-
Bug
-
Resolution: Done
-
Critical
-
4.19.z
-
Quality / Stability / Reliability
-
False
-
-
1
-
None
-
None
-
None
-
None
-
MCO Sprint 274
-
1
-
Done
-
Bug Fix
-
-
None
-
None
-
None
-
None
This is a clone of issue OCPBUGS-59780. The following is the description of the original issue:
—
Currently, the MCO uses the infrastructure status to infer the hostnames during cert management. In ARO, those fields don't exist, so when the MCO's cert reconcile loop runs on upgrade to 4.19, it refreshes the cert without the required SAN IPs.
The certcontroller in the MCO is vendored from library-go, which uses annotations on the secret to determine if the certs are due for rotation. Clusters in <4.18 do not have these annotations; and hence will have an immediate rotation when upgraded. 4.19 installer creates the secret with these annotations; so we will not see an immediate rotation when the MCO comes up during 4.19 installation and
See https://issues.redhat.com/browse/ARO-20086 for some more context.
- clones
-
OCPBUGS-59780 ARO clusters cannot scale on upgrade to 4.19
-
- Verified
-
- is blocked by
-
OCPBUGS-59780 ARO clusters cannot scale on upgrade to 4.19
-
- Verified
-
- links to