Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Critical
Fix Version/s: None
Affects Version/s: 4.19.0
Component/s: HyperShift
Labels:
- triaged

Regression:
None
Release Blocker:
Rejected
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Release Note Text:

Hide
Fixes an issue that prevented cluster form succeeding when the cluster is created with a secure proxy enabled, and certificate is set in configuration.proxy.trustCA.
It also fix an issue that prevented oauth from reaching cloud APIs through management cluster proxy

Show
Fixes an issue that prevented cluster form succeeding when the cluster is created with a secure proxy enabled, and certificate is set in configuration.proxy.trustCA. It also fix an issue that prevented oauth from reaching cloud APIs through management cluster proxy
Target Version:

4.18.0
Target Backport Versions:

4.14.z, 4.15.z, 4.17.z, 4.16.z, 4.18.0

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

PX Impact Score:

Description of problem:

When the cluster is created with a secure proxy enabled, and certificate is set in configuration.proxy.trustCA, the cluster fails to complete provisioning.
4.19.0-0.nightly-2024-12-10-040415

Version-Release number of selected component (if applicable):

How reproducible:

    always

Steps to Reproduce:

    1. Create a cluster with a secure proxy, certificate is set in .spec.configuration.proxy.trustCA.
    3.

Actual results:

    cluster does not complete provisioning

Expected results:

    cluster completes

Additional info:

    root cause is that certificate in additionalTrustBunlde isn't propagated into ingress proxy. 
slack:
https://redhat-internal.slack.com/archives/G01QS0P2F6W/p1734047816669079?thread_ts=1734023627.636019&cid=G01QS0P2F6W

clones

OCPBUGS-48619 Cluster fails to complete provisioning when using proxy with custom trust bundle

Verified

depends on

OCPBUGS-48619 Cluster fails to complete provisioning when using proxy with custom trust bundle

Verified

is cloned by

OCPBUGS-51098 Cluster fails to complete provisioning when using proxy with custom trust bundle

is depended on by

OCPBUGS-51098 Cluster fails to complete provisioning when using proxy with custom trust bundle

links to

openshift/hypershift#5525: OCPBUGS-48619: Add HostedCluster additional trustbundles to konnectivity-https-proxy

openshift/hypershift#5667: OCPBUGS-51050: Add HostedCluster additional trustbundles to konnectivity-https-proxy

RHEA-2024:11038 OpenShift Container Platform 4.19.z bug fix update

(2 links to)

Assignee:: Alberto Garcia Lamela

Reporter:: Jie Zhao

QA Contact:: Jie Zhao

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2025/02/19 2:14 PM

Updated:: 2025/02/20 9:00 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates