Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-56666

Cluster deployment on OpenShift virtualization consistently fails to complete, resulting in a "Partial" status, inaccessible kube-apiserver via kubeadmin, and initial degraded/missing components.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Normal Normal
    • None
    • 4.18.z
    • None
    • Quality / Stability / Reliability
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Description of problem:

      Cluster deployment on OpenShift virtualization consistently fails to reach a "Ready" state, getting stuck in "Partial" with initial degraded/missing components and an inaccessible kube-apiserver via kubeadmin.
      

      Version-Release number of selected component (if applicable):

      OpenShift 4.18.10 (as indicated by oc get co output)
      

      How reproducible:

      100% - consistently reproducible with every new hosted cluster creation.
      

      Steps to Reproduce:

      
      Create a new hosted cluster on OpenShift virtualization using the ACM dashboard.
      Define the necessary hostedcluster and nodepool resources.
      Monitor the cluster's progress and status. 

      Actual results:

      The hosted cluster status remains "Partial" instead of "Ready".
      Initially, the kube-scheduler deployment is in a degraded state.
      The ignition server deployment is not found.
      Many conditions are not found in the CVO.
      The kube-apiserver of the hosted cluster cannot be accessed directly using the kubeadmin user (Login failed 401 Unauthorized).
      Manual intervention is required to approve pending CSRs after retrieving the kubeconfig from the admin-kubeconfig secret, which allows access via oc commands but does not resolve the kubeadmin login issue or full cluster readiness. 

      Expected results:

      The hosted cluster should reach a "Ready" state after creation.
      All cluster components should be healthy and fully deployed without manual intervention.
      The kube-apiserver should be accessible via the kubeadmin user immediately after deployment.
      No manual approval of CSRs or restarting of pods should be required for a successful deployment. 

      Additional info:

      Must-gather for failing cluster "hosted-418" has been attached.
      The issue is observed across all newly created hosted clusters, indicating a systemic problem rather than an isolated incident.
      oc get co output shows all cluster operators as True for AVAILABLE and False for PROGRESSING and DEGRADED, despite the cluster's overall "Partial" status and kubeadmin login failure. 

              kmajcher@redhat.com Krzysztof Majcher
              rhn-support-mlele Mihir Lele
              None
              None
              Yu Li Yu Li
              None
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: