This is a BZ to track the Apps Domain enhancement (https://github.com/openshift/enhancements/pull/432) for release 4.7. Additional Info: https://issues.redhat.com/browse/RFE-952 https://issues.redhat.com/browse/RFE-1033 https://github.com/openshift/api/pull/769 https://github.com/openshift/cluster-openshift-apiserver-operator/pull/409
Tested with 4.7.0-0.nightly-2020-11-12-200927 but both "oc edit" and "oc patch" cannot add the new appsDomain to ingresses.config/cluster. Am I missing something? # oc edit ingresses.config/cluster -oyaml # adding appsDomain and saved # oc get ingresses.config/cluster -oyaml <--snip---> spec: domain: apps.hongli-az47.qe.azure.devcluster.openshift.com status: {} # oc patch ingresses.config/cluster -p '{"spec":{"appsDomain":"apps.fidata.io"}}' --type=merge ingress.config.openshift.io/cluster patched (no change) # oc get ingresses.config/cluster -oyaml apiVersion: config.openshift.io/v1 kind: Ingress metadata: creationTimestamp: "2020-11-17T01:14:42Z" generation: 1 managedFields: - apiVersion: config.openshift.io/v1 fieldsType: FieldsV1 fieldsV1: f:spec: .: {} f:domain: {} f:status: {} manager: cluster-bootstrap operation: Update time: "2020-11-17T01:14:42Z" name: cluster resourceVersion: "525" selfLink: /apis/config.openshift.io/v1/ingresses/cluster uid: a4367ff2-75b9-44b6-92f7-d74bc85eb196 spec: domain: apps.hongli-az47.qe.azure.devcluster.openshift.com status: {}
Tested with 4.7.0-0.nightly-2020-11-24-151855 and passed. NOTE: changing spec.appsDomain causes openshift-apiserver operator to perform a rolling update of the openshift-apiserver pods which takes some minutes. After the rollout, the new created route will use the spec.appsDomain. # oc patch ingresses.config/cluster -p '{"spec":{"appsDomain":"second.exmaple.com"}}' --type=merge # oc -n openshift-apiserver get pods NAME READY STATUS RESTARTS AGE apiserver-5954447598-2hvpl 2/2 Running 0 114s apiserver-5954447598-xk92t 0/2 Pending 0 39s apiserver-869774b97f-926cr 2/2 Terminating 0 11m apiserver-869774b97f-n4274 2/2 Running 0 12m ### after the rollout, create a route # oc expose svc service-unsecure # oc get route NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD service-unsecure service-unsecure-hongli1.second.example.com service-unsecure http None
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633