1853519 – node client cert requests armoring: deny pod's access to /config/master API endpoint

Bug 1853519 - node client cert requests armoring: deny pod's access to /config/master API endpoint

Summary: node client cert requests armoring: deny pod's access to /config/master API e...

Keywords:
Status:	CLOSED DUPLICATE of bug 1862171
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Node
Sub Component:
Version:	4.2.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Urvashi Mohnani
QA Contact:	Sunil Choudhary
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-07-02 21:30 UTC by Joe Caiani
Modified:	2023-09-14 06:03 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:	node client cert requests armoring: deny pod's access to /config/master API endpoint
Last Closed:	2020-07-30 16:01:55 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Joe Caiani 2020-07-02 21:30:49 UTC

test:
node client cert requests armoring: deny pod's access to /config/master API endpoint 

is failing frequently in CI, see search results:
https://search.svc.ci.openshift.org/?maxAge=168h&context=1&type=bug%2Bjunit&name=&maxMatches=5&maxBytes=20971520&groupBy=job&search=node+client+cert+requests+armoring%3A+deny+pod%27s+access+to+%2Fconfig%2Fmaster+API+endpoint

Latest failure log: https://deck-ci.apps.ci.l2s4.p1.openshiftapps.com/view/gcs/origin-ci-test/logs/release-openshift-origin-installer-e2e-aws-serial-4.6/1278631074527711232

Comment 1 Ben Parees 2020-07-02 22:18:53 UTC

test failure output:
node client cert requests armoring: deny pod's access to /config/master API endpoint [Suite:openshift/conformance/parallel] expand_less 	3m11s
fail [github.com/openshift/origin/test/extended/csrapprover/csrapprover.go:48]: Unexpected error:
    <*errors.errorString | 0xc0002981d0>: {
        s: "timed out waiting for the condition",
    }
    timed out waiting for the condition
occurred

Comment 3 Ryan Phillips 2020-07-08 18:27:21 UTC

Joe: Search CI is showing a 0.16% failure rate. Do you see a job that is showing more failures?

Comment 4 Seth Jennings 2020-07-30 15:05:37 UTC

Need to backport https://github.com/openshift/origin/pull/25087 as far back as 4.2

Comment 5 Seth Jennings 2020-07-30 15:27:08 UTC

https://github.com/openshift/origin/pull/25093 backported to 4.5.  Still an issue in 4.2 through 4.4.

Comment 7 Urvashi Mohnani 2020-07-30 16:01:55 UTC


*** This bug has been marked as a duplicate of bug 1862171 ***

Comment 8 Red Hat Bugzilla 2023-09-14 06:03:26 UTC

The needinfo request[s] on this closed bug have been removed as they have been unresolved for 1000 days

Note You need to log in before you can comment on or make changes to this bug.