Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Critical
Fix Version/s: None
Affects Version/s: 4.13.z
Component/s: Networking / router
Labels:
- UpdateRecommendationsBlocked
- UpgradeBlocker

Severity:
Important
Regression:
No
Release Blocker:
Rejected
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Release Note Text:

Hide
Before this update, clusters using Mint mode and had their root secret removed would encounter an issue during an upgrade from 4.13.8 to 4.13.9. This was caused by a modification in the credentials request of the cluster-ingress-operator that was backported to 4.13.9.
With this update, these types of clusters are able to update to >4.13.9 without issue.

Show
Before this update, clusters using Mint mode and had their root secret removed would encounter an issue during an upgrade from 4.13.8 to 4.13.9. This was caused by a modification in the credentials request of the cluster-ingress-operator that was backported to 4.13.9. With this update, these types of clusters are able to update to >4.13.9 without issue.
Release Note Type:
Bug Fix
Target Version:

4.13.z

SFDC Cases Counter:
SFDC Cases Links:

Description of problem:

Upgrade 4.13.8 -> 4.13.9 with Mint mode, root secret was REMOVED, failed with:- lastTransitionTime: "2023-08-15T04:16:03Z"
  message: 'Parent credentials secret must be restored prior to upgrade: kube-system/aws-creds'
  reason: MissingRootCredential
  status: "False"
  type: Upgradeable

Version-Release number of selected component (if applicable):

4.13.9

How reproducible:

100%

Steps to Reproduce:

1.Install 4.13 aws version prior to 4.13.9
2. remove root credential: https://docs.openshift.com/container-platform/4.13/authentication/managing_cloud_provider_credentials/cco-mode-mint.html#manually-removing-cloud-creds_cco-mode-mint
3. Upgrade 4.13.9

Actual results:

see above

Expected results:

upgrade completes

Additional info:

https://github.com/openshift/cluster-ingress-operator/pull/972 has been verified as a fix

https://redhat-internal.slack.com/archives/C01V1DP387R/p1692096372908889?thread_ts=1692045933.376069&cid=C01V1DP387R

and

https://redhat-internal.slack.com/archives/C0200PS19PY/p1691654894556669

is blocked by

NE-1376 ImpactStatementRequest: OCPBUGS-17733: Backported credential request breaks some upgrades to 4.13.9

Closed

links to

openshift/cluster-ingress-operator#972: OCPBUGS-17733: [release-4.13] remove shared VPC cred request

RHSA-2023:4731 OpenShift Container Platform 4.13.z security update

Assignee:: Grant Spence

Reporter:: Patrick Dillon

QA Contact:: Melvin Joseph

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 2023/08/15 2:54 PM

Updated:: 2024/04/29 5:10 PM

Resolved:: 2023/08/30 7:21 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates