Created attachment 1683273 [details] controller-manager logs Description of problem: On disconnect cluster, Imagestreams which are not managed by samples operator keep import failed due to 'not find any tags or repository needing import' Version-Release number of selected component (if applicable): 4.5.0-0.nightly-2020-04-29-231711 How reproducible: always Steps to Reproduce: 1.Check the imagestreams which are not managed by samples operator in disconnect cluster 2. 3. Actual results: $oc describe is tests -n openshift -o yaml Error: unknown shorthand flag: 'o' in -o See 'oc describe --help' for usage. [wxj@console kubeconfig]$ oc get is tests -n openshift -o yaml apiVersion: image.openshift.io/v1 kind: ImageStream metadata: creationTimestamp: "2020-04-30T04:23:01Z" generation: 2 managedFields: - apiVersion: image.openshift.io/v1 fieldsType: FieldsV1 fieldsV1: f:spec: f:tags: .: {} k:{"name":"latest"}: .: {} f:annotations: {} f:from: .: {} f:kind: {} f:name: {} f:generation: {} f:importPolicy: .: {} f:scheduled: {} f:name: {} f:referencePolicy: .: {} f:type: {} f:status: f:publicDockerImageRepository: {} manager: cluster-version-operator operation: Update time: "2020-04-30T07:24:06Z" name: tests namespace: openshift resourceVersion: "88332" selfLink: /apis/image.openshift.io/v1/namespaces/openshift/imagestreams/tests uid: 6cc44927-157e-4456-9303-509622408735 spec: lookupPolicy: local: false tags: - annotations: null from: kind: DockerImage name: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5a97dbe61859fe84b6606de365c809f800e1048f7deed62249118f91e5d6a9ff generation: 2 importPolicy: scheduled: true name: latest referencePolicy: type: Source status: dockerImageRepository: image-registry.openshift-image-registry.svc:5000/openshift/tests publicDockerImageRepository: default-route-openshift-image-registry.apps.qe-hashadebug1.qe.gcp.devcluster.openshift.com/openshift/tests tags: - conditions: - generation: 2 lastTransitionTime: "2020-04-30T04:23:46Z" message: 'Internal error occurred: [qe-hashadebug1.mirror-registry.qe.gcp.devcluster.openshift.com:5000/ocp/release@sha256:5a97dbe61859fe84b6606de365c809f800e1048f7deed62249118f91e5d6a9ff: Get https://qe-hashadebug1.mirror-registry.qe.gcp.devcluster.openshift.com:5000/v2/: x509: certificate signed by unknown authority, quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:5a97dbe61859fe84b6606de365c809f800e1048f7deed62249118f91e5d6a9ff: Get https://quay.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)]' reason: InternalError status: "False" type: ImportSuccess items: null tag: latest Expected results: Should import succeed automaticlly. Additional info: Logs of controller manager: 853 I0430 10:49:38.368359 1 image_trigger_controller.go:347] Started syncing image stream "openshift/tests" 854 I0430 10:49:38.368378 1 image_trigger_controller.go:349] Finished syncing image stream "openshift/tests" (36.511µs) 855 I0430 10:49:38.368389 1 imagestream_controller.go:161] Queued import of stream openshift/installer-artifacts... 856 I0430 10:49:38.368399 1 imagestream_controller.go:161] Queued import of stream openshift/tests... 857 I0430 10:49:38.368400 1 imagestream_controller.go:266] Importing stream openshift/installer-artifacts partial=true... 858 I0430 10:49:38.368407 1 imagestream_controller.go:266] Importing stream openshift/tests partial=true... 859 I0430 10:49:38.368421 1 imagestream_controller.go:300] Did not find any tags or repository needing import 860 I0430 10:49:38.368424 1 imagestream_controller.go:300] Did not find any tags or repository needing import
Have you added certificates for qe-hashadebug1.mirror-registry.qe.gcp.devcluster.openshift.com:5000 to image.config's additionalTrutedCA?
@Oleg Yes, have added, see details in https://bugzilla.redhat.com/show_bug.cgi?id=1818476#c14 . I could import them successfully by manual at same time.
Please attach the content of image.config.openshift.io/cluster as well as the configmap where the additional CA bundle has been placed.
@Ricardo Here is the info you need https://privatebin-it-iso.int.open.paas.redhat.com/?7e8b6bded3d347b7#o6nWqa2Jpdsryni8yyCmvzt8B6dUZfojwVXFjrxkcZc=
Could you attach the information to this BZ? I have tried to reach your link but it asked for a password that I don't have.
Created attachment 1686466 [details] content of configmap @Ricardo Sorry, my mistake, I used a private pastbin tool.
Installed a disconnect cluster 4.5.0-0.nightly-2020-05-27-202943, check the imagestreams which are not managed by samples operator. $oc describe is must-gather -n openshift Name: must-gather Namespace: openshift Created: 2 hours ago Labels: <none> Annotations: <none> Image Repository: <none> Image Lookup: local=false Unique Images: 0 Tags: 1 latest updates automatically from registry quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:182c1636631667895687640c739dd1b6a266ca0eb381a75cf8ea39a1cbed9b84 ! error: Import failed (InternalError): Internal error occurred: [vsphere.mirror-registry.qe.devcluster.openshift.com:5000/ocp/release@sha256:182c1636631667895687640c739dd1b6a266ca0eb381a75cf8ea39a1cbed9b84: Get https://vsphere.mirror-registry.qe.devcluster.openshift.com:5000/v2/: x509: certificate signed by unknown authority, quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:182c1636631667895687640c739dd1b6a266ca0eb381a75cf8ea39a1cbed9b84: Get https://quay.io/v2/: dial tcp: lookup quay.io on 172.30.0.10:53: read udp 10.129.0.12:43612->172.30.0.10:53: i/o timeout] 2 hours ago $oc describe is must-gather -n openshift Name: must-gather Namespace: openshift Created: 3 hours ago Labels: <none> Annotations: openshift.io/image.dockerRepositoryCheck=2020-05-28T06:05:29Z Image Repository: <none> Image Lookup: local=false Unique Images: 1 Tags: 1 latest updates automatically from registry quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:182c1636631667895687640c739dd1b6a266ca0eb381a75cf8ea39a1cbed9b84 * quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:182c1636631667895687640c739dd1b6a266ca0eb381a75cf8ea39a1cbed9b84 3 minutes ago $oc get is must-gather -n openshift -o yaml apiVersion: image.openshift.io/v1 kind: ImageStream metadata: annotations: openshift.io/image.dockerRepositoryCheck: "2020-05-28T06:05:29Z" creationTimestamp: "2020-05-28T03:25:20Z" generation: 3 managedFields: - apiVersion: image.openshift.io/v1 fieldsType: FieldsV1 fieldsV1: f:spec: f:tags: .: {} k:{"name":"latest"}: .: {} f:annotations: {} f:from: .: {} f:kind: {} f:name: {} f:generation: {} f:importPolicy: .: {} f:scheduled: {} f:name: {} f:referencePolicy: .: {} f:type: {} manager: cluster-version-operator operation: Update time: "2020-05-28T05:49:28Z" name: must-gather namespace: openshift resourceVersion: "85214" selfLink: /apis/image.openshift.io/v1/namespaces/openshift/imagestreams/must-gather uid: f1a08f0d-6df1-4ea7-a2f3-747fea8dfb6a spec: lookupPolicy: local: false tags: - annotations: null from: kind: DockerImage name: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:182c1636631667895687640c739dd1b6a266ca0eb381a75cf8ea39a1cbed9b84 generation: 3 importPolicy: scheduled: true name: latest referencePolicy: type: Source status: dockerImageRepository: "" tags: - items: - created: "2020-05-28T06:05:29Z" dockerImageReference: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:182c1636631667895687640c739dd1b6a266ca0eb381a75cf8ea39a1cbed9b84 generation: 3 image: sha256:182c1636631667895687640c739dd1b6a266ca0eb381a75cf8ea39a1cbed9b84 tag: latest
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:2409