After clusterwide proxy is enabled by editing the proxy object, MCP gets updated. During MCP udate, master MCP is in not ready state, reason being one of the etcd guard pod is in degraded state after being evicted.     

ALWAYS    

    1. Bring up OCP (4.20-rc.2) cluster on LPAR.
    2. Once the cluster is up, install the proxy (squid) and enable cluster-wide proxy by editing the proxy object and adding the proxy details. (oc edit proxy cluster)
    3. When this is modified, the MachineConfig Operator (MCO) detects the change and generates new machine configs for affected pools.
    4. Master MCP update is failing. Checking the machine-config-controller logs, below error is seen.

oc logs -n openshift-machine-config-operator -l k8s-app=machine-config-controller --tail=100
Defaulted container "machine-config-controller" out of: machine-config-controller, kube-rbac-proxy
Error from server: Get "https://10.x.0.2:10250/containerLogs/openshift-machine-config-operator/machine-config-controller-76b9488d7-l96cr/machine-config-controller?tailLines=100": tls: failed to verify certificate: x509: certificate is valid for 172.x.y.z, not 10.x.0.2  


The above error is seen in one of the etcd-guard pod in openshift-etcd project.   

MCP update is failing for master.

MCP should get updated without any issues.