Bug 1743728 - 4.2.0-0.nightly-2019-08-19-161103 install completes with invalid URL for console on Azure
Summary: 4.2.0-0.nightly-2019-08-19-161103 install completes with invalid URL for cons...
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Cloud Credential Operator
Version: 4.2.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.2.0
Assignee: Devan Goodwin
QA Contact: Oleg Nesterov
: 1734167 1741957 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2019-08-20 14:39 UTC by Mike Gahagan
Modified: 2019-10-16 06:36 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2019-10-16 06:36:40 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift cloud-credential-operator pull 105 0 'None' 'closed' 'Bug 1743728: pkg/azure: also provide operators access to the resource group containing public DNS zone' 2019-11-20 18:16:23 UTC
Red Hat Product Errata RHBA-2019:2922 0 None None None 2019-10-16 06:36:53 UTC

Description Mike Gahagan 2019-08-20 14:39:07 UTC
Description of problem:

Openshift-install successfully creates cluster but the dns name of the console URL is invalid. This is a regression compared to nightlys from the previous week.

Version-Release number of the following components:

How reproducible:
Steps to Reproduce:
1. Install cluster on Azure (used centralus region but not sure that matters)
2. try to use web console url which fails because the hostname does not resolve

Actual results:

[m@dhcp145-160 42_azure_install]$ ./openshift-install create cluster --dir cluster/mgahagan-092008
INFO Creating infrastructure resources...         
INFO Waiting up to 30m0s for the Kubernetes API at https://api.mgahagan-092008.qe.azure.devcluster.openshift.com:6443... 
INFO API v1.14.0+40a2047 up                       
INFO Waiting up to 30m0s for bootstrapping to complete... 
INFO Destroying the bootstrap resources...        
INFO Waiting up to 30m0s for the cluster at https://api.mgahagan-092008.qe.azure.devcluster.openshift.com:6443 to initialize... 
INFO Waiting up to 10m0s for the openshift-console route to be created... 
INFO Install complete!                            
INFO To access the cluster as the system:admin user when using 'oc', run 'export KUBECONFIG=/home/m/42_azure_install/cluster/mgahagan-092008/auth/kubeconfig' 
INFO Access the OpenShift web-console here: https://console-openshift-console.apps.mgahagan-092008.qe.azure.devcluster.openshift.com 
INFO Login to the console with user: kubeadmin, password: 6zHBn-tpFnS-SM3DR-GAkkH 
[m@dhcp145-160 42_azure_install]$ host api.mgahagan-092008.qe.azure.devcluster.openshift.com
api.mgahagan-092008.qe.azure.devcluster.openshift.com is an alias for mgahagan-092008-9m88c.centralus.cloudapp.azure.com.
mgahagan-092008-9m88c.centralus.cloudapp.azure.com has address
[m@dhcp145-160 42_azure_install]$ host console-openshift-console.apps.mgahagan-092008.qe.azure.devcluster.openshift.com
Host console-openshift-console.apps.mgahagan-092008.qe.azure.devcluster.openshift.com not found: 3(NXDOMAIN)

cluster is functional using oc and other related tools

Expected results:

web console is resolvable.

Comment 1 Abhinav Dahiya 2019-08-20 16:34:02 UTC
*** Bug 1741957 has been marked as a duplicate of this bug. ***

Comment 2 Abhinav Dahiya 2019-08-20 16:35:48 UTC
> https://bugzilla.redhat.com/show_bug.cgi?id=1741957#c2

cred-minter is providing ingress credentials that do have access to the public DNS zone in a separate resource group from the cluster's resource group.

Comment 3 Miciah Dashiel Butler Masters 2019-08-21 00:57:33 UTC
*** Bug 1734167 has been marked as a duplicate of this bug. ***

Comment 4 Nick Stielau 2019-08-21 21:50:18 UTC
Was the fix here code in cred-minter, or using a different credential?

This is kind of by-design with the new cred minter right? You can't isolate credentials and have them reach externally as well, can you?

Comment 6 Oleg Nesterov 2019-08-23 04:59:48 UTC
Verified on 4.2.0-0.nightly-2019-08-22-201424

Comment 7 errata-xmlrpc 2019-10-16 06:36:40 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.