Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-32948

Azure pod identity webhook not provided after migration to Azure AD workload identity.

XMLWordPrintable

    • No
    • Proposed
    • False
    • Hide

      None

      Show
      None

      Description of problem:

          After migration works complete, “pod-identity-webhook” deployment is not in the namespace "openshift-cloud-credential-operator".

      Version-Release number of selected component (if applicable):

          4.16

      How reproducible:

          Always

      Steps to Reproduce:

          1.Prepare an Azure OpenShift cluster.
    2.Migration to Azure AD workload Identity using procedure https://github.com/openshift/cloud-credential-operator/blob/master/docs/azure_workload_identity.md#steps-to-in-place-migrate-an-openshift-cluster-to-azure-ad-workload-identity.
    3.

      Actual results:

          Azure pod identity webhook is not being created.
[hmx@fedora CCO]$  oc get po -n openshift-cloud-credential-operator 
NAME                                        READY   STATUS    RESTARTS   AGE
cloud-credential-operator-78b94ffb4-587rh   2/2     Running   0          3h7m

      Expected results:

      Additional info:

      Tested migration to Azure AD workload Identity on following Azure cluster type:
  1. Default public Azure cluster.
  2. Single-node cluster.
  3. Azure private cluster.
  4. Disconnected Azure cluster.
This issue exists in all of the above cluster types.

            jstuever@redhat.com Jeremiah Stuever
            mihuang@redhat.com Mingxia Huang
            Mingxia Huang Mingxia Huang
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: