Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Normal
Fix Version/s: None
Affects Version/s: None
Labels:
None

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:
None
Story Points:
None
Severity:
None
Epic Link:
Hive support for provisioning clusters on AzureGov

Target Version:
None
Release Blocker:
None
Sprint:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Release Note Status:
None
Release Note Type:
None
Release Note Text:
None

Description:
Installing a cluster on AzureGov using hive, after cluster installed, create additional machinepool on this cluster, hive-controllers will hit below error:

time="2021-10-12T04:52:33.154Z" level=error msg="could not generateMachineSets" controller=remotemachineset error="could not generate machinesets: compute pool not providing list of zones and failed to fetch list of zones: azure.BearerAuthorizer#WithAuthorization: Failed to refresh the Token for request to https://management.azure.com/subscriptions/512b9978-d441-4793-9ca7-50c2a7b978f7/providers/Microsoft.Compute/skus?api-version=2019-04-01: StatusCode=400 -- Original Error: adal: Refresh request failed. Status Code = '400'. Response body: {\"error\":\"invalid_request\",\"error_description\":\"AADSTS900382: Confidential Client is not supported in Cross Cloud request.\\r\\nTrace ID: f58d7933-1e19-43b7-8122-448ea2f81300\\r\\nCorrelation ID: d7956da4-798f-4509-bec3-54794b126855\\r\\nTimestamp: 2021-10-12 04:52:33Z\",\"error_codes\":[900382],\"timestamp\":\"2021-10-12 04:52:33Z\",\"trace_id\":\"f58d7933-1e19-43b7-8122-448ea2f81300\",\"correlation_id\":\"d7956da4-798f-4509-bec3-54794b126855\"} Endpoint https://login.microsoftonline.com/5a68018f-d232-42fc-a9d9-9c09dc84fbc4/oauth2/token?api-version=1.0" machinePool=default/lwanazgov-infra reconcileID=vbfr88mc

Version-Release number of selected component (if applicable):
Version: openshift/hive v1.1.16-107-ga27a4f7

How reproducible:
Always

Steps to Reproduce:
1.Create ClusterDeployment on AzureGov using hiveutil tool
2.Wait for cluster installed,Create a machinepool CR,

$ cat lwanazgov-infra.yaml
apiVersion: hive.openshift.io/v1
kind: MachinePool
metadata:
  name: lwanazgov-infra
  namespace: default
spec:
  clusterDeploymentRef:
    name: lwanazgov
  name: infra
  platform:
    azure:
      osDisk:
        diskSizeGB: 512
      type: Standard_D8s_v3
  replicas: 2
$oc create -f lwanazgov-infra.yaml

3.Check machinepool CR status and remote machineset CR

Actual result:
Remote machines/nodes can be created

Expected result:
The remote machinesets, machines and nodes can be created

Additional info:
1. Hive-controller log attached

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

lwanazgov-0-5h5cv-provision--1-w8brx.log
1.68 MB
2021/10/12 6:44 AM

links to

openshift/hive#1588: HIVE-1669: Create Azure Client for Azure CloudName.

openshift/hive#1589: OCM-2.4: Backport HIVE-1669: Create Azure Client for Azure CloudName.

openshift/hive#1593: Set dnsZone.Spec.Azure.CloudName when creating dnsZone.

Assignee:: Andrew Butcher

Reporter:: Lin Wang

Need Info From:: None

Contributors:: None

Architect:: None

QA Contact:: Lin Wang

Doc Contact:: None

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2021/10/12 6:41 AM

Updated:: 2025/07/30 5:29 AM

Resolved:: 2021/10/27 7:28 AM

Details

Description

Attachments

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide