[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

OKD3.11 install blocked - Could not find csr for nodes

Hello all!

I'm hitting a problem when trying to install a OKD3.11 on one master 2 infra and 2 compute nodes. The hosts are VM that run centos7. 
I've gone through the issues related to this subject: https://access.redhat.com/solutions/3680401 which suggest naming the hosts as FQDN. Tried it with the same problem appearing for the same set of hosts(all except the master).

In my case the error is only for the 2 infra nodes and 2 compute nodes, so not for the master as well.

oc get nodes gives me just the master node, but I guess this is the case as the other OKD-nodes stand to be created by the process that fails. Am I wrong?

oc get csr gives me a result of 3 csrs:
[root master ~]# oc get csr
NAME        AGE       REQUESTOR            CONDITION
csr-4xjjb   24m       system:admin         Approved,Issued
csr-b6x45   24m       system:admin         Approved,Issued
csr-hgmpf   20m       system:node:master   Approved,Issued

Here I believe I have 2 csrs for system:Admin because I ran the playbooks/openshift-node/join.yml a second time.

The bootstrapping certificates on the master look fine(??)
[root master ~]# ll /etc/origin/node/certificates/
total 20
-rw-------. 1 root root 2830 iun  1 11:30 kubelet-client-2019-06-01-11-30-04.pem
-rw-------. 1 root root 1135 iun  1 11:31 kubelet-client-2019-06-01-11-31-23.pem
lrwxrwxrwx. 1 root root   68 iun  1 11:31 kubelet-client-current.pem -> /etc/origin/node/certificates/kubelet-client-2019-06-01-11-31-23.pem
-rw-------. 1 root root 1179 iun  1 11:35 kubelet-server-2019-06-01-11-35-42.pem
lrwxrwxrwx. 1 root root   68 iun  1 11:35 kubelet-server-current.pem -> /etc/origin/node/certificates/kubelet-server-2019-06-01-11-35-42.pem

 I've rechecked the open ports thinking the issue lies in some network-related config.
- all hosts have the node related ports opened: 53/udp, 10250/tcp, 4789/udp
- master(with etcd): 8053/udp+tcp, 2049/udp+tcp, 8443/tcp, 8444/tcp, 4789/udp, 53/udp
- infra has on top of the node ones, the ports related to router/routes and logging components which it will host
The chosen SDN is os_sdn_network_plugin_name='redhat/openshift-ovs-multitenant' with no extra config in the inventory file. (Do I need any?)

Any hints about where and what to check would be much appreciated!

Best regards,
Dan Pungă

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]