Bug 2055699

Summary: StorageConsumer: Not able to connect to the Storage Provider server that is using TLS cert
Product: [Red Hat Storage] Red Hat OpenShift Data Foundation Reporter: Santosh Pillai <sapillai>
Component: ocs-operatorAssignee: Santosh Pillai <sapillai>
Status: CLOSED CURRENTRELEASE QA Contact: suchita <sgatfane>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 4.10CC: madam, muagarwa, nberry, nigoyal, ocs-bugs, odf-bz-bot, rperiyas, sgatfane, sostapov
Target Milestone: ---   
Target Release: ODF 4.10.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 4.10.0-163 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-04-21 09:12:46 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Santosh Pillai 2022-02-17 14:38:20 UTC 
Description of problem (please be detailed as possible and provide log
snippests):

OCS storage consumer cluster is not able to connect to the Storage provider server that is using TLS certs. 


Version of all relevant components (if applicable):


Does this issue impact your ability to continue to work with the product
(please explain in detail what is the user impact)?


Is there any workaround available to the best of your knowledge?
No

Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?


Can this issue reproducible?


Can this issue reproduce from the UI?


If this is a regression, please provide more details to justify this:


Steps to Reproduce:
1. Create Storage Consumer cluster
2. Observe the cluster reconciliation
3.


Actual results: OCS storage consumer cluster is not able to connect to the Storage provider server that is using TLS certs. 


Expected results: OCS storage consumer cluster should be able to connect to the Storage provider server that is using TLS certs. 


Additional info:
Comment 5 Kesavan 2022-02-21 12:31:08 UTC 
*** Bug 2054760 has been marked as a duplicate of this bug. ***
Comment 6 suchita 2022-03-08 05:51:53 UTC 
As discussed with Santosh, the proven way to verify this cluster is - if provider is able to connect with consumer successfuly. 

Verified on  ocs-operator.v4.10.0 full version:"4.10.0-171" on provider and consumer both
======================================================================================================================
$ oc get csv
NAME                                               DISPLAY                           VERSION           REPLACES                                           PHASE
configure-alertmanager-operator.v0.1.408-a047eaa   configure-alertmanager-operator   0.1.408-a047eaa   configure-alertmanager-operator.v0.1.406-7952da9   Succeeded
mcg-operator.v4.10.0                               NooBaa Operator                   4.10.0                                                               Succeeded
ocs-operator.v4.10.0                               OpenShift Container Storage       4.10.0                                                               Succeeded
odf-operator.v4.10.0                               OpenShift Data Foundation         4.10.0                                                               Succeeded
route-monitor-operator.v0.1.402-706964f            Route Monitor Operator            0.1.402-706964f   route-monitor-operator.v0.1.399-91f142a            Succeeded

oc get storageconsumer 
NAME                                                   AGE
storageconsumer-578016bd-cc34-413d-904f-707f0784d4d9   2d9h

$ oc get pods | grep rook
rook-ceph-operator-5db9f784b4-r54vh                1/1     Running   0          30h
$oc rsh rook-ceph-operator-5db9f784b4-r54vh
sh-4.4$ls /var/lib/rook/openshift-storage
client.cephclient-health-checker-storageconsumer-578016bd-cc34-413d-904f-707f0784d4d9.keyring  openshift-storage.config
sh-4.4$ ceph -s --conf=/var/lib/rook/openshift-storage/openshift-storage.config --name=client.cephclient-health-checker-storageconsumer-578016bd-cc34-413d-904f-707f0784d4d9 --keyring=/var/lib/rook/openshift-storage/client.cephclient-health-checker-storageconsumer-578016bd-cc34-413d-904f-707f0784d4d9.keyring
  cluster:
    id:     2116f907-1e37-4568-9115-5d7b7b426d10
    health: HEALTH_OK
 
  services:
    mon: 3 daemons, quorum a,b,c (age 29h)
    mgr: a(active, since 29h)
    mds: 1/1 daemons up, 1 hot standby
    osd: 3 osds: 3 up (since 29h), 3 in (since 29h)
 
  data:
    volumes: 1/1 healthy
    pools:   6 pools, 161 pgs
    objects: 36 objects, 23 KiB
    usage:   22 MiB used, 3.0 TiB / 3 TiB avail
    pgs:     161 active+clean
 
  io:
    client:   853 B/s rd, 1 op/s rd, 0 op/s wr

sh-4.4$ ceph version --conf=/var/lib/rook/openshift-storage/openshift-storage.config --name=client.cephclient-health-checker-storageconsumer-578016bd-cc34-413d-904f-707f0784d4d9 --keyring=/var/lib/rook/openshift-storage/client.cephclient-health-checker-storageconsumer-578016bd-cc34-413d-904f-707f0784d4d9.keyring
ceph version 16.2.7-71.el8cp (4c975536861fc39c429045d66a6dba5a00753b9f) pacific (stable)



 =======================================================================================================================
In the current setup, The consumer is connected to the provider.

Hence moving this BZ to verified