Loading...

XML

Word

Printable

Type: Task
Resolution: Done
Priority: Normal
Fix Version/s: MCE 2.9.0
Affects Version/s: MCE 2.9.0
Component/s: Documentation
Labels:
- doc-ack
- known-issues

Story Points:
3
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Intelligence Requested:
Market:

Sprint:
Workload Mgmt Train 29 - 1, Workload Mgmt Train 29 - 2
Severity:
Critical

Regression:
None

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

Description of problem:

When CAPI/CAPA is enabled in MCE, AWS hosted cluster cluster gets stuck during deployment.

The validation webhooks in CAPI/CAPA cause issues with the hypershift operator

{"level":"error","ts":"2025-06-19T14:18:44Z","msg":"Failed to reconcile NodePool","controller":"nodepool","controllerGroup":"hypershift.openshift.io","controllerKind":"NodePool","NodePool":{"name":"acmqe-hc-32a95cbb9b194d81-us-east-1a","namespace":"clusters"},"namespace":"clusters","name":"acmqe-hc-32a95cbb9b194d81-us-east-1a","reconcileID":"fcfe593f-dcd1-4f90-afdd-9a5161bb72cc","error":"admission webhook \"validation.awsmachinetemplate.infrastructure.cluster.x-k8s.io\" denied the request: AWSMachineTemplate.infrastructure.cluster.x-k8s.io \"acmqe-hc-32a95cbb9b194d81-us-east-1a-c6a50e4e\" is invalid: spec.template.spec.cloudInit.secureSecretsBackend: Forbidden: cannot be set if spec.template.spec.cloudInit.insecureSkipSecretsManager is true","stacktrace":"github.com/openshift/hypershift/hypershift-operator/controllers/nodepool.(*NodePoolReconciler).Reconcile\n\t/hypershift/hypershift-operator/controllers/nodepool/nodepool_controller.go:213\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Reconcile\n\t/hypershift/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:116\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler\n\t/hypershift/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:303\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem\n\t/hypershift/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:263\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.2\n\t/hypershift/vendor/sigs.k8s.io/controller-runtime/pkg/internal/controller/controller.go:224"}

Version-Release number of selected component (if applicable):

ACM 2.14.0-DOWNSTREAM-2025-06-18-15-21-33 / MCE 2.9.0-DOWNSTREAM-2025-06-18-15-21-40

How reproducible:

always

Steps to Reproduce:

enable capi/capa on MCE/ACM
attempt to deploy a hosted cluster
observe cluster is stuck

Actual results:

Expected results:

Additional info:

relates to

OCPBUGS-57978 CAPA validating webhook breaks the hypershift operator

ACM-21802 MCE component dependencies and relationships check

Assignee:: Brandi Swope

Reporter:: David Huynh

QA Contact:: David Huynh

Team:: ACM QE Team

Votes:: 0 Vote for this issue

Watchers:: 11 Start watching this issue

Created:: 2025/06/19 5:01 PM

Updated:: 2025/07/15 6:57 PM

Resolved:: 2025/07/15 6:45 PM

Details

Description

Description of problem:

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:

Actual results:

Expected results:

Additional info:

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates