Connection timeout to the kube-apiserver in OpenShift 4

Solution Verified - Updated -

Issue

  • After an upgrade to Openshift 4.10 the openshift-gitops pods are unable to connect to the kubernetes API:

    $ oc logs openshift-gitops-server-0 -n openshift-gitops
2022-05-18T10:11:30.960958271Z Trace[1152640294]: ---"Objects listed" error:Get "https://172.30.0.1:443/api/v1/namespaces/openshift-gitops/configmaps?labelSelector=app.kubernetes.io%2Fpart-of%3Dargocd&limit=500&resourceVersion=0": dial tcp 172.30.0.1:443: i/o timeout 30001ms (10:11:30.960)
2022-05-18T10:11:30.960958271Z Trace[1152640294]: [30.001749703s] [30.001749703s] END
2022-05-18T10:11:30.960958271Z E0610 10:11:30.960893       1 reflector.go:138] pkg/mod/k8s.io/client-go@v0.23.1/tools/cache/reflector.go:167: Failed to watch *v1.ConfigMap: failed to list *v1.ConfigMap: Get "https://172.30.0.1:443/api/v1/namespaces/openshift-gitops/configmaps?labelSelector=app.kubernetes.io%2Fpart-of%3Dargocd&limit=500&resourceVersion=0": dial tcp 172.30.0.1:443: i/o timeout

  • Some containers don't have network connectivity to the kube-apiserver.

  • EgressIP breaks access from a pod with EgressIP to other host networked pods on different nodes.

Environment

  • Red Hat OpenShift Container Platform (RHOCP)
    • 4.10
  • NetworkType: OVNKubernetes

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content