[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ocp 4.3 nightly install on openstack queens

On Sat, 23 Nov 2019 at 13:21, Dale Bewley <dale bewley net> wrote:
I'm testing OCP 4.3 2019-11-19 nightly on OSP 13.

I added my CA cert [1] to install-config.yaml [3]  and the installer now progresses. I can even `oc get nodes` and see the masters. [2].

I still have the following errors and no worker nodes though.

ERROR Cluster operator authentication Degraded is True with RouteStatusDegradedFailedHost: RouteStatusDegraded: route is not available at canonical host oauth-openshift.apps.osp-nightly.osp-nightly.domain.com: [] 

This sounds like ingress isn't deploying because the worker nodes are not deployed or your load balancer isn't making ingress available. Are your master nodes schedulable? Ie are your masters also workers? If not, then ingress won't deploy.

How is your load balancer configured for 80/443 traffic? If the masters aren't targets of that, then even if ingress deploys you still won't be able to use any routes

This is likely a symptom of not yet having associated a floating IP to the app neutron port, and not having created an /etc/hosts entry on the installer host. I assume that's a nonfatal error.

I assume this one is fatal, however:

INFO Cluster operator image-registry Progressing is True with Error: Unable to apply resources: unable to sync storage configuration: Post https://openstack.domain.com:13000/v3/auth/tokens: x509: certificate signed by unknown authority

Have you added the CA that covers openstack.domain.com to install-config.yaml at .additionalTrustBundle like you mentioned in your previous post?

Otherwise you might need to edit Proxy config and set spec.trustedCA.name to  user-ca-bundle  

apiVersion: config.openshift.io/v1
kind: Proxy
  name: cluster
    name: user-ca-bundle  

I had to do this even though I don't have an explicit proxy. I do have a transparent proxy though, which was doing MITM, essentially breaking anything trying to talk to the internet.

Is it safe to assume this BZ comment is related to that error? https://bugzilla.redhat.com/show_bug.cgi?id=1735192#c17

Bootstrap host has already been removed by the installer, so `openshift-install gather` does not seem usable, but the installer debug output can be found at  https://paste.fedoraproject.org/paste/SzIqAMU4DWHN3Bw3WDKfTQ

Any advice?


[1] https://lists.openshift.redhat.com/openshift-archives/users/2019-November/msg00073.html

export KUBECONFIG=osp-nightly/auth/kubeconfig
$ oc get nodes
NAME                         STATUS    ROLES     AGE       VERSION
osp-nightly-tfz6p-master-0   Ready     master    102m      v1.16.2
osp-nightly-tfz6p-master-1   Ready     master    103m      v1.16.2
osp-nightly-tfz6p-master-2   Ready     master    103m      v1.16.2

[3] install-config.yaml
apiVersion: v1
baseDomain: ocp.domain.com
additionalTrustBundle: |
- hyperthreading: Enabled
  name: worker
        size: 10
  replicas: 3
  hyperthreading: Enabled
  name: master
  platform: {}
  replicas: 3
  creationTimestamp: null
  name: osp-nightly
  - cidr:
    hostPrefix: 23
  networkType: OpenShiftSDN
    cloud: shiftstack
    computeFlavor: ocp4.worker.4x16
    externalDNS: null
    externalNetwork: floating
    octaviaSupport: "0"
    region: ""
    trunkSupport: "1"
publish: External
pullSecret: '{"...
sshKey: |
  ssh-rsa A...

users mailing list
users lists openshift redhat com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]