PublicAndPrivate: ================ jiezhao-mac:hypershift jiezhao$ aws s3api create-bucket --acl public-read-write --create-bucket-configuration LocationConstraint=us-east-2 --region=us-east-2 --bucket jz-hypershift-oidc { "Location": "http://jz-hypershift-oidc.s3.amazonaws.com/" } jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ ./bin/hypershift install --private-platform=AWS --aws-private-creds=$HOME/aws-private-creds --aws-private-region=us-east-2 --external-dns-provider=aws --external-dns-credentials=$HOME/.aws/credentials --external-dns-domain-filter=jiezhao-hypershift.qe.devcluster.openshift.com --oidc-storage-provider-s3-credentials=$HOME/.aws/credentials --oidc-storage-provider-s3-bucket-name=jz-hypershift-oidc --oidc-storage-provider-s3-region=us-east-2 jiezhao-mac:hypershift jiezhao$ oc get pods -n hypershift NAME READY STATUS RESTARTS AGE external-dns-754dc6458c-kjpfx 1/1 Running 0 31m operator-579bb757b4-82ggm 1/1 Running 0 31m operator-579bb757b4-txkgv 1/1 Running 0 31m jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ ./bin/hypershift create cluster aws --name=jz-test --endpoint-access=PublicAndPrivate --external-dns-domain=jiezhao-hypershift.qe.devcluster.openshift.com --pull-secret=$HOME/pull-secret --aws-creds=$HOME/.aws/credentials --node-pool-replicas=3 --instance-type=m5.xlarge --ssh-key=$HOME/.ssh/id_rsa.pub --infra-id=hypershift-cluster --base-domain=jiezhao-dev.qe.devcluster.openshift.com --region=us-east-2 --release-image=registry.ci.openshift.org/ocp/release:4.13.0-0.nightly-2023-02-13-194759 jiezhao-mac:hypershift jiezhao$ oc get hostedcluster -n clusters NAME VERSION KUBECONFIG PROGRESS AVAILABLE PROGRESSING MESSAGE jz-test 4.13.0-0.nightly-2023-02-13-194759 jz-test-admin-kubeconfig Completed True False The hosted control plane is available jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ oc get hostedcluster/jz-test -n clusters -ojsonpath='{.spec.platform.aws.endpointAccess}{"\n"}' PublicAndPrivate jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ oc get hostedcluster -n clusters NAME VERSION KUBECONFIG PROGRESS AVAILABLE PROGRESSING MESSAGE jz-test 4.13.0-0.nightly-2023-02-13-194759 jz-test-admin-kubeconfig Completed True False The hosted control plane is available jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ oc get hostedcluster/jz-test -n clusters -ojsonpath='{.spec.platform.aws.endpointAccess}{"\n"}' Public - lastTransitionTime: "2023-02-14T02:48:24Z" message: All is well observedGeneration: 4 reason: AsExpected status: "True" type: ExternalDNSReachable jiezhao-mac:hypershift jiezhao$ oc get route -n clusters-jz-test NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD ignition-server ignition-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com ignition-server passthrough/None None konnectivity-server konnectivity-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com konnectivity-server passthrough/None None kube-apiserver api-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com kube-apiserver passthrough/None None kube-apiserver-internal api.jz-test.hypershift.local kube-apiserver passthrough/None None oauth oauth-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com oauth-openshift passthrough/None None ovnkube-sbdb ovn-sbdb-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com ovnkube-master-external 9642 passthrough/None None jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ nslookup api-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com ;; Got SERVFAIL reply from 10.11.5.19, trying next server Server: 10.2.32.1 Address: 10.2.32.1#53 Non-authoritative answer: Name: api-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com Address: 3.16.4.10 Name: api-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com Address: 3.18.130.82 Name: api-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com Address: 52.14.220.65 jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ oc get service -n clusters-jz-test | grep router router LoadBalancer 172.30.200.23 a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com 443:30960/TCP 23m jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ dig a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com ; <<>> DiG 9.10.6 <<>> a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5246 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1220 ;; QUESTION SECTION: ;a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com. IN A ;; ANSWER SECTION: a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com. 60 IN A 3.16.4.10 a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com. 60 IN A 3.18.130.82 a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com. 60 IN A 52.14.220.65 ;; Query time: 57 msec ;; SERVER: 10.11.5.19#53(10.11.5.19) ;; WHEN: Mon Feb 13 22:29:07 EST 2023 ;; MSG SIZE rcvd: 154 jiezhao-mac:hypershift jiezhao$ Public: ====== jiezhao-mac:hypershift jiezhao$ ./bin/hypershift install --external-dns-provider=aws --external-dns-credentials=$HOME/.aws/credentials --external-dns-domain-filter=jiezhao-hypershift.qe.devcluster.openshift.com --oidc-storage-provider-s3-credentials=$HOME/.aws/credentials --oidc-storage-provider-s3-bucket-name=jz-hypershift-oidc --oidc-storage-provider-s3-region=us-east-2 jiezhao-mac:hypershift jiezhao$ oc get pods -n hypershift NAME READY STATUS RESTARTS AGE external-dns-d5867f874-tz6gg 1/1 Running 0 88s operator-58d587fd98-8pw6p 1/1 Running 0 87s operator-58d587fd98-vk9m4 1/1 Running 0 88s jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ ./bin/hypershift create cluster aws --name=jz-test --external-dns-domain=jiezhao-hypershift.qe.devcluster.openshift.com --pull-secret=$HOME/pull-secret --aws-creds=$HOME/.aws/credentials --node-pool-replicas=3 --instance-type=m5.xlarge --base-domain=jiezhao-dev.qe.devcluster.openshift.com --region=us-east-2 --release-image=registry.ci.openshift.org/ocp/release:4.13.0-0.nightly-2023-02-13-194759 jiezhao-mac:hypershift jiezhao$ oc get hostedcluster -n clusters NAME VERSION KUBECONFIG PROGRESS AVAILABLE PROGRESSING MESSAGE jz-test 4.13.0-0.nightly-2023-02-13-194759 jz-test-admin-kubeconfig Completed True False The hosted control plane is available jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ oc get hostedcluster/jz-test -n clusters -ojsonpath='{.spec.platform.aws.endpointAccess}{"\n"}' Public jiezhao-mac:hypershift jiezhao$ - lastTransitionTime: "2023-02-14T03:20:20Z" message: All is well observedGeneration: 4 reason: AsExpected status: "True" type: ExternalDNSReachable jiezhao-mac:hypershift jiezhao$ oc get route -n clusters-jz-test NAME HOST/PORT PATH SERVICES PORT TERMINATION WILDCARD ignition-server ignition-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com ignition-server passthrough/None None konnectivity-server konnectivity-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com konnectivity-server passthrough/None None kube-apiserver api-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com kube-apiserver passthrough/None None kube-apiserver-internal api.jz-test.hypershift.local kube-apiserver passthrough/None None oauth oauth-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com oauth-openshift passthrough/None None ovnkube-sbdb ovn-sbdb-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com ovnkube-master-external 9642 passthrough/None None jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ nslookup api-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com ;; Got SERVFAIL reply from 10.11.5.19, trying next server Server: 10.2.32.1 Address: 10.2.32.1#53 Non-authoritative answer: Name: api-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com Address: 3.16.4.10 Name: api-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com Address: 3.18.130.82 Name: api-jz-test.jiezhao-hypershift.qe.devcluster.openshift.com Address: 52.14.220.65 jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ oc get service -n clusters-jz-test | grep router router LoadBalancer 172.30.200.23 a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com 443:30960/TCP 23m jiezhao-mac:hypershift jiezhao$ jiezhao-mac:hypershift jiezhao$ dig a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com ; <<>> DiG 9.10.6 <<>> a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5246 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1220 ;; QUESTION SECTION: ;a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com. IN A ;; ANSWER SECTION: a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com. 60 IN A 3.16.4.10 a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com. 60 IN A 3.18.130.82 a91c86e2295824c4e9ba6d0361adea84-80cfecaa82af652d.elb.us-east-2.amazonaws.com. 60 IN A 52.14.220.65 ;; Query time: 57 msec ;; SERVER: 10.11.5.19#53(10.11.5.19) ;; WHEN: Mon Feb 13 22:29:07 EST 2023 ;; MSG SIZE rcvd: 154 jiezhao-mac:hypershift jiezhao$