Description of problem: In 4.3, we made the cluster-authentication-operator redeploy oauth-server pods when the kubeadmin user gets disabled in order to be able to advertise the token endpoint in case only login flows are available. This redeploy does not take place immediately though, as it should. Version-Release number of selected component (if applicable): 4.3 How reproducible: Always Steps to Reproduce: 1. $ watch oc pods -n openshift-authentication 2. $ oc delete secret -n kube-system kubeadmin Actual results: Pods are not redeployed immediately, it can take several minutes for the operator to notice Expected results: Pods get redeployed immediately once the secret is deleted
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:0581