Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Critical
Fix Version/s: 4.15.z
Affects Version/s: 4.15.z
Component/s: HyperShift
Labels:
- cee.next
- triaged

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Story Points:
None
Severity:
Critical
Regression:
No

Target Backport Versions:
None
Target Version:

4.15.z
Release Blocker:
None
Sprint:
Hypershift Sprint 253, Hypershift Sprint 254
sprint_count:
2

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Release Note Status:
In Progress
Release Note Type:
Release Note Not Required
Release Note Text:
None

Escape Reason:
None
Escape Impact:
None
Corrective Measures:
None
SDLC stage when should've been found:
None

This is a clone of issue ~~OCPBUGS-33237~~. The following is the description of the original issue:
—
Description of problem:

Looks like we are facing a bug when trying to spin up a hosted control plane cluster while using proxy settings to connect to the internet. For example, on our worker node, the static pod kube-apiserver-proxy.yaml doesn't contain the noProxy settings which seem to cause the failure of deploying the hosted cluster.

~~~
[root@ocpugbo2cogswo03 manifests]# cat kube-apiserver-proxy.yaml_
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    k8s-app: kube-apiserver-proxy
  name: kube-apiserver-proxy
  namespace: kube-system
spec:
  containers:
  - command:
    - control-plane-operator
    - kubernetes-default-proxy
    - --listen-addr=<IP-Addr>:6443
    - --proxy-addr=<Proxy-Addr>:<Proxy-port>
    - --apiserver-addr=<API-IP-Addr>:6443
    image: quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:7ca95b9a71e41157c70378896758618b993ad90e6d80a23c46170da5c11f441f
    name: kubernetes-default-proxy
    resources:
      requests:
        cpu: 13m
        memory: 16Mi
    securityContext:
      runAsUser: 1001
  hostNetwork: true
  priorityClassName: system-node-critical
status: {}
~~~

Can you please check this issue.

Steps to Reproduce:

    1. Install a cluster with ACM and HCP
    2. Try to create a hosted cluster using proxy configuration
    3. kube-apiserver-proxy is using proxy to reach API.

Actual results:

    The kube-apiserver-proxy is using proxy to reach API. Worker nodes are unable to reach a Hosted Control Plane's API when a cluster-wide http proxy is configured.

Expected results:

    kube-apiserver-proxy should not use proxy to reach API

Additional info:

blocks

OCPBUGS-36518 Kube-apiserver-proxy pod in Hosted Control Plane cluster does not use no_proxy variable

Closed

clones

OCPBUGS-33237 Kube-apiserver-proxy pod in Hosted Control Plane cluster does not use no_proxy variable

Closed

is blocked by

OCPBUGS-33237 Kube-apiserver-proxy pod in Hosted Control Plane cluster does not use no_proxy variable

Closed

is cloned by

OCPBUGS-36518 Kube-apiserver-proxy pod in Hosted Control Plane cluster does not use no_proxy variable

Closed

links to

openshift/hypershift#4014: [release-4.15] OCPBUGS-33510: Run haproxy to connect to kas from data plane if noproxy settings contain kas

RHBA-2024:3488 OpenShift Container Platform 4.15.z bug fix update

(1 links to)

Assignee:: Alberto Garcia Lamela

Reporter:: OpenShift Prow Bot

Need Info From:: None

Contributors:: None

QA Contact:: Jie Zhao

Doc Contact:: None

Votes:: 1 Vote for this issue

Watchers:: 8 Start watching this issue

Created:: 2024/05/10 9:25 AM

Updated:: 2025/07/22 11:36 PM

Resolved:: 2024/06/05 3:21 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates