Bug 1573827
| Summary: | config-map is not getting updated with certs | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Rutvik <rkshirsa> |
| Component: | Service Catalog | Assignee: | Jay Boyd <jaboyd> |
| Status: | CLOSED ERRATA | QA Contact: | sunzhaohua <zhsun> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 3.7.1 | CC: | chezhang, jaboyd, jiazha, rkshirsa, zhsun, zitang |
| Target Milestone: | --- | ||
| Target Release: | 3.7.z | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
If this bug requires documentation, please select an appropriate Doc Type value.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-06-07 08:40:56 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Rutvik
2018-05-02 10:36:04 UTC
I'm fixing this with https://github.com/openshift/openshift-ansible/pull/8311 https://github.com/openshift/openshift-ansible/pull/8311 merged just now Verified
step:
1. install v3.6 with service catalog
2. upgrade to v3.7
3. oc describe cm -n kube-system
[root@qe-zhsun-36-gceeeemaster-etcd-1 ~]# oc describe cm -n kube-system
Name: extension-apiserver-authentication
Namespace: kube-system
Labels: <none>
Annotations: <none>
Data
====
client-ca-file:
----
-----BEGIN CERTIFICATE-----
MIIC6jCCAdKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDDBtvcGVu
c2hpZnQtc2lnbmVyQDE1Mjc3NTk0NjIwHhcNMTgwNTMxMDkzNzQxWhcNMjMwNTMw
MDkzNzQyWjAmMSQwIgYDVQQDDBtvcGVuc2hpZnQtc2lnbmVyQDE1Mjc3NTk0NjIw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4HApGi88o0HrkHNOhgHsN
XjNQkEji9FMJFOHBecmcHhswdDEhSvKDgfmu6bicdswPXSv+Caa2TrwLKQdzBQK0
IX/bFhNrujAYyyMzQ7zweMgPP57hSHZVO7s6KcTxYqFwTUMV71sHK8zMPFVGFU/H
nV+dLfSYGgMdOE1IR0TZEUYEYVi/8TRgGeTdYVRaaDpsogvTSwixapSFGWCyhcJK
vFvIDj4v7hJ7iVbBIJM16VqvwACnSnY4VKByrjL348kjvxvDD1/Wh/6twCfMSgPW
XjWtP0NXTqr0Dy4pxVMCFfIIkNR0m3odNp1skGtELkqWW9tvE/PDk08iz86uYUbv
AgMBAAGjIzAhMA4GA1UdDwEB/wQEAwICpDAPBgNVHRMBAf8EBTADAQH/MA0GCSqG
SIb3DQEBCwUAA4IBAQCwDSTuxLD7OonwGsg2pxitAIW49cwbHvUhb/4np8xyrDY/
hvi5qxTXHQpWSh3pTm5r8+WVQ6ivBxCsfa7Nb1olRqQhVt9GvC5ht0xTsSWncTdv
AhYEnptcN7RzHDCuT49Msw/YO+qVyJ4hcZyv4S+XUV+Iybp+HCA4H7DVt7oC+KIT
V2gGpRwNtZulfCjFhIzFFWjUR49XC9l+oZw8eB/Bo6Zdrfxx8NjsiF9wXOIPnrIk
adL8xzUbgqq8JpXxufBdU0k1HYcGQBxj0uQjt/uQ38T9Hfm1D3pFZt6OVmYD+g8i
eDzbZYd5y62tW+kt0k8lWKMGg0lSIAYd5Th22SrI
-----END CERTIFICATE-----
requestheader-allowed-names:
----
["aggregator-front-proxy"]
requestheader-client-ca-file:
----
-----BEGIN CERTIFICATE-----
MIIC6jCCAdKgAwIBAgIBATANBgkqhkiG9w0BAQsFADAmMSQwIgYDVQQDDBtvcGVu
c2hpZnQtc2lnbmVyQDE1Mjc3NjAzODYwHhcNMTgwNTMxMDk1MzA1WhcNMjMwNTMw
MDk1MzA2WjAmMSQwIgYDVQQDDBtvcGVuc2hpZnQtc2lnbmVyQDE1Mjc3NjAzODYw
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3CnPKN/+R3XQhhTcVeutq
zI6sApLmulO1hKk/UFKpKipNdXY3O2170aTufJKKmjbfvDs2iBp2Cnrwdh+8/dr9
YSIt2fdU+WLK4V5w6bjCatnaqjyiT06ySmlgTE7WETpaJXYLxE5md468AnB/9YDS
CN7zwiq6dw/ZLP2cAiTnoGSDK1lssQIR2Ceg6PKo3QOWGulCSWPw1RtbtEq1MOxj
RFIAbX3nMYTneDJhwl7+9UNelY0aOJugLlOrREkDT/6lLnUqv0OEjfX6DTtA6N8/
0rE9+VmBRxl8Oa4tw0tdPf4HxKH3Vzu6uFGA8p6//oGgu+fQA22vvUomJvA07bJv
AgMBAAGjIzAhMA4GA1UdDwEB/wQEAwICpDAPBgNVHRMBAf8EBTADAQH/MA0GCSqG
SIb3DQEBCwUAA4IBAQAKIx5yiL368ZmrFT030geP3DP4Jj51ue97Qxj3X9XXK11r
OXZmBIfj2PtnwnFjU0w9ryUkiob/bVDN3ZESmKDsAG1gef8VI2Ziqb2p7KMx1Qr3
MHZ1Qqrb+bGreoVqoO8L+nYoFkwVfDedpV1WLotfYCqKhFj+0/k3DnoT2p5ULpB2
GTyFxoKlPCBTKdbW0h/Kb5Q4A2nKISoD+mjeieAQS2Dsi2QkZlWrxu1wrFtZXeTu
hxMu1kGKYo7IMYSNmme2GY4kcR8JTfohueqk+jmo9lKX52ywfFJK8Ld/Kvsgf8Bm
OQaFAMeRtwslXfMJXlQbrmbFsbOpAw5gAwnHxVTt
-----END CERTIFICATE-----
requestheader-extra-headers-prefix:
----
["X-Remote-Extra-"]
requestheader-group-headers:
----
["X-Remote-Group"]
requestheader-username-headers:
----
["X-Remote-User"]
Name: kube-controller-manager
Namespace: kube-system
Labels: <none>
Annotations: control-plane.alpha.kubernetes.io/leader={"holderIdentity":"qe-zhsun-36-gceeeemaster-etcd-1","leaseDurationSeconds":15,"acquireTime":"2018-05-31T10:12:42Z","renewTime":"2018-05-31T10:16:17Z","leaderTr...
Data
====
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
1h 1h 1 controller-manager Normal LeaderElection qe-zhsun-36-gcemaster-etcd-1 became leader
1h 1h 1 controller-manager Normal LeaderElection qe-zhsun-36-gcemaster-etcd-1 became leader
Name: kube-scheduler
Namespace: kube-system
Labels: <none>
Annotations: control-plane.alpha.kubernetes.io/leader={"holderIdentity":"qe-zhsun-36-gcemaster-etcd-1","leaseDurationSeconds":15,"acquireTime":"2018-05-31T09:07:16Z","renewTime":"2018-05-31T10:15:45Z","leaderTrans...
Data
====
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
1h 1h 1 default-scheduler Normal LeaderElection qe-zhsun-36-gcemaster-etcd-1 became leader
1h 1h 1 default-scheduler Normal LeaderElection qe-zhsun-36-gcemaster-etcd-1 became leader
Name: openshift-master-controllers
Namespace: kube-system
Labels: <none>
Annotations: control-plane.alpha.kubernetes.io/leader={"holderIdentity":"master-qe-zhsun-36-gcemaster-etcd-1-10.240.0.56-xxbfdthc","leaseDurationSeconds":15,"acquireTime":"2018-05-31T09:08:00Z","renewTime":"2018-0...
Data
====
Events:
FirstSeen LastSeen Count From SubObjectPath Type Reason Message
--------- -------- ----- ---- ------------- -------- ------ -------
1h 1h 1 openshift-master-controllers Normal LeaderElection master-qe-zhsun-36-gcemaster-etcd-1-10.240.0.56-wsb8bmmh became leader
1h 1h 1 openshift-master-controllers Normal LeaderElection master-qe-zhsun-36-gcemaster-etcd-1-10.240.0.56-xxbfdthc became leader
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2018:1798 |