Misconfiguration in ingresscontroller custom resources causing authentication pod oauth-openshift-xxx to fail.
Issue
- Misconfiguration in ingresscontroller custom resources causing authentication pod to fail, since v4-0-config-system-router-certs secret is missing in RHOCP 4
clusteroperator/authentication is degraded because OAuthServerConfigObservationDegraded: secret "v4-0-config-system-router-certs" not found
OAuthServerDeploymentDegraded: 1 of 3 requested instances are unavailable for oauth-openshift.openshift-authentication (container is waiting in pending oauth-openshift-5cb8b4b79f-b96dr pod)
OAuthServerRouteEndpointAccessibleControllerDegraded: secret "v4-0-config-system-router-certs" not found
RouterCertsDegraded: neither the custom secret/v4-0-config-system-router-certs -n openshift-authentication or default secret/v4-0-config-system-custom-router-certs -n openshift-authentication could be retrieved: secret "v4-0-config-system-router-certs" not found
- Authentication operator is in degraded state, since oauth-openshift-xxx pod in openshift-authentication namespace is still in container creating state, as the secret "v4-0-config-system-router-certs" is not present in openshift-authentication namespace.
$ oc get events -n openshift-authentication
28m Warning FailedMount pod/oauth-openshift-xxxxx MountVolume.SetUp failed for volume "v4-0-config-system-router-certs" : secret "v4-0-config-system-router-certs" not found
- Authentication pod oauth-openshift-xxx in namespace "openshift-authentication" is in container creating state.
$ oc get po -n openshift-authentication
NAME READY STATUS RESTARTS AGE
oauth-openshift-5cb8b4b79f-b96dr 0/1 ContainerCreating 0 1h
oauth-openshift-68fd8bd59c-r69x7 1/1 Running 0 1d
oauth-openshift-68fd8bd59c-tt69q 1/1 Running 0 1d
Environment
- Red Hat OpenShift Container Platform (RHOCP) 4.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
