Description of problem: See the following details. Version-Release number of the following components: # ./openshift-install version ./openshift-install v0.8.0-master-2-g5e7b36d6351c9cc773f1dadc64abf9d7041151b1 How reproducible: Always Steps to Reproduce: 1. Trigger an install 2. Input a wrong pull secret on purpose 3. Actual results: Installation is started, and failed with "Kubernetes API not ready" error. User wait the installation for a while, and the error message did not give user any hint about where is wrong, have to login bootstrap node for trouble-shooting until get the following message: $ journalctl -b -f -u bootkube.service -- Logs begin at Wed 2018-12-26 07:42:19 UTC. -- Dec 26 08:07:24 ip-10-0-13-128 systemd[1]: bootkube.service holdoff time over, scheduling restart. Dec 26 08:07:24 ip-10-0-13-128 systemd[1]: Stopped Bootstrap a Kubernetes cluster. Dec 26 08:07:24 ip-10-0-13-128 systemd[1]: Started Bootstrap a Kubernetes cluster. Dec 26 08:07:32 ip-10-0-13-128 bootkube.sh[4068]: Starting etcd certificate signer... Dec 26 08:07:32 ip-10-0-13-128 bootkube.sh[4068]: Trying to pull quay.io/coreos/kube-etcd-signer-server:678cc8e6841e2121ebfdb6e2db568fce290b67d6...Failed Dec 26 08:07:32 ip-10-0-13-128 bootkube.sh[4068]: unable to pull quay.io/coreos/kube-etcd-signer-server:678cc8e6841e2121ebfdb6e2db568fce290b67d6: unable to pull image: Error initializing source docker://quay.io/coreos/kube-etcd-signer-server:678cc8e6841e2121ebfdb6e2db568fce290b67d6: error getting username and password: illegal base64 data at input byte 168 Dec 26 08:07:32 ip-10-0-13-128 bootkube.sh[4068]: unable to find container etcd-signer: no container with name or ID etcd-signer found: no such container Dec 26 08:07:32 ip-10-0-13-128 systemd[1]: bootkube.service: main process exited, code=exited, status=125/n/a Dec 26 08:07:32 ip-10-0-13-128 systemd[1]: Unit bootkube.service entered failed state. Dec 26 08:07:32 ip-10-0-13-128 systemd[1]: bootkube.service failed. Dec 26 08:07:37 ip-10-0-13-128 systemd[1]: bootkube.service holdoff time over, scheduling restart. Dec 26 08:07:37 ip-10-0-13-128 systemd[1]: Stopped Bootstrap a Kubernetes cluster. Dec 26 08:07:37 ip-10-0-13-128 systemd[1]: Started Bootstrap a Kubernetes cluster. Expected results: installer should detect the inputted pull secret invalid, and notify user in advance. Additional info: Please attach logs from ansible-playbook with the -vvv flag
Dup of [1]. There are a number of potential changes that might give us installer-host-side checks for the pull secret (for at least some of its tokens). For example, installer-side credentials operator invocation [2] or RHCOS build extraction [3]. [1]: https://github.com/openshift/installer/issues/901 [2]: https://github.com/openshift/installer/issues/1010 [3]: https://github.com/openshift/installer/issues/987
[1] will give us some pull-secret validation once it (or something like it) lands. [1]: https://github.com/openshift/installer/pull/1286
This will not be fixed any time soon.
*** Bug 1814814 has been marked as a duplicate of this bug. ***