Description of problem: After running redeploy-certificates.yml playbook the grafana, alertmanager and prometheus routes don't work anymore, I get an "Application is not available" error message. Workaround: deleting the "*-tls" secrets in openshift-monitoring namespace and restarting the pods solves the issue as the secrets get re-created by the operator. Version-Release number of the following components: $ rpm -q openshift-ansible openshift-ansible-3.11.92-1.git.0.f2fade7.el7.noarch $ rpm -q ansible ansible-2.6.15-1.el7ae.noarch ansible --version ansible 2.6.15 How reproducible: Always Steps to Reproduce: 1. ansible-playbook -i hosts /usr/share/ansible/openshift-ansible/playbooks/redeploy-certificates.yml 2. try accessing 3. Actual results: An error message stating "Application is not available" is shown instead of accessing the requested resource. Expected results: The redeploy-certificates.yml playbook should take care of this. Additional info: N/A
Created PR for 3.11 https://github.com/openshift/openshift-ansible/pull/11472 - it removes TLS secrets, deletes pods and waits for pods to come up
Created attachment 1555405 [details] received an invalid certificate
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0794