-
Bug
-
Resolution: Unresolved
-
Critical
-
None
-
4.13, 4.12, 4.14.z
-
None
Description of problem:
Cloud Credential Operator is down in GCP cluster. Cluster is trying to access API endpoint backupdr.googleapis.com even though this API is not under customer's subscription.
CCO has these logs:
time="2024-10-25T01:12:30Z" level=warning msg="Detected required APIs that are disabled: [backupdr.googleapis.com]" actuator=gcp cr=openshift-cloud-credential-operator/openshift-machine-api-gcp
time="2024-10-25T01:12:30Z" level=error msg="not all required service APIs are enabled" actuator=gcp cr=openshift-cloud-credential-operator/openshift-machine-api-gcp
time="2024-10-25T01:12:30Z" level=error msg="error syncing credentials: not all required service APIs are enabled" controller=credreq cr=openshift-cloud-credential-operator/openshift-machine-api-gcp secret=openshift-machine-api/gcp-cloud-credentials
time="2024-10-25T01:12:30Z" level=error msg="errored with condition: CredentialsProvisionFailure" controller=credreq cr=openshift-cloud-credential-operator/openshift-machine-api-gcp secret=openshift-machine-api/gcp-cloud-credentials
Version-Release number of selected component (if applicable):
How reproducible:
Not determinable yet. We have experienced this for a specific cluster. We still don't know where the request is originating.
Steps to Reproduce:
1.
2.
3.
Actual results:
Cloud Credential Operator is down because cluster is trying to access an endpoint that the cluster is not subscribed to.
Expected results:
Cluster should not access endpoints it is not subscribed to.
Additional info:
OHSS: https://issues.redhat.com/browse/OHSS-38255
Discussion thread: https://redhat-internal.slack.com/archives/CCX9DB894/p1729820675700629
![4.1[5-8] CI.png](/secure/attachment/13288449/4.1%5B5-8%5D%20CI.png)
![4.1[2-4] CI.png](/secure/attachment/13288448/4.1%5B2-4%5D%20CI.png)
- blocks
-
-
- Verified
-