Bug 2099604 - [4.10.z] GCP API Checks Fail if non-required APIs are not enabled
Summary: [4.10.z] GCP API Checks Fail if non-required APIs are not enabled
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 4.10
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: 4.10.z
Assignee: OCP Installer
QA Contact: Jianli Wei
Depends On: 2084280
TreeView+ depends on / blocked
Reported: 2022-06-21 10:15 UTC by Pablo Alonso Rodriguez
Modified: 2022-11-22 07:19 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 2084280
Last Closed: 2022-11-22 07:19:44 UTC
Target Upstream Version:

Attachments (Terms of Use)

System ID Private Priority Status Summary Last Updated
Github openshift installer pull 6507 0 None open Bug 2099604: Remove optional services from permissions check 2022-10-20 18:46:18 UTC
Red Hat Product Errata RHBA-2022:8496 0 None None None 2022-11-22 07:19:48 UTC

Comment 3 Patrick Dillon 2022-08-23 15:45:30 UTC
Pablo why was this BZ opened, do we need a backport to 4.10 of the original BZ?

Comment 4 Pablo Alonso Rodriguez 2022-08-24 06:22:39 UTC
Yes please, we need a backport.

Comment 7 Joep van Delft 2022-11-14 08:21:23 UTC
Moving back to assigned, this seems to relate to a build failure on ppc64le: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=48962124

Comment 11 Jianli Wei 2022-11-17 05:48:17 UTC
Verified with 4.10.42.

$ gcloud config get account
$ gcloud config get project
$ gcloud services list --enabled
NAME                                 TITLE
bigquery.googleapis.com              BigQuery API
bigquerystorage.googleapis.com       BigQuery Storage API
clouddebugger.googleapis.com         Cloud Debugger API
cloudresourcemanager.googleapis.com  Cloud Resource Manager API
cloudtrace.googleapis.com            Cloud Trace API
compute.googleapis.com               Compute Engine API
datastore.googleapis.com             Cloud Datastore API
deploymentmanager.googleapis.com     Cloud Deployment Manager V2 API
dns.googleapis.com                   Cloud DNS API
iam.googleapis.com                   Identity and Access Management (IAM) API
iamcredentials.googleapis.com        IAM Service Account Credentials API
logging.googleapis.com               Cloud Logging API
monitoring.googleapis.com            Cloud Monitoring API
networksecurity.googleapis.com       Network Security API
oslogin.googleapis.com               Cloud OS Login API
serviceusage.googleapis.com          Service Usage API
sql-component.googleapis.com         Cloud SQL
$ ./openshift-install version
./openshift-install 4.10.42
built from commit f3c53b382264bdebfc31235adcfbfa1718f4a305
release image quay.io/openshift-release-dev/ocp-release@sha256:735957b2c08c013a71cc5461d572ab297a069d8d03e853f78f745f89d0bb20c9
release architecture amd64
$ ./openshift-install create cluster --dir work
? SSH Public Key /home/fedora/.ssh/openshift-qe.pub
? Platform gcp
INFO Credentials loaded from file "/home/fedora/.gcp/osServiceAccount.json"
? Project ID OpenShift QE Shared VPC (openshift-qe-shared-vpc)
? Region us-central1
? Base Domain qe-shared-vpc.qe.gcp.devcluster.openshift.com
? Cluster Name jiwei-1117b
? Pull Secret [? for help] *******
WARNING the following optional services are not enabled in this project: cloudapis.googleapis.com,servicemanagement.googleapis.com,storage-api.googleapis.com,storage-component.googleapis.com
INFO Creating infrastructure resources...
INFO Waiting up to 20m0s (until 4:49AM) for the Kubernetes API at https://api.jiwei-1117b.qe-shared-vpc.qe.gcp.devcluster.openshift.com:6443...
INFO API v1.23.12+8a6bfe4 up
INFO Waiting up to 30m0s (until 5:03AM) for bootstrapping to complete...
INFO Destroying the bootstrap resources...
INFO Waiting up to 40m0s (until 5:25AM) for the cluster at https://api.jiwei-1117b.qe-shared-vpc.qe.gcp.devcluster.openshift.com:6443 to initialize...
INFO Waiting up to 10m0s (until 5:11AM) for the openshift-console route to be created...
INFO Install complete!
INFO To access the cluster as the system:admin user when using 'oc', run 'export KUBECONFIG=/home/fedora/test4/work/auth/kubeconfig'
INFO Access the OpenShift web-console here: https://console-openshift-console.apps.jiwei-1117b.qe-shared-vpc.qe.gcp.devcluster.openshift.com
INFO Login to the console with user: "kubeadmin", and password: "2rHYC-pXJBb-SCPBj-fmTrW"
INFO Time elapsed: 35m59s
$ export KUBECONFIG=/home/fedora/test4/work/auth/kubeconfig
$ ./oc get clusterversion
version   4.10.42   True        False         34m     Cluster version is 4.10.42
$ ./oc get nodes
NAME                                                            STATUS   ROLES    AGE   VERSION
jiwei-1117b-9t5sg-master-0.c.openshift-qe-shared-vpc.internal   Ready    master   60m   v1.23.12+8a6bfe4
jiwei-1117b-9t5sg-master-1.c.openshift-qe-shared-vpc.internal   Ready    master   60m   v1.23.12+8a6bfe4
jiwei-1117b-9t5sg-master-2.c.openshift-qe-shared-vpc.internal   Ready    master   61m   v1.23.12+8a6bfe4
jiwei-1117b-9t5sg-worker-a-l4dvc                                Ready    worker   52m   v1.23.12+8a6bfe4
jiwei-1117b-9t5sg-worker-b-6ch85                                Ready    worker   52m   v1.23.12+8a6bfe4
jiwei-1117b-9t5sg-worker-c-gcvn4                                Ready    worker   52m   v1.23.12+8a6bfe4

Comment 13 errata-xmlrpc 2022-11-22 07:19:44 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.10.42 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.