Bug 2004924

Summary: [SNO]ingress/authentication clusteroperator degraded when enable ccm from start
Product: OpenShift Container Platform Reporter: Joel Speed <jspeed>
Component: Cloud ComputeAssignee: Joel Speed <jspeed>
Cloud Compute sub component: Cloud Controller Manager QA Contact: Yihao Guo <yihguo>
Status: CLOSED ERRATA Docs Contact:
Severity: urgent    
Priority: urgent CC: aos-bugs, hongli, miyadav, zhsun
Version: 4.9   
Target Milestone: ---   
Target Release: 4.9.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 2001825 Environment:
Last Closed: 2021-10-18 17:51:49 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2001825    
Bug Blocks:    

Comment 4 sunzhaohua 2021-09-27 09:54:08 UTC 
Verified
clusterversion: 4.9.0-0.nightly-2021-09-25-094414

Setup a sno cluster and enable ccm from start

$ oc get node
NAME                                        STATUS   ROLES           AGE    VERSION
ip-10-0-78-143.us-east-2.compute.internal   Ready    master,worker   122m   v1.22.0-rc.0+af080cb

$ oc get featuregate cluster -o yaml
apiVersion: config.openshift.io/v1
kind: FeatureGate
metadata:
  annotations:
    include.release.openshift.io/self-managed-high-availability: "true"
    include.release.openshift.io/single-node-developer: "true"
    release.openshift.io/create-only: "true"
  name: cluster
  resourceVersion: "1409"
  uid: 283f18aa-1f6d-433b-892a-5f57379ae866
spec:
  featureSet: TechPreviewNoUpgrade

sh-4.4# cat /etc/systemd/system/kubelet.service
      --cloud-provider=external \

$ oc describe po kube-controller-manager-ip-10-0-65-233.us-east-2.compute.internal -n openshift-kube-controller-manager | grep cloud-provider -C 20
        --requestheader-client-ca-file=/etc/kubernetes/static-pod-certs/configmaps/aggregator-client-ca/ca-bundle.crt -v=2 --tls-cert-file=/etc/kubernetes/static-pod-resources/secrets/serving-cert/tls.crt --tls-private-key-file=/etc/kubernetes/static-pod-resources/secrets/serving-cert/tls.key --allocate-node-cidrs=false --cert-dir=/var/run/kubernetes --cloud-provider=external
Comment 7 errata-xmlrpc 2021-10-18 17:51:49 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:3759