Bug 2046094 - SNO: cluster version operator failed to start due to missing secret "cluster-version-operator-serving-cert"
Summary: SNO: cluster version operator failed to start due to missing secret "cluster-...
Keywords:
Status: CLOSED DUPLICATE of bug 1961204
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Cluster Version Operator
Version: 4.10
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: ---
Assignee: Over the Air Updates
QA Contact: liujia
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-01-26 09:23 UTC by Igal Tsoiref
Modified: 2022-05-06 12:29 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-01-26 11:23:53 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description Igal Tsoiref 2022-01-26 09:23:53 UTC 
Description of problem:
We started to see failures in our single node ci after some search we saw that cluster version operator fails to start due to missing secret.
We have already couple of failed CI jobs and i will link only latest

in https://gcsweb-ci.apps.ci.l2s4.p1.openshiftapps.com/gcs/origin-ci-test/logs/periodic-ci-openshift-release-master-nightly-4.10-e2e-metal-single-node-live-iso/1484898355296342016/artifacts/e2e-metal-single-node-live-iso/baremetalds-sno-gather/artifacts/post-tests-must-gather/registry-redhat-io-openshift4-ose-must-gather-sha256-8c0b3bc10756c463f1aa6b622e396ae244079dd8f7f2f3c5d8695a777c95eec6/host_service_logs/masters/kubelet_service.log you can see many lines like :
Jan 22 15:01:33.839270 test-infra-cluster-master-0 hyperkube[1803]: E0122 15:01:33.839245    1803 secret.go:195] Couldn't get secret openshift-cluster-version/cluster-version-operator-serving-cert: secret "cluster-version-operator-serving-cert" not found
 



Version-Release number of the following components:
rpm -q openshift-ansible
rpm -q ansible
ansible --version

How reproducible:
SNO CI

Steps to Reproduce:
1.
2.
3.

Actual results:
Jan 22 15:01:33.839270 test-infra-cluster-master-0 hyperkube[1803]: E0122 15:01:33.839245    1803 secret.go:195] Couldn't get secret openshift-cluster-version/cluster-version-operator-serving-cert: secret "cluster-version-operator-serving-cert" not found

Expected results:
secret is found and cvo starts running


Additional info:

can be relevant to https://bugzilla.redhat.com/show_bug.cgi?id=2045872

Full must-gather logs can be found here:
https://gcsweb-ci.apps.ci.l2s4.p1.openshiftapps.com/gcs/origin-ci-test/logs/periodic-ci-openshift-release-master-nightly-4.10-e2e-metal-single-node-live-iso/1484898355296342016/artifacts/e2e-metal-single-node-live-iso/baremetalds-sno-gather/artifacts/post-tests-must-gather
Comment 1 Rom Freiman 2022-01-26 11:08:12 UTC 
Might be related to https://bugzilla.redhat.com/show_bug.cgi?id=2045872
Comment 2 Vadim Rutkovsky 2022-01-26 11:23:53 UTC 
Service CA pod is creating those - and it won't start:
Error creating: pods "service-ca-6dc7f77f4d-" is forbidden: error fetching namespace "openshift-service-ca": unable to find annotation openshift.io/sa.scc.uid-range

See https://bugzilla.redhat.com/show_bug.cgi?id=1961204#c4

*** This bug has been marked as a duplicate of bug 1961204 ***
Note You need to log in before you can comment on or make changes to this bug.