OKD vSphere UPI install -> certificate signed by unknown authority #1240
Unanswered
ImperrattoR
asked this question in
Q&A
Replies: 1 comment
-
Check api/api-int LB configuration - make sure its not terminating SSL and pointing to correct ports. Similar issue: #165 (comment) |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I tried to install OKD (4.9.0-0.okd-2022-01-29-035536) on vSphere with user-provisioned infrastructure.
After starting the bootstrap and master machines and running command './openshift-install --dir install_dir wait-for bootstrap-complete --log-level=info' I get an error:
INFO Waiting up to 20m0s for the Kubernetes API at https://api.okd-dev...
ERROR Attempted to gather ClusterOperator status after wait failure: listing ClusterOperator objects: Get "https://api.okd-dev..../apis/config.openshift.io/v1/clusteroperators": x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kube-apiserver-lb-signer")
INFO Use the following commands to gather logs from the cluster
INFO openshift-install gather bootstrap --help
ERROR Bootstrap failed to complete: Get "https://api.okd-dev..../version?timeout=32s": x509: certificate signed by unknown authority (possibly because of "crypto/rsa: verification error" while trying to verify candidate authority certificate "kube-apiserver-lb-signer")
ERROR Failed waiting for Kubernetes API. This error usually happens when there is a problem on the bootstrap host that prevents creating a temporary control plane.
FATAL Bootstrap failed to complete
I can't figure out what is cousing the problem.
If anyone has an idea what could potentialy be wrong, I would apprichiate any help or suggestions.
Gather logs are attached.
log-bundle-20220525073740.tar.gz
Beta Was this translation helpful? Give feedback.
All reactions