Loading...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Undefined
Fix Version/s: None
Affects Version/s: 4.17
Component/s: Installer / openshift-installer
Labels:
None

Activity Type:
Quality / Stability / Reliability
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Story Points:
None
Severity:
Moderate
Regression:
None

Target Backport Versions:
None
Target Version:

4.17.z
Release Blocker:
None
Sprint:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Release Note Status:
Done
Release Note Type:
Bug Fix
Release Note Text:

Hide
* Previously, after you creating a private {product-title} cluster on {azure-first}, the installation program did not mark the storage account that it created as private. As a result, the storage account was publically available. With this release, the installation program now correctly always marks the storage account as private regardless if the cluster is publically or privately available. (link:https://issues.redhat.com/browse/OCPBUGS-42349[*~~OCPBUGS-42349~~*])

Show
* Previously, after you creating a private {product-title} cluster on {azure-first}, the installation program did not mark the storage account that it created as private. As a result, the storage account was publically available. With this release, the installation program now correctly always marks the storage account as private regardless if the cluster is publically or privately available. (link: https://issues.redhat.com/browse/OCPBUGS-42349 [* OCPBUGS-42349 *])

Escape Reason:
None
Escape Impact:
None
Corrective Measures:
None
SDLC stage when should've been found:
None

Description of problem:

On 4.17 rc.3/rc.5, install cluster with customer-managed key for storage account configured will fail.

install-config:
=======
platform:
  azure:
    customerManagedKey:
      keyVault:
        keyName: ci-op-b7b9151w-eca8b-key
        name: ci-op-b7b9151w-eca8b-kv
        resourceGroup: ci-op-b7b9151w-eca8b-rg
      userAssignedIdentityKey: ci-op-b7b9151w-eca8b-identity

Error
========  
level=info msg=Waiting up to 15m0s (until 7:01PM UTC) for network infrastructure to become ready...
level=info msg=Network infrastructure is ready
level=error msg=failed to fetch Cluster: failed to generate asset "Cluster": failed to create cluster: failed provisioning resources after infrastructure ready: failed to create blob container vhd: PUT https://management.azure.com/subscriptions/53b8f551-f0fc-4bea-8cba-6d1fefd54c8a/resourceGroups/ci-op-b7b9151w-eca8b-95g9d-rg/providers/Microsoft.Storage/storageAccounts/ciopb7b9151weca8b95g9dsa/blobServices/default/containers/vhd
level=error msg=--------------------------------------------------------------------------------
level=error msg=RESPONSE 400: 400 Bad Request
level=error msg=ERROR CODE: UnsupportedHeader
level=error msg=--------------------------------------------------------------------------------
level=error msg={
level=error msg=  "error": {
level=error msg=    "code": "UnsupportedHeader",
level=error msg=    "message": "One of the headers specified in the request is not supported.\nRequestId:7ca1ed39-d01c-0107-6f20-0d5e97000000\nTime:2024-09-22T18:49:25.9448932Z"
level=error msg=  }
level=error msg=}
level=error msg=--------------------------------------------------------------------------------
level=error
level=info msg=Shutting down local Cluster API controllers...
level=info msg=Stopped controller: Cluster API
level=info msg=Stopped controller: azure infrastructure provider
level=info msg=Stopped controller: azureaso infrastructure provider
level=info msg=Shutting down local Cluster API control plane...
level=info msg=Local Cluster API system has completed operations
Installer exit with code 4

Version-Release number of selected component (if applicable):

4.17.0-rc.3/4.17.0-rc.5

How reproducible:

Always

Steps to Reproduce:

    1. set customerManagedKey in install-config
    2. create cluster
    3.

Actual results:

    installation failed

Expected results:

    installation succeeded.

Additional info:

Issue is introduced by https://github.com/openshift/installer/pull/8984 to fix bug https://issues.redhat.com/browse/OCPBUGS-41542.
https://github.com/openshift/installer/pull/9006 is the fix for this issue and already merged, but not included in 4.17.0-rc.3/4.17.0-rc.5.

The purpose of this bug is to add known issue in 4.17 RN, and the fix will be in the following 4.17.1 z-stream.

links to

RHBA-2024:8229 OpenShift Container Platform 4.17.z bug fix update

Assignee:: Sandhya Dasu

Reporter:: Jinyun Ma

Need Info From:: None

Contributors:: None

QA Contact:: Jinyun Ma

Doc Contact:: None

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2024/09/24 2:13 AM

Updated:: 2025/07/20 1:30 PM

Resolved:: 2024/10/23 5:29 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates