Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: Undefined
Fix Version/s: 4.16.0
Affects Version/s: 4.16
Component/s: Management Console
Labels:
None

Severity:
Moderate
Regression:
No
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Target Version:

4.16.0

SFDC Cases Counter:
SFDC Cases Links:

Description

Description of problem:

when there is only one server CSR pending on approval, we still show two records(one is client CSR requires approval which is already several hours old and the other is server CSR requires approval)

Version-Release number of selected component (if applicable):

pre-merge testing of https://github.com/openshift/console/pull/13493

How reproducible:

Always

Steps to Reproduce:

1. select one node which is joining the cluster, approve client CSR and do not approve server CSR, wait for some time

=> we can see only one node is pending on server CSR approval
$ oc get csr | grep Pending | grep system:node
csr-54sn4   142m   kubernetes.io/kubelet-serving                 system:node:ip-10-0-49-55.us-east-2.compute.internal                        <none>              Pending
csr-7nhb9   65m    kubernetes.io/kubelet-serving                 system:node:ip-10-0-49-55.us-east-2.compute.internal                        <none>              Pending
csr-9g22f   4m4s   kubernetes.io/kubelet-serving                 system:node:ip-10-0-49-55.us-east-2.compute.internal                        <none>              Pending
csr-bgrdq   35m    kubernetes.io/kubelet-serving                 system:node:ip-10-0-49-55.us-east-2.compute.internal                        <none>              Pending
csr-chqnf   50m    kubernetes.io/kubelet-serving                 system:node:ip-10-0-49-55.us-east-2.compute.internal                        <none>              Pending
csr-f4sbl   127m   kubernetes.io/kubelet-serving                 system:node:ip-10-0-49-55.us-east-2.compute.internal                        <none>              Pending
csr-msnml   157m   kubernetes.io/kubelet-serving                 system:node:ip-10-0-49-55.us-east-2.compute.internal                        <none>              Pending
csr-p9qrp   19m    kubernetes.io/kubelet-serving                 system:node:ip-10-0-49-55.us-east-2.compute.internal                        <none>              Pending
csr-qp2pw   112m   kubernetes.io/kubelet-serving                 system:node:ip-10-0-49-55.us-east-2.compute.internal                        <none>              Pending
csr-qrlnv   96m    kubernetes.io/kubelet-serving                 system:node:ip-10-0-49-55.us-east-2.compute.internal                        <none>              Pending
csr-tk7j4   81m    kubernetes.io/kubelet-serving                 system:node:ip-10-0-49-55.us-east-2.compute.internal                        <none>              Pending

Actual results:

1. on nodes list page, we can see two rows shown for node ip-10-0-49-55.us-east-2.compute.internal

Expected results:

since the pending client CSR has been there for several hours and the node now is actually waiting for server CSR approval, we should only show one record/row to indicate user that it requires server CSR approval

The pending client CSR associated with ip-10-0-49-55.us-east-2.compute.internal is already 3 hours old
$ oc get csr csr-4d628
NAME        AGE   SIGNERNAME                                    REQUESTOR                                                                   REQUESTEDDURATION   CONDITION
csr-4d628   3h    kubernetes.io/kube-apiserver-client-kubelet   system:serviceaccount:openshift-machine-config-operator:node-bootstrapper   <none>              Pending

Additional info:

Attachments

Issue Links

links to

openshift/console#13522: OCPBUGS-27399: Filter out Client CSRs for nodes which already exist

RHEA-2024:0041 OpenShift Container Platform 4.16.z bug fix update

Activity

People

Assignee:: Rastislav Wagner

Reporter:: YaDan Pei

QA Contact:: YaDan Pei

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2024/01/19 9:30 AM

Updated:: 2024/02/05 9:06 PM