1779666 – Can't create Azure worker nodes without managed identity (4.4)

Bug 1779666 - Can't create Azure worker nodes without managed identity (4.4)

Summary: Can't create Azure worker nodes without managed identity (4.4)

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Cloud Compute
Sub Component:
Version:	4.4
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	4.4.0
Assignee:	Alberto
QA Contact:	Jianwei Hou
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1779665
TreeView+	depends on / blocked

Reported:	2019-12-04 13:28 UTC by Jim Minter
Modified:	2020-05-15 15:52 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-05-15 15:52:11 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	openshift cluster-api-provider-azure pull 95	0	'None'	closed	Bug 1779666: Can't create Azure worker nodes without managed identity (4.4)	2020-05-25 16:57:49 UTC

Description Jim Minter 2019-12-04 13:28:47 UTC

Currently the Azure actuator validates to ensure that user managed identity is enabled for all VMs it creates.

Azure Red Hat OpenShift needs to be able to create 4.4 clusters without user managed identity as part of required security architecture modifications for the service.

Comment 2 Jianwei Hou 2019-12-20 06:42:30 UTC

Verified in 4.4.0-0.nightly-2019-12-19-223334

The IPI installer creates the machineSet with managedIdentity on Azure, to verify this, I removed the managedIdentity from a machineSet providerSpec then scale it up. Machine and VM are provisioned successfully.

Note You need to log in before you can comment on or make changes to this bug.