Uploaded image for project: 'Red Hat Advanced Cluster Management'
  1. Red Hat Advanced Cluster Management
  2. ACM-4446

Hypershift addon agent tries to copy kubeadmin-password secret when it does not exist

XMLWordPrintable

    • Important
    • No

      Description of problem:

      ROSA hypershift cluster service configures a custom identity provider in the hosted cluster CR to create a non-default kubeadmin user.

       

            spec:
              autoscaling: {}
              clusterID: __CLUSTER_UUID__
              configuration:
                oauth:
                  identityProviders:
                  - htpasswd:
                      fileData:
                        name: htpasswd-secret
       

       

      When this is configured, the kubeadmin-password secret is not generated for the hosted cluster in the cluster's namespace. 

       

      The problem is that the hypershift addon agent assumes that the kubeadmin-password secret is always generated for a hosted cluster and tries to copy it over to the hub cluster when the HC's API server becomes available. Although this does not break the agent's reconcile functionality, it generates many error messages in the logs and requeues the reconcile causing unnecessary CPU consumption.

       

       

      Version-Release number of selected component (if applicable):

      How reproducible:

      Steps to Reproduce:

      1.  
      2.  
      3. ...

      Actual results:

      Expected results:

      Additional info:

              rokejungrh Roke Jung
              rokejungrh Roke Jung
              David Huynh David Huynh
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: