Bug 2271580

Summary: MCG operator fails to communicate via TLS due to an x509 error
Product: [Red Hat Storage] Red Hat OpenShift Data Foundation Reporter: Ben Eli <belimele>
Component: Multi-Cloud Object GatewayAssignee: Ben Eli <belimele>
Status: ON_QA --- QA Contact: Mahesh Shetty <mashetty>
Severity: high Docs Contact:
Priority: unspecified    
Version: 4.15CC: ebenahar, lmauda, nbecker, odf-bz-bot, sheggodu, vavuthu
Target Milestone: ---   
Target Release: ODF 4.15.8   
Hardware: All   
OS: Unspecified   
Whiteboard:
Fixed In Version: 4.15.8-1 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 2246375    

Description Ben Eli 2024-03-26 11:44:52 UTC 
Description of problem (please be detailed as possible and provide log
snippests):
When the MCG operator tries to contact external domains (e.g. google.com, azure.com), it fails with an x509 TLS error.
This is mostly seen when the operator tries to create its default backingstore over any cloud service.
The error happens due to a race condition revolving around the timing of the cluster-provided CA-bundlo injection


Version of all relevant components (if applicable):
ODF 4.15

Does this issue impact your ability to continue to work with the product
(please explain in detail what is the user impact)?
Yes, the operator will not be able to create the default backingstore as long as the problem persists


Is there any workaround available to the best of your knowledge?
Restarting the operator pod a few minutes after its deployment

Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?
3

Can this issue reproducible?
Inconsistently

Can this issue reproduce from the UI?
NA

If this is a regression, please provide more details to justify this:
NA

Steps to Reproduce:
1. Deploy ODF over a cloud service

Actual results:
Deployment is blocked since MCG fails to create a default cloud backingstore

Expected results:
Deployment is successful

Additional info:
Comment 3 krishnaram Karthick 2024-05-02 11:44:33 UTC 
what are the steps to reproduce/verify this issue?
Comment 4 krishnaram Karthick 2024-05-02 11:47:15 UTC 
Moving the bug to 4.15.4. we need to understand why this fix is important enough to be backported.
Comment 5 Nimrod Becker 2024-05-02 12:15:12 UTC 
Deployments on Azure, make sure the default BS is working.
Comment 6 Ben Eli 2024-05-27 10:55:19 UTC 
*** Bug 2268429 has been marked as a duplicate of this bug. ***
Comment 7 Ben Eli 2024-05-27 10:55:32 UTC 
*** Bug 2269379 has been marked as a duplicate of this bug. ***
Comment 12 Sunil Kumar Acharya 2024-10-08 05:15:46 UTC 
Please backport the fix to ODF-4.15 and upd ate the RDT flag appropriately.