In Recovering from expired control plane certificates, in step 6, there is a loop to wait for the recovery API server to come up.
# until oc get namespace kube-system 2>/dev/null 1>&2; do echo 'Waiting for recovery apiserver to come up.'; sleep 1; done
This step looks redundant, because kube-system was present in OCP cluster.
Why there is no recommendation to check recovery-apiserver directly, using crictl for example?
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.