Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-6784

SNO cluster deployment failing due to authentication and console CO in degraded state

    XMLWordPrintable

Details

    • Important
    • 8
    • Sprint 233, Sprint 234, Sprint 235, Sprint 236, Sprint 237
    • 5
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Customer Escalated
    • Hide
      3/27: Need customer to test on the latest 4.12 version to see if the error is still present.
      3/15: Was originally opened under the incorrect component. Has since be routed to the appropriate team and is awaiting input.
      3/9: telco reviewed
      Show
      3/27: Need customer to test on the latest 4.12 version to see if the error is still present. 3/15: Was originally opened under the incorrect component. Has since be routed to the appropriate team and is awaiting input. 3/9: telco reviewed

    Description

      Description of problem:

      SNO installation performed with the assisted-installer failed 
      

      Version-Release number of selected component (if applicable):

      4.10.32
      # oc get co authentication -o yaml
      - lastTransitionTime: '2023-01-30T00:51:11Z'
          message: 'IngressStateEndpointsDegraded: No subsets found for the endpoints of
            oauth-server      OAuthServerConfigObservationDegraded: secret "v4-0-config-system-router-certs"
            not found      OAuthServerDeploymentDegraded: 1 of 1 requested instances are unavailable for
            oauth-openshift.openshift-authentication (container is waiting in pending oauth-openshift-58b978d7f8-s6x4b
            pod)      OAuthServerRouteEndpointAccessibleControllerDegraded: secret "v4-0-config-system-router-certs"
      
      # oc logs ingress-operator-xxx-yyy -c ingress-operator 
      2023-01-30T08:14:13.701799050Z 2023-01-30T08:14:13.701Z ERROR   operator.certificate_publisher_controller       certificate-publisher/controller.go:80  failed to list ingresscontrollers for secret    {"related": "", "error": "Index with name field:defaultCertificateName does not exist"}
      
      Restarting the ingress-operator pod helped fix the issue, but a permanent fix is required.
      
      The Bug(https://bugzilla.redhat.com/show_bug.cgi?id=2005351) was filed earlier but closed due to inactivity.

       

       

      Attachments

        Issue Links

          Activity

            People

              alebedev@redhat.com Andrey Lebedev
              rhn-support-dpateriy Divyam Pateriya
              Hongan Li Hongan Li
              Votes:
              0 Vote for this issue
              Watchers:
              23 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: