1692290 – After adding many IPDs to oauth/cluster at one time,the pods in openshift-authentication ns restarting constantly

Bug 1692290 - After adding many IPDs to oauth/cluster at one time,the pods in openshift-authentication ns restarting constantly

Summary: After adding many IPDs to oauth/cluster at one time,the pods in openshift-aut...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	apiserver-auth
Sub Component:
Version:	4.1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	urgent
Severity:	urgent
Target Milestone:	---
Target Release:	4.1.0
Assignee:	Standa Laznicka
QA Contact:	scheng
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2019-03-25 09:38 UTC by scheng
Modified:	2019-06-04 10:46 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-06-04 10:46:25 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2019:0758	0	None	None	None	2019-06-04 10:46:33 UTC

Comment 1 Erica von Buelow 2019-04-15 14:36:58 UTC

We've made some changes to the cluster-authentication-operator. Can you check this issue still occurs as described?

Comment 2 scheng 2019-04-16 05:16:12 UTC

I have test this again with ci build images(there is no successful nightly build images recently),this issue still occurs.

Comment 3 Erica von Buelow 2019-04-16 14:08:09 UTC

Assigning to mrogers (auth-frontline this week) to look into

Comment 4 Erica von Buelow 2019-04-23 13:12:07 UTC

Assigning to sally (auth-frontline this week) to look into

Comment 5 Erica von Buelow 2019-04-25 18:04:16 UTC

I replicated this using multiple htpasswd configurations. At first I thought it was just making unnecessary updates to the deployment as the secrets were copied from openshift-config but would eventually settle. However, I'm not seeing it stabilize at all and continues to redeploy. I suspect something is wrong in how we compute the hashes for triggering redeployment. Will continue to investigate.

Comment 7 Mo 2019-04-29 13:07:17 UTC

https://github.com/openshift/cluster-authentication-operator/pull/120

Comment 9 scheng 2019-04-30 07:56:22 UTC

Verified.

# oc get co authentication
NAME             VERSION                             AVAILABLE   PROGRESSING   DEGRADED   SINCE
authentication   4.1.0-0.nightly-2019-04-29-232817   True        False         False      21m

Comment 11 errata-xmlrpc 2019-06-04 10:46:25 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0758

Note You need to log in before you can comment on or make changes to this bug.