Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-18564

Kube apiserver failed to start up with "tls: private key does not match public key"

XMLWordPrintable

    • Low
    • No
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      While upgrading 3556 SNOs from 4.12.29 to 4.13.9, one SNO failed to begin precaching images for upgrade.  Upon closer inspection, the api was down and reviewing the crio containers that exited, the kube-apiserver was found to be exited in status.  Reviewing the log for that container showed "E0905 19:14:25.138218      18 run.go:74] "command failed" err="tls: private key does not match public key""

      Version-Release number of selected component (if applicable):

      4.12.29

      How reproducible:

      only 1 out 3556 SNOs presented this issue - thus extremely rare

      Steps to Reproduce:

      1.
2.
3.

      Actual results:

       

      Expected results:

       

      Additional info:

      More data including a sos report to be attached.

        1. crio.log.gz
          2.27 MB
        2. kubeapiserver.log.gz
          9 kB
        3. kubelet.log.gz
          45.68 MB
        4. sosreport-vm01713-2023-09-05-exvxgmh.tar.xz
          34.05 MB

            Unassigned Unassigned
            akrzos@redhat.com Alex Krzos
            Ke Wang Ke Wang
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: