search

crc-org / crc

CRC is a tool to help you run containers. It manages a local OpenShift 4.x cluster, Microshift or a Podman VM optimized for testing and development purposes
https://crc.dev
Apache License 2.0
1.26k stars 242 forks source link

Update MicroShift start message to list APIs not available #3906

Open xjvs opened 1 year ago

xjvs commented 1 year ago

General information

CRC version

CRC version: 2.28.0+e1f42d
OpenShift version: 4.13.14
Podman version: 4.4.4

CRC status

DEBU CRC version: 2.28.0+e1f42d                   
DEBU OpenShift version: 4.13.14                   
DEBU Podman version: 4.4.4                        
DEBU Running 'crc status'                         
CRC VM:          Running
MicroShift:      Running (v4.13.14)
RAM Usage:       1.23GB of 3.827GB
Disk Usage:      4.738GB of 16.1GB (Inside the CRC VM)
Cache Usage:     6.391GB
Cache Directory: /home/xjvs/.crc/cache

CRC config

- consent-telemetry                     : no
- preset                                : microshift

Host Operating System

NAME="Fedora Linux"
VERSION="38 (Workstation Edition)"
ID=fedora
VERSION_ID=38
VERSION_CODENAME=""
PLATFORM_ID="platform:f38"
PRETTY_NAME="Fedora Linux 38 (Workstation Edition)"
ANSI_COLOR="0;38;2;60;110;180"
LOGO=fedora-logo-icon
CPE_NAME="cpe:/o:fedoraproject:fedora:38"
DEFAULT_HOSTNAME="fedora"
HOME_URL="https://fedoraproject.org/"
DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora/f38/system-administrators-guide/"
SUPPORT_URL="https://ask.fedoraproject.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=38
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=38
SUPPORT_END=2024-05-14
VARIANT="Workstation Edition"
VARIANT_ID=workstation

Steps to reproduce

  1. crc delete -f
  2. crc cleanup
  3. crc config set consent-telemetry no
  4. crc config set preset microshift
  5. crc setup
  6. crc start --log-level debug
  7. eval $(crc oc-env)
  8. oc --loglevel 10 login -u developer https://api.crc.testing:6443

Expected

Can login the cluster with developer or admin account

Actual

Can't login the cluster

Logs

  1. running pods: 
    $ oc get pods -A
NAMESPACE                  NAME                                 READY   STATUS    RESTARTS      AGE
openshift-dns              dns-default-jg66v                    2/2     Running   0             17m
openshift-dns              node-resolver-jjf47                  1/1     Running   0             18m
openshift-ingress          router-default-78944775-dqrjl        1/1     Running   0             18m
openshift-ovn-kubernetes   ovnkube-master-sqcqx                 4/4     Running   0             18m
openshift-ovn-kubernetes   ovnkube-node-28hw8                   1/1     Running   1 (17m ago)   18m
openshift-service-ca       service-ca-6bcb6d8cd5-sxjdr          1/1     Running   0             18m
openshift-storage          topolvm-controller-f58fcd7cb-lkrrc   4/4     Running   0             18m
openshift-storage          topolvm-node-88c2b                   4/4     Running   0             17m
  2. Login error 
    
$ oc login -u developer https://api.crc.testing:6443
error: couldn't get https://api.crc.testing:6443/.well-known/oauth-authorization-server: unexpected response status 404

$ oc --loglevel 10 login -u developer https://api.crc.testing:6443 ... I1106 11:34:46.251205 24837 round_trippers.go:466] curl -v -XGET -H "Accept: application/json, /" -H "User-Agent: oc/4.13.0 (linux/amd64) kubernetes/17b7acc" 'https://api.crc.testing:6443/api/v1/namespaces/openshift/configmaps/motd' I1106 11:34:46.251768 24837 round_trippers.go:553] GET https://api.crc.testing:6443/api/v1/namespaces/openshift/configmaps/motd 403 Forbidden in 0 milliseconds I1106 11:34:46.251781 24837 round_trippers.go:570] HTTP Statistics: GetConnection 0 ms ServerProcessing 0 ms Duration 0 ms I1106 11:34:46.251788 24837 round_trippers.go:577] Response Headers: I1106 11:34:46.251796 24837 round_trippers.go:580] Content-Type: application/json I1106 11:34:46.251803 24837 round_trippers.go:580] Strict-Transport-Security: max-age=31536000; includeSubDomains; preload I1106 11:34:46.251810 24837 round_trippers.go:580] X-Content-Type-Options: nosniff I1106 11:34:46.251817 24837 round_trippers.go:580] X-Kubernetes-Pf-Prioritylevel-Uid: 4ac08f59-f6d0-4b05-a7f5-c688403746ce I1106 11:34:46.251825 24837 round_trippers.go:580] Content-Length: 303 I1106 11:34:46.251832 24837 round_trippers.go:580] Date: Mon, 06 Nov 2023 03:34:46 GMT I1106 11:34:46.251839 24837 round_trippers.go:580] Audit-Id: 422d5040-40d7-4e70-89a5-1507e36ebf02 I1106 11:34:46.251846 24837 round_trippers.go:580] Cache-Control: no-cache, private I1106 11:34:46.251853 24837 round_trippers.go:580] X-Kubernetes-Pf-Flowschema-Uid: da1f47fd-598a-4b76-bdab-3f9006d62158 I1106 11:34:46.251866 24837 request.go:1171] Response Body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"configmaps \"motd\" is forbidden: User \"system:anonymous\" cannot get resource \"configmaps\" in API group \"\" in the namespace \"openshift\"","reason":"Forbidden","details":{"name":"motd","kind":"configmaps"},"code":403} error: couldn't get https://api.crc.testing:6443/.well-known/oauth-authorization-server: unexpected response status 404

3. "crc start --log-level debug" log: https://gist.github.com/xjvs/435cc13410c6f9d44f17000a3fde2e3a
4. "oc login" log: https://gist.github.com/xjvs/86b1568815f4c9e92100b11000335d54 

Before gather the logs try following if that fix your issue
```bash
$ crc delete -f
$ crc cleanup
$ crc setup
$ crc start --log-level debug

These steps have been performed, doesn't help.

Please consider posting the output of crc start --log-level debug on http://gist.github.com/ and post the link in the issue.

praveenkumar commented 1 year ago

@xjvs Since you are using the microshift preset which doesn't have user/project API so oc login not going to work as it works for OCP cluster. After the crc start you can directly access the cluster using the current context like you used oc get pods -A .

gbraad commented 1 year ago

This might be also something we need to address as part of the startup message. WDYT?

xjvs commented 1 year ago

@xjvs Since you are using the microshift preset which doesn't have user/project API so oc login not going to work as it works for OCP cluster. After the crc start you can directly access the cluster using the current context like you used oc get pods -A .

I didn't know microshift doesn't support same APIs as OpenShift, then this makes sense, thank you.

praveenkumar commented 1 year ago

Need to reopen https://github.com/crc-org/crc/issues/3906#issuecomment-1801441462