This setting is unsupported. Upgradeable should immediately go to false and we probably want to set degraded as well. The cluster kept working in this case, but we don't want people confused about what it does to a cluster.
With https://github.com/openshift/cluster-kube-apiserver-operator/pull/505 every cluster will be degraded and not upgradable.
The code is already there, creating the configmap in linked PR indeed set the cluster upgradeable to false. Moving to QA to verify.
(In reply to Michal Fojtik from comment #2) > The code is already there, creating the configmap in linked PR indeed set > the cluster upgradeable to false. Moving to QA to verify. Checked latest 4.1.0-0.nightly-2019-08-14-043700 env, per the Doc Text's Fix part, the co/kube-apiserver does not have change Upgradeable (status is True) before and after creating below: oc create -f - << EOF apiVersion: v1 kind: ConfigMap metadata: name: unsupported-cert-rotation-config namespace: openshift-config data: base: 1m EOF Could you please give some hint if above verification is wrong.
Sorry, made a mistake; this bug target release is 4.2; should use 4.2 env to test later
Verified in latest 4.2.0-0.nightly-2019-08-15-033605 env. After creating unsupported-cert-rotation-config, co/kube-apiserver yaml shows Upgradeable is False: - lastTransitionTime: "2019-08-15T06:59:53Z" message: 'CertRotationTimeUpgradeable: configmap["openshift-config"]/unsupported-cert-rotation-config .data["base"]=="1m"' reason: CertRotationTimeUpgradeableCertRotationBaseOverridden status: "False" type: Upgradeable
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:2922