When cert-rotation happens we have no clear information when and why it happened, or why it failed, or what kind of problems it had.
This should be fixed when https://github.com/openshift/cluster-kube-controller-manager-operator/pull/314 merges
Confrimed with payload: 4.2.0-0.nightly-2020-05-05-113123, the issue has fixed: [root@dhcp-140-138 roottest]# oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.2.0-0.nightly-2020-05-05-113123 True False 102m Cluster version is 4.2.0-0.nightly-2020-05-05-113123 [root@dhcp-140-138 roottest]# oc get events |grep -i certificate 44m Normal CertificateUpdated pod/kube-controller-manager-ip-10-0-141-223.us-east-2.compute.internal Wrote updated configmap: openshift-kube-controller-manager/client-ca 41m Normal CertificateUpdated pod/kube-controller-manager-ip-10-0-141-223.us-east-2.compute.internal Wrote updated configmap: openshift-kube-controller-manager/aggregator-client-ca
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:2023