Bug 1996647

Summary: Provide more useful degraded message in auth operator on DNS errors
Product: OpenShift Container Platform Reporter: Michal Fojtik <mfojtik>
Component: apiserver-authAssignee: Michal Fojtik <mfojtik>
Status: CLOSED ERRATA QA Contact: Xingxing Xia <xxia>
Severity: low Docs Contact:
Priority: medium    
Version: 4.9CC: aos-bugs, mfojtik, surbania, xxia, ytripath
Target Milestone: ---   
Target Release: 4.10.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-03-10 16:05:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michal Fojtik 2021-08-23 11:32:13 UTC 
Description of problem:

When the DNS server is not reachable or DNS itself is not working, we give this message to users/admins:

Operator unavailable (OAuthServerRouteEndpointAccessibleController_EndpointUnavailable): OAuthServerRouteEndpointAccessibleControllerAvailable: Get "https://oauth-openshift.apps.ci-op-6izkt7mz-16f7c.gcp-2.ci.openshift.org/healthz": dial tcp: lookup oauth-openshift.apps.ci-op-6izkt7mz-16f7c.gcp-2.ci.openshift.org on 172.30.0.10:53: no such host


There is no hint here that the problem is DNS server except the :53 port.


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:

Append clarification at the end of the message.

Additional info:

This BZ exists to link to a simple PR, no QE needed.
Comment 6 Sergiusz Urbaniak 2021-11-26 07:25:27 UTC 
I’m adding UpcomingSprint, because I was occupied by fixing bugs with higher priority/severity, developing new features with higher priority, or developing new features to improve stability at a macro level. I will revisit this bug next sprint.
Comment 8 Yash Tripathi 2022-02-04 03:36:10 UTC 
PR reviewed
Comment 10 Xingxing Xia 2022-02-21 03:49:48 UTC 
(In reply to comment #0)
> Description of problem:
> Additional info:
> 
> This BZ exists to link to a simple PR, no QE needed.
Ah, as per this, moving to VERIFIED directly. The code checks if the error contains ":53: no such host" and if yes then it appends "(this is likely result of malfunctioning DNS server)".
Comment 12 errata-xmlrpc 2022-03-10 16:05:43 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056