How to retrieve master and worker ignition configuration in OpenShift 4?
Environment
- Red Hat OpenShift Container Platform (RHOCP)
- 4
Issue
- How to retrieve the master or worker ignition configuration from OpenShift Container Platform 4?
Resolution
At installation time, the master-user-data and worker-user-data secrets are created in the openshift-machine-api namespace and contains ignition configuration for node installation. If the Machine API Operator is enabled to manage the machines in the cluster, the Machine Config Operator also creates and maintains an up-to-date version of the ignition configuration in the secrets master-user-data-managed and worker-user-data-managed.
To retrieve the ignition configuration from the secrets, it is possible to use the following command. Refer to the Diagnostic Steps for additional examples.
$ oc extract secret/[secret_name] -n openshift-machine-api --keys=userData --to=-
The ignition in the secrets contains the source URL for the full ignition files, the certificate and additional information. The ignition from the API can be retrieved from the api-int URL:
$ curl -k -o worker.ign https://api-int.<cluster-name>.<base-domain>:22623/config/worker
$ curl -k -o master.ign https://api-int.<cluster-name>.<base-domain>:22623/config/master
Root Cause
The ignition configuration for the master and worker nodes are stored in secrets in the openshift-machine-api namespace at installation time. If the Machine API Operator is enabled to manage machines in the cluster, the Machine Config Operator also creates an maintains an up-to-date version of the ignition configuration.
Diagnostic Steps
-
To retrieve the installation ignition configuration run the following commands:
$ oc extract secret/master-user-data -n openshift-machine-api --keys=userData --to=- $ oc extract secret/worker-user-data -n openshift-machine-api --keys=userData --to=- -
To retrieve the up-to-date version of the ignition configuration (if available) run the following commands:
$ oc extract secret/master-user-data-managed -n openshift-machine-api --keys=userData --to=- $ oc extract secret/worker-user-data-managed -n openshift-machine-api --keys=userData --to=-If
jqis installed, it can be used to show a more readable output adding| jqat the end of the above commands.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments