Bug 2022840 - CCO occasionally down, reporting networksecurity.googleapis.com API as disabled
Summary: CCO occasionally down, reporting networksecurity.googleapis.com API as disabled
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Cloud Credential Operator
Version: 4.10
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.6.z
Assignee: Joel Diaz
QA Contact: Jianping SHu
URL:
Whiteboard:
: 2054914 (view as bug list)
Depends On: 2022839
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-11-12 17:44 UTC by Michael McCune
Modified: 2022-10-10 04:56 UTC (History)
15 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 2022839
Environment:
Last Closed: 2021-12-02 20:02:56 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift machine-api-operator pull 955 0 None Merged Bug 2022840: GCP CI runs are complaining about APIs not being enabled 2021-12-01 20:14:13 UTC
Red Hat Knowledge Base (Solution) 6505391 0 None None None 2021-11-16 12:25:11 UTC
Red Hat Product Errata RHBA-2021:4800 0 None None None 2021-12-02 20:03:01 UTC

Comment 3 Jianping SHu 2021-11-15 07:02:20 UTC 
Verified on 4.6.0-0.nightly-2021-11-12-224339 include the fix.

1. Launch a basic gcp cluster
2. Monitor the installation process

the installaton can succeed and cco won't hit the issue about "Detected required APIs that are disabled: [networksecurity.googleapis.com]"

jianpingshu@jshu-mac 2022840_4.6 % oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.6.0-0.nightly-2021-11-12-224339   True        False         117s    Cluster version is 4.6.0-0.nightly-2021-11-12-224339

jianpingshu@jshu-mac 2022840_4.6 % oc logs cloud-credential-operator-58d54b684-fqdms -n openshift-cloud-credential-operator -c cloud-credential-operator | grep "Detected required APIs that are disabled"
Nothing output

############
The payload without the fix merged like 4.9.0-0.nightly-2021-11-11-155043 will fail to install, and cco Degraded because of [networksecurity.googleapis.com] disabled.

$ oc get clusterversion
NAME      VERSION   AVAILABLE   PROGRESSING   SINCE   STATUS
version             False       True          53m     Unable to apply 4.9.0-0.nightly-2021-11-11-155043: some cluster operators have not yet rolled out

$ oc logs cloud-credential-operator-5b97f67944-qp6k2 -n openshift-cloud-credential-operator -c cloud-credential-operator | grep "Detected required APIs that are disabled"
time="2021-11-15T04:33:13Z" level=warning msg="Detected required APIs that are disabled: [networksecurity.googleapis.com]" actuator=gcp cr=openshift-cloud-credential-operator/openshift-machine-api-gcp
time="2021-11-15T04:33:17Z" level=warning msg="Detected required APIs that are disabled: [networksecurity.googleapis.com]" actuator=gcp cr=openshift-cloud-credential-operator/openshift-machine-api-gcp
time="2021-11-15T04:33:22Z" level=warning msg="Detected required APIs that are disabled: [networksecurity.googleapis.com]" actuator=gcp cr=openshift-cloud-credential-operator/openshift-machine-api-gcp
time="2021-11-15T04:33:31Z" level=warning msg="Detected required APIs that are disabled: [networksecurity.googleapis.com]" actuator=gcp cr=openshift-cloud-credential-operator/openshift-machine-api-gcp
time="2021-11-15T04:33:49Z" level=warning msg="Detected required APIs that are disabled: [networksecurity.googleapis.com]" actuator=gcp cr=openshift-cloud-credential-operator/openshift-machine-api-gcp
Comment 6 errata-xmlrpc 2021-12-02 20:02:56 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.6.51 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:4800
Comment 7 Scott Dodson 2022-02-16 18:44:45 UTC 
*** Bug 2054914 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.