kubernetes certificates renewal failure on controller-1 after initial install
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Reinildes Oliveira |
Bug Description
Brief Description
-----------------
Alarm 250.003, kubernetes certificates renewal failed is raised for controller-1.
Severity
--------
Major: System is usable but degraded
Steps to Reproduce
------------------
Install STX and wait for k8s certificates to expire on controller-1
Expected Behavior
------------------
all k8s certificates should get renewed without issues
Actual Behavior
----------------
k8s certificates fail to be renewed on controller-1
Reproducibility
---------------
Seen once
System Configuration
-------
DX
Branch/Pull Time/Commit
-------
STX master 2023-07-31 06:00:00
STX-O master 2023-07-31 16:01:00
Last Pass
---------
2023_07_06-06_00_00
Timestamp/Logs
--------------
+------
| Alarm ID | Reason Text | Entity ID | Severity | Time Stamp |
+------
| 250.003 | Kubernetes certificates renewal failed. | host=controller-1 | major | 2023-08-02T00: |
| | | | | 10:01.424863 |
| | | | | |
+------
Test Activity
-------------
Sanity Testing
Workaround
----------
N/A
summary: |
- STX-Openstack | Debian: kubernetes certificates renewal failure on - controller-1 + STX | Debian: kubernetes certificates renewal failure on controller-1 |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
tags: | added: stx.9.0 stx.security |
summary: |
- STX | Debian: kubernetes certificates renewal failure on controller-1 + kubernetes certificates renewal failure on controller-1 after initial + install |
Changed in starlingx: | |
status: | New → In Progress |
Changed in starlingx: | |
assignee: | nobody → Reinildes Oliveira (rjosemat) |
This is resulting in stx-openstack sanity failing; this needs to be triaged by the security team.