Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-12980

Kubelet CA file not written by MCD firstboot

XMLWordPrintable

    • Important
    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      In our IBM Cloud use-case of RHCOS, we are seeing 4.13 RHCOS nodes failing to properly bootstrap to a HyperShift 4.13 control plane. RHCOS worker node kubelet is failing with "failed to construct kubelet dependencies: unable to load client CA file /etc/kubernetes/kubelet-ca.crt: open /etc/kubernetes/kubelet-ca.crt: no such file or directory". 

      Version-Release number of selected component (if applicable):

      4.13.0-rc.6

      How reproducible:

      100%

      Steps to Reproduce:

      1. Create a HyperShift 4.13 control plane
      2. Boot a RHCOS host outside of cluster
      3. After initial RHCOS boot, fetch ignition from control plane
      4. Attempt to bootstrap to cluster via `machine-config-daemon firstboot-complete-machineconfig`

      Actual results:

      Kubelet service fails with "failed to construct kubelet dependencies: unable to load client CA file /etc/kubernetes/kubelet-ca.crt: open /etc/kubernetes/kubelet-ca.crt: no such file or directory".

      Expected results:

      RHCOS worker node to properly bootstrap to HyperShift control plane. This has been the supported bootstrapping flow for releases <4.13.

      Additional info:

      References:
      - https://redhat-internal.slack.com/archives/C01C8502FMM/p1682968210631419
      - https://github.com/openshift/machine-config-operator/pull/3575
      - https://github.com/openshift/machine-config-operator/pull/3654

            jerzhang@redhat.com Yu Qi Zhang
            hidematsu.sueki@ibm.com Hidematsu Sueki
            Sergio Regidor de la Rosa Sergio Regidor de la Rosa
            IBM Employee
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated:
              Resolved: