Migrate playbook fails in 3.6 with certificate error

Solution Verified - Updated -

Issue

Playbook /usr/share/ansible/openshift-ansible/playbooks/byo/openshift-etcd/migrate.yml fails with the following error:

TASK [Add new etcd members to cluster] ******************************************************************************************************************************************************************************************************
Thursday 26 April 2018  12:43:15 +0200 (0:00:02.877)       0:05:46.601 ********
FAILED - RETRYING: Add new etcd members to cluster (12 retries left).
FAILED - RETRYING: Add new etcd members to cluster (11 retries left).
FAILED - RETRYING: Add new etcd members to cluster (10 retries left).
FAILED - RETRYING: Add new etcd members to cluster (9 retries left).
FAILED - RETRYING: Add new etcd members to cluster (8 retries left).
FAILED - RETRYING: Add new etcd members to cluster (7 retries left).
FAILED - RETRYING: Add new etcd members to cluster (6 retries left).
FAILED - RETRYING: Add new etcd members to cluster (5 retries left).
FAILED - RETRYING: Add new etcd members to cluster (4 retries left).
FAILED - RETRYING: Add new etcd members to cluster (3 retries left).
FAILED - RETRYING: Add new etcd members to cluster (2 retries left).
FAILED - RETRYING: Add new etcd members to cluster (1 retries left).


fatal: [master02.example.com -> master01.example.com]: FAILED! => {"attempts": 12, "changed": true, "cmd": ["/usr/bin/etcdctl", "--cert-file", "/etc/etcd/peer.crt", "--key-file", "/etc/etcd/peer.key", "--ca-file", "/etc/etcd/ca.crt", "-C", "https://master01.example.com:2379", "member", "add", "master02.example.com", "https://X.X.X.X:2380"], "delta": "0:00:00.030976", "end": "2018-04-26 12:45:20.315139", "failed_when_result": true, "msg": "non-zero return code", "rc": 1, "start": "2018-04-26 12:45:20.284163", "stderr": "client: etcd cluster is unavailable or misconfigured; error #0: x509: certificate is not valid for any names, but wanted to match master01.example.com", "stderr_lines": ["client: etcd cluster is unavailable or misconfigured; error #0: x509: certificate is not valid for any names, but wanted to match master01.example.com"], "stdout": "", "stdout_lines": []}

Environment

OCP 3.6

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In