OVN northd certificate expired in Red Hat OpenShift Container Platform 4.8
Issue
OVN northd certificates expire in Red Hat OpenShift Container Platform (OCP) 4.8. Due to certificate expiration, OVN communication breaks, and pods cannot be spawned. The ovnkube logs show timed out waiting for OVS port binding
.
Northd containers show the following messages, which identify the issue:
2022-10-06T14:25:55.432931141+00:00 stderr F 2022-10-06T14:25:55Z|00073|stream_ssl|WARN|SSL_read: error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired
2022-10-06T14:25:55.432931141+00:00 stderr F 2022-10-06T14:25:55Z|00074|jsonrpc|WARN|ssl:x.x.x.x:9641: receive error: Input/output error
2022-10-06T14:25:55.433083506+00:00 stderr F 2022-10-06T14:25:55Z|00075|reconnect|WARN|ssl:x.x.x.x:9641: connection dropped (Input/output error)
Environment
Red Hat OpenShift Container Platform 4.8 and before
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.