Description of problem: IPv6 enabled clusters on AWS fail to have their CSRs automatically approved because: - The AWS actuator does not include IPv6 addresses in the Machine status, which the cluster-machine-approver requires. - The cluster-machine-approver fails to connect to IPv6 addresses to retrieve the current serving certificate. Version-Release number of selected component (if applicable): - 4.4 How reproducible: - Always Steps to Reproduce: 1. Create an IPv6 enabled AWS cluster. 2. Initial nodes are always approved during bootstrap. 3. Add a new node / machine by scaling a MachineSet up. 4. The new node will not have its CSR approved automatically. Actual results: - IPv6 enabled AWS nodes do not have certificates automatically approved. Expected results: - IPv6 enabled AWS nodes do have certificates automatically approved. Additional info: - IPv6 support is not yet finished, and only certain custom builds have it enabled.
- Fixes for 4.4 release: https://github.com/openshift/cluster-api-provider-aws/pull/282 https://github.com/openshift/cluster-machine-approver/pull/61