Bug 1692290 - After adding many IPDs to oauth/cluster at one time,the pods in openshift-authentication ns restarting constantly
Summary: After adding many IPDs to oauth/cluster at one time,the pods in openshift-aut...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: apiserver-auth
Version: 4.1.0
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: ---
: 4.1.0
Assignee: Standa Laznicka
QA Contact: scheng
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-03-25 09:38 UTC by scheng
Modified: 2019-06-04 10:46 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-06-04 10:46:25 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2019:0758 0 None None None 2019-06-04 10:46:33 UTC

Comment 1 Erica von Buelow 2019-04-15 14:36:58 UTC
We've made some changes to the cluster-authentication-operator. Can you check this issue still occurs as described?

Comment 2 scheng 2019-04-16 05:16:12 UTC
I have test this again with ci build images(there is no successful nightly build images recently),this issue still occurs.

Comment 3 Erica von Buelow 2019-04-16 14:08:09 UTC
Assigning to mrogers (auth-frontline this week) to look into

Comment 4 Erica von Buelow 2019-04-23 13:12:07 UTC
Assigning to sally (auth-frontline this week) to look into

Comment 5 Erica von Buelow 2019-04-25 18:04:16 UTC
I replicated this using multiple htpasswd configurations. At first I thought it was just making unnecessary updates to the deployment as the secrets were copied from openshift-config but would eventually settle. However, I'm not seeing it stabilize at all and continues to redeploy. I suspect something is wrong in how we compute the hashes for triggering redeployment. Will continue to investigate.

Comment 9 scheng 2019-04-30 07:56:22 UTC
Verified.

# oc get co authentication
NAME             VERSION                             AVAILABLE   PROGRESSING   DEGRADED   SINCE
authentication   4.1.0-0.nightly-2019-04-29-232817   True        False         False      21m

Comment 11 errata-xmlrpc 2019-06-04 10:46:25 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0758


Note You need to log in before you can comment on or make changes to this bug.