-
Notifications
You must be signed in to change notification settings - Fork 184
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Degraded status when starting an OCP private cluster deployed on AWS #467
Comments
Issues go stale after 90d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle stale |
Stale issues rot after 30d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle rotten |
Rotten issues close after 30d of inactivity. Reopen the issue by commenting /close |
@openshift-bot: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
I have the same issue, this is the message on the installation log:
I'm trying to do an air-gapped IPI installation on AWS, using OKD 4.7.0-0.okd-2021-09-19-013247. The machine that executes openshift-install needs to have Internet, but all the instances on the VPC are on a private subnet without a NAT GW, so they don't have Internet access at all. I'm using an internal server as a Registry Mirror. I have configured EC2, S3, and ELB VPC Endpoints. The S3 VPC Endpoint is a Gateway endpoint, the other 2 are Interface endpoints. I don't think you could have a VPC Endpoint for "tagging", so that's what failing at the end of the installation: Post "https://tagging.us-east-1.amazonaws.com/": dial tcp 52.94.233.76:443: i/o timeout" Any ideas for a workaround? |
When starting an OCP 4.3 private cluster deployed on AWS, the cluster ingress operator stays with "degraded" status.
(By "private cluster", I mean the OCP cluster cannot access the internet.)
It seems that the operator is trying to access "https://tagging.us-east-1.amazonaws.com" and this is causing the problem.
Q1. Are there any workaround for this?
Q2. Is it MANDATORY for the operator to be able to access the internet? (This makes it impossible for any Openshift clusters to be private...)
Thanks.
The text was updated successfully, but these errors were encountered: