Bug 1877234 - Drop recovery apiserver
Summary: Drop recovery apiserver
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: kube-apiserver
Version: 4.6
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.6.0
Assignee: Tomáš Nožička
QA Contact: Xingxing Xia
URL:
Whiteboard:
Depends On: 1710766
Blocks:
TreeView+ depends on / blocked
 
Reported: 2020-09-09 07:38 UTC by Tomáš Nožička
Modified: 2020-10-27 16:39 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2020-10-27 16:39:14 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift cluster-kube-apiserver-operator pull 946 0 None closed Bug 1877234: Drop recovery apiserver 2021-01-20 00:53:28 UTC
Red Hat Product Errata RHBA-2020:4196 0 None None None 2020-10-27 16:39:17 UTC

Description Tomáš Nožička 2020-09-09 07:38:34 UTC
We don't need recovery apiserver anymore with auto-recovery. We want to avoid customers accidentally running it and maintenance.

Comment 4 Xingxing Xia 2020-09-24 12:08:37 UTC
In version that does not apply the dropping:
$ RELEASE_IMAGE=registry.svc.ci.openshift.org/ocp/release:4.5.0-0.nightly-2020-09-24-094317
$ KAO_IMAGE=$(oc adm release info ${RELEASE_IMAGE} --image-for=cluster-kube-apiserver-operator )
$ podman pull "${KAO_IMAGE}"
$ podman run -it --entrypoint=/usr/bin/cluster-kube-apiserver-operator "${KAO_IMAGE}" --help
...
Available Commands:
  ...
  recovery-apiserver
  regenerate-certificates
  ...

In version that merges the dropping, commands recovery-apiserver and regenerate-certificates are removed:
$ RELEASE_IMAGE=registry.svc.ci.openshift.org/ocp/release:4.6.0-0.nightly-2020-09-24-111253
$ KAO_IMAGE=$(oc adm release info ${RELEASE_IMAGE} --image-for=cluster-kube-apiserver-operator )
$ podman pull "${KAO_IMAGE}"
...
Available Commands:
  cert-regeneration-controller Start the Cluster Certificate Regeneration Controller
  cert-syncer
  check-endpoints              Checks that a tcp connection can be opened to one or more endpoints.
  help                         Help about any command
  insecure-readyz              Proxy the /readyz endpoint insecurely on an HTTP port
  installer                    Install static pod and related resources
  operator                     Start the Cluster kube-apiserver Operator
  prune                        Prune static pod installer revisions
  render                       Render kubernetes API server bootstrap manifests, secrets and configMaps
  resource-graph               Provides an often out-dated snapshot of where resources come from.

Flags:
...

In version that merges the dropping, recent cert DR has no issue, e.g. 4.6.0-0.nightly-2020-09-17-073141 in 1880396#c0 DR test.

Comment 7 errata-xmlrpc 2020-10-27 16:39:14 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.6 GA Images), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:4196


Note You need to log in before you can comment on or make changes to this bug.