Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-18564

Kube apiserver failed to start up with "tls: private key does not match public key"

XMLWordPrintable

    • Low
    • No
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      While upgrading 3556 SNOs from 4.12.29 to 4.13.9, one SNO failed to begin precaching images for upgrade.  Upon closer inspection, the api was down and reviewing the crio containers that exited, the kube-apiserver was found to be exited in status.  Reviewing the log for that container showed "E0905 19:14:25.138218      18 run.go:74] "command failed" err="tls: private key does not match public key""

      Version-Release number of selected component (if applicable):

      4.12.29

      How reproducible:

      only 1 out 3556 SNOs presented this issue - thus extremely rare

      Steps to Reproduce:

      1.
2.
3.

      Actual results:

       

      Expected results:

       

      Additional info:

      More data including a sos report to be attached.

        1. crio.log.gz
          2.27 MB
          Alex Krzos
        2. kubeapiserver.log.gz
          9 kB
          Alex Krzos
        3. kubelet.log.gz
          45.68 MB
          Alex Krzos
        4. sosreport-vm01713-2023-09-05-exvxgmh.tar.xz
          34.05 MB
          Alex Krzos

              Unassigned Unassigned
              akrzos@redhat.com Alex Krzos
              Ke Wang Ke Wang
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: