Bug 1954595 - Machine config operator degraded in a freshly installed 4.7 cluster
Summary: Machine config operator degraded in a freshly installed 4.7 cluster
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 4.7
Hardware: Unspecified
OS: Linux
medium
medium
Target Milestone: ---
: 4.7.z
Assignee: Aditya Narayanaswamy
QA Contact: Gaoyun Pei
URL:
Whiteboard:
: 1979988 (view as bug list)
Depends On: 1873649
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-04-28 12:44 UTC by agudi
Modified: 2021-08-17 12:12 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
The MCO was in degraded state which was due to the fact that the installer created an out-of-order noProxy values due to spaces being allowed in the string passed for noProxy. Adding a fix to remove allowing spaces in the input to sort the values in order and fix the issue.
Clone Of:
Environment:
Last Closed: 2021-08-17 12:12:09 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift installer pull 5060 0 None open [release-4.7] Bug 1954595: Validate noProxy input and add prefix for proxy urls 2021-07-13 15:16:51 UTC
Red Hat Product Errata RHBA-2021:3032 0 None None None 2021-08-17 12:12:50 UTC

Comment 17 Aditya Narayanaswamy 2021-07-07 14:46:50 UTC
*** Bug 1979988 has been marked as a duplicate of this bug. ***

Comment 18 Russell Teague 2021-07-12 17:51:37 UTC
Needs cherry-pick from 4.8.

Comment 23 Gaoyun Pei 2021-08-05 09:31:04 UTC
Verify this bug on nightly payload 4.7.0-0.nightly-2021-08-04-234545.

With the following proxy parameters set in install-config.yaml
proxy:
  httpProxy: http://test:test@PROXY_PLACEHOLDER:3128
  httpsProxy: http://test:test@PROXY_PLACEHOLDER:3128
  noProxy: test.no-proxy.com


Generate manifests file, check the proxy manifest, noProxy list was generated in expected order.
# cat cluster-proxy-01-config.yaml
apiVersion: config.openshift.io/v1
kind: Proxy
metadata:
  creationTimestamp: null
  name: cluster
spec:
  httpProxy: http://test:test@PROXY_PLACEHOLDER:3128
  httpsProxy: http://test:test@PROXY_PLACEHOLDER:3128
  noProxy: test.no-proxy.com
  trustedCA:
    name: ""
status:
  httpProxy: http://test:test@PROXY_PLACEHOLDER:3128
  httpsProxy: http://test:test@PROXY_PLACEHOLDER:3128
  noProxy: .cluster.local,.svc,.us-east-2.compute.internal,10.0.0.0/16,10.128.0.0/14,127.0.0.1,169.254.169.254,172.30.0.0/16,api-int.gpei-086.qe.devcluster.openshift.com,localhost,test.no-proxy.com


Setup the cluster, check the noProxy on bootstrap and in-cluster noProxy value.

[root@ip-10-0-14-145 profile.d]# cat proxy.sh 
...
export NO_PROXY=".cluster.local,.svc,.us-east-2.compute.internal,10.0.0.0/16,10.128.0.0/14,127.0.0.1,169.254.169.254,172.30.0.0/16,api-int.gpei-086.qe.devcluster.openshift.com,localhost,test.no-proxy.com"


# oc get proxy cluster -o yaml
apiVersion: config.openshift.io/v1
kind: Proxy
metadata:
...
status:
...
  noProxy: .cluster.local,.svc,.us-east-2.compute.internal,10.0.0.0/16,10.128.0.0/14,127.0.0.1,169.254.169.254,172.30.0.0/16,api-int.gpei-086.qe.devcluster.openshift.com,localhost,test.no-proxy.com

Comment 26 errata-xmlrpc 2021-08-17 12:12:09 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.7.24 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:3032


Note You need to log in before you can comment on or make changes to this bug.