Bug 1877234 - Drop recovery apiserver
Summary: Drop recovery apiserver
Keywords:
Status: VERIFIED
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: kube-apiserver
Version: 4.6
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.6.0
Assignee: Tomáš Nožička
QA Contact: Xingxing Xia
URL:
Whiteboard:
Depends On: 1710766
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-09-09 07:38 UTC by Tomáš Nožička
Modified: 2020-09-24 12:08 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github openshift cluster-kube-apiserver-operator pull 946 None open Bug 1877234: Drop recovery apiserver 2020-09-21 14:23:27 UTC

Description Tomáš Nožička 2020-09-09 07:38:34 UTC
We don't need recovery apiserver anymore with auto-recovery. We want to avoid customers accidentally running it and maintenance.

Comment 4 Xingxing Xia 2020-09-24 12:08:37 UTC
In version that does not apply the dropping:
$ RELEASE_IMAGE=registry.svc.ci.openshift.org/ocp/release:4.5.0-0.nightly-2020-09-24-094317
$ KAO_IMAGE=$(oc adm release info ${RELEASE_IMAGE} --image-for=cluster-kube-apiserver-operator )
$ podman pull "${KAO_IMAGE}"
$ podman run -it --entrypoint=/usr/bin/cluster-kube-apiserver-operator "${KAO_IMAGE}" --help
...
Available Commands:
  ...
  recovery-apiserver
  regenerate-certificates
  ...

In version that merges the dropping, commands recovery-apiserver and regenerate-certificates are removed:
$ RELEASE_IMAGE=registry.svc.ci.openshift.org/ocp/release:4.6.0-0.nightly-2020-09-24-111253
$ KAO_IMAGE=$(oc adm release info ${RELEASE_IMAGE} --image-for=cluster-kube-apiserver-operator )
$ podman pull "${KAO_IMAGE}"
...
Available Commands:
  cert-regeneration-controller Start the Cluster Certificate Regeneration Controller
  cert-syncer
  check-endpoints              Checks that a tcp connection can be opened to one or more endpoints.
  help                         Help about any command
  insecure-readyz              Proxy the /readyz endpoint insecurely on an HTTP port
  installer                    Install static pod and related resources
  operator                     Start the Cluster kube-apiserver Operator
  prune                        Prune static pod installer revisions
  render                       Render kubernetes API server bootstrap manifests, secrets and configMaps
  resource-graph               Provides an often out-dated snapshot of where resources come from.

Flags:
...

In version that merges the dropping, recent cert DR has no issue, e.g. 4.6.0-0.nightly-2020-09-17-073141 in 1880396#c0 DR test.


Note You need to log in before you can comment on or make changes to this bug.