-
Bug
-
Resolution: Done
-
Critical
-
None
-
None
-
True
-
False
-
None
-
HAC Infra OCM - Sprint 239, HAC Infra OCM - Sprint 240, HAC Infra OCM - Sprint 241
Description of problem:
The ROSA hypershift cluster installation initiated from UI is stuck with waiting state on the "OIDC and operator roles" step. This is because the user did not run the `rosa create operator role` cli command shown in the "Cluster roles and policies" step.
If this is a mandatory requirement i.e create the operator roles prior to start of the installation, we should need to get an acknowledgment (probably Cluster roles and policies step) at from user that operator roles are created. In the installation step, the waiting state should be changed to action required with set of operator role commands.
How reproducible:
Always
Steps to reproduce:
- Launch OCM UI Staging.
- Open ROSA wizard and select control plane type as "Hosted"
- Proceed to next steps by providing all required values in each step.
- Reach "Cluster roles and policies" step.
- Choose config id and operator role prefix.( Do not run suggested operator role creation command).
- Click "Next" step and click "Create cluster".
- View the cluster installation.
Actual results:
ROSA hypershift installation step "OIDC and operator roles" stuck in waiting state with no useful information to the user what was going wrong.
Expected results:
ROSA hypershift installation should be successful and if no operator roles found, it should create respective roles automatically during installation. It should not block the installation process.
If creating operator roles manually is a requirement for ROSA Hypershift then following improvements are suggested.
- Introduce an acknowledgment (probably Cluster roles and policies step) from user that operator roles are created (to make sure they are notified).
- In the installation step, the waiting state should be changed to action required with set of operator role commands.
Acceptance Criteria:
- The text in the Action Required popup for HCP clusters should read:
Action required: Creaete OIDC and operator roles
Your cluster will procceed to ready state only after the operator roles and OIDC provier are created.
To create operator-roles, run the following command:
rosa create operator-roles --hosted-cp --prefix "grergr-c8y6" --oidc-config-id "22phvja6kkki8f7h8mmk46a7j2h26uk1"
To create an oidc provider, run the following command:
rosa create oidc-provider --oidc-config-id "22phvja6kkki8f7h8mmk46a7j2h26uk1"
Tech Notes:
There seems to be two scenerios in which HCP cluster will be stuck at 'Waiting':
- If missing oidc-provider roles for the selected oidc-config, or...
- User failed to run the rosa cli command to create the operator roles
Other Options/Questions
- What does the CLI do in this case? Answer: CLI doesn't let proceed forward without a ODIC provider and the operator roles
- Can HCP cluster creation could continue without OIDC/op-roles? Answer: No, cannot
- Follow up:
-
- Would be great if CS backend indicated what it was 'waiting...' on (roles or OIDC provider)
-
- Need CS backend to validate if OIDC config/provider and Operator roles exist before moving off of `Step 5: OIDC config and operator roles`
