secret openshift-cluster-csi-drivers/gcp-pd-cloud-credentials again, check .status.conditions of co cloud-credential, Upgradeable=Ture. oc get co cloud-credential -o json | jq -r ".status.conditions" [ { "lastTransitionTime": "2021-01-18T07:32:00Z", "message": "Credential minting is disabled by cluster admin", "reason": "OperatorDisabledByAdmin", "status": "True", "type": "Available" }, { "lastTransitionTime": "2021-01-18T06:44:49Z", "status": "False", "type": "Degraded" }, { "lastTransitionTime": "2021-01-18T06:59:22Z", "status": "False", "type": "Progressing" }, { "lastTransitionTime": "2021-01-18T08:22:24Z", "status": "True", "type": "Upgradeable" } ] ###### Hi,Joel cco supported mode in openstack and vsphere is Passthrough, I saw the codes are still including openstack and vsphere platform, do we need to test Manual mode for openstack and vsphere. don't need to test Manual mode for openstack and vsphere at current, installer will prevent the users setting cco to Manual mode. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633 |