To debug install problems, the install-gather tool needs to add functionality for 1. de-conflict container names so that container logs are not lost. Perhaps "prettyName-ID" 2. names and namespaces of secrets. I don't have to have the content, but we need to know what exists and what doesn't to determine which piece of the multi-stage flow is broken.
(In reply to David Eads from comment #0) > 2. names and namespaces of secrets. I don't have to have the content, but we > need to know what exists and what doesn't to determine which piece of the > multi-stage flow is broken. a) what sources can the install-gather script use to fetch these secrets. From the disk on bootstrap node `/opt/openshift` or from the API? b) there have been concerns around gathering secrets? How do you recommend we collect that information without leaking those? c) Why do you need the gather script to collect if secrets "exists" to debug. shouldn't the container logs provide information on what secrets it was looking for that it couldn't find?
a) use the API the way you gather the other resources b) sos tool uses a post-processing regex to remove secrets. must-gather elides like this: https://github.com/openshift/must-gather/blob/master/pkg/cmd/inspect/secret.go#L75-L85 c) It's the difference between hours and seconds in terms of knowing where a failure happens. Most of these are optional and tolerated. The behavior of the system is driven based on what is available. Also keep in mind that logs are essentially streams of diffs that allow you to painstakingly, with information from multiple operators, from logs which may or may not exist, rebuild current state. Or someone can provide the output `oc get secrets --all-namespaces <something to dump all annotations>` and save the hours of work per instance.
It looks like both of these have already been addressed.