Loading...

XML

Word

Printable

Type: Bug
Resolution: Won't Do
Priority: Major
Fix Version/s: None
Affects Version/s: 4.15.z, 4.16.0
Component/s: HyperShift
Labels:
- hypershift-qe

Severity:
Important
Regression:
No
Release Blocker:
Proposed
Blocked:
False
Blocked Reason:

Hide

None

Show
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Description of problem:

The deleting namespaces in a Hypershift hosted cluster using Microsoft Entra ID as external OIDC gets stuck in Terminating state.

Version-Release number of selected component (if applicable):

MC 4.16.0-0.nightly-2024-03-06-073110 + HC 4.16.0-0.nightly-2024-03-06-073110

Steps to Reproduce:

1. Create a namespace
2. Delete it

Actual results:

fxie-mac:hypershift fxie$ oc get ns test-ns
NAME      STATUS        AGE
test-ns   Terminating   23m

fxie-mac:hypershift fxie$ oc get ns test-ns -o yaml
apiVersion: v1
kind: Namespace
metadata:
  annotations:
    openshift.io/sa.scc.mcs: s0:c26,c15
    openshift.io/sa.scc.supplemental-groups: 1000680000/10000
    openshift.io/sa.scc.uid-range: 1000680000/10000
  creationTimestamp: "2024-03-07T06:28:30Z"
  deletionTimestamp: "2024-03-07T06:28:44Z"
  labels:
    kubernetes.io/metadata.name: test-ns
    pod-security.kubernetes.io/audit: restricted
    pod-security.kubernetes.io/audit-version: v1.24
    pod-security.kubernetes.io/enforce: restricted
    pod-security.kubernetes.io/enforce-version: v1.24
    pod-security.kubernetes.io/warn: restricted
    pod-security.kubernetes.io/warn-version: v1.24
  name: test-ns
  resourceVersion: "309972"
  uid: 39e26607-c7de-4bf2-963a-218b54523979
spec:
  finalizers:
  - kubernetes
status:
  conditions:
  - lastTransitionTime: "2024-03-07T06:28:49Z"
    message: 'Discovery failed for some groups, 2 failing: unable to retrieve the
      complete list of server APIs: oauth.openshift.io/v1: stale GroupVersion discovery:
      oauth.openshift.io/v1, user.openshift.io/v1: stale GroupVersion discovery: user.openshift.io/v1'
    reason: DiscoveryFailed
    status: "True"
    type: NamespaceDeletionDiscoveryFailure
  - lastTransitionTime: "2024-03-07T06:28:50Z"
    message: All legacy kube types successfully parsed
    reason: ParsedGroupVersions
    status: "False"
    type: NamespaceDeletionGroupVersionParsingFailure
  - lastTransitionTime: "2024-03-07T06:28:50Z"
    message: All content successfully deleted, may be waiting on finalization
    reason: ContentDeleted
    status: "False"
    type: NamespaceDeletionContentFailure
  - lastTransitionTime: "2024-03-07T06:28:50Z"
    message: All content successfully removed
    reason: ContentRemoved
    status: "False"
    type: NamespaceContentRemaining
  - lastTransitionTime: "2024-03-07T06:28:50Z"
    message: All content-preserving finalizers finished
    reason: ContentHasNoFinalizers
    status: "False"
    type: NamespaceFinalizersRemaining
  phase: Terminating

Expected results:

Namespace deleted.

is related to

OCPBUGS-30028 [Documents] Document "FailedDiscoveryCheck" apiservice issue is expected and can be avoided by ensuring external OIDC is configured at the time when the HostedCluster is created instead of configured after it is created

Closed

Assignee:: Seth Jennings

Reporter:: Feilian Xie

QA Contact:: Jie Zhao

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2024/03/07 6:54 AM

Updated:: 2024/03/11 7:34 AM

Resolved:: 2024/03/11 7:11 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates