Bug 1996647 - Provide more useful degraded message in auth operator on DNS errors
Summary: Provide more useful degraded message in auth operator on DNS errors
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: apiserver-auth
Version: 4.9
Hardware: Unspecified
OS: Unspecified
medium
low
Target Milestone: ---
: 4.10.0
Assignee: Michal Fojtik
QA Contact: Xingxing Xia
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-08-23 11:32 UTC by Michal Fojtik
Modified: 2022-03-10 16:06 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-03-10 16:05:43 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift cluster-authentication-operator pull 473 0 None open Bug 1996647: endpointsaccessible: clarify degraded message when DNS is broken 2021-11-15 11:24:42 UTC
Red Hat Product Errata RHSA-2022:0056 0 None None None 2022-03-10 16:06:24 UTC

Description Michal Fojtik 2021-08-23 11:32:13 UTC
Description of problem:

When the DNS server is not reachable or DNS itself is not working, we give this message to users/admins:

Operator unavailable (OAuthServerRouteEndpointAccessibleController_EndpointUnavailable): OAuthServerRouteEndpointAccessibleControllerAvailable: Get "https://oauth-openshift.apps.ci-op-6izkt7mz-16f7c.gcp-2.ci.openshift.org/healthz": dial tcp: lookup oauth-openshift.apps.ci-op-6izkt7mz-16f7c.gcp-2.ci.openshift.org on 172.30.0.10:53: no such host


There is no hint here that the problem is DNS server except the :53 port.


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:

Append clarification at the end of the message.

Additional info:

This BZ exists to link to a simple PR, no QE needed.

Comment 6 Sergiusz Urbaniak 2021-11-26 07:25:27 UTC
Iā€™m adding UpcomingSprint, because I was occupied by fixing bugs with higher priority/severity, developing new features with higher priority, or developing new features to improve stability at a macro level. I will revisit this bug next sprint.

Comment 8 Yash Tripathi 2022-02-04 03:36:10 UTC
PR reviewed

Comment 10 Xingxing Xia 2022-02-21 03:49:48 UTC
(In reply to comment #0)
> Description of problem:
> Additional info:
> 
> This BZ exists to link to a simple PR, no QE needed.
Ah, as per this, moving to VERIFIED directly. The code checks if the error contains ":53: no such host" and if yes then it appends "(this is likely result of malfunctioning DNS server)".

Comment 12 errata-xmlrpc 2022-03-10 16:05:43 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.10.3 security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:0056


Note You need to log in before you can comment on or make changes to this bug.