On Mon, Sep 30, 2019 at 4:50 PM Jon Stanley wrote: > Attached the logs. ./bootstrap/journals/bootkube.log has loops like:
Sep 30 23:32:55 localhost.localdomain bootkube.sh[1605]: https://etcd-1.openshift4poc.example.local:2379 is unhealthy: failed to connect: dial tcp 172.16.1.11:2379: connect: no route to host Sep 30 23:32:55 localhost.localdomain bootkube.sh[1605]: https://etcd-2.openshift4poc.example.local:2379 is unhealthy: failed to connect: dial tcp 172.16.1.13:2379: connect: no route to host Sep 30 23:32:55 localhost.localdomain bootkube.sh[1605]: https://etcd-0.openshift4poc.example.local:2379 is unhealthy: failed to connect: dial tcp 172.16.1.10:2379: connect: connection refused Sep 30 23:32:55 localhost.localdomain bootkube.sh[1605]: Error: unhealthy cluster Sep 30 23:32:56 localhost.localdomain bootkube.sh[1605]: etcdctl failed. Retrying in 5 seconds... so you never formed an etcd cluster. ./control-plane/ has no meaningful content, so we were unable to SSH in and gather logs on that side. ./bootstrap/containers/machine-config-server-dc163e7947214728da3d0d83183e525d87121ebbab42650c472406a4ef68677b.log has lots of: 2019/09/30 22:55:31 http: TLS handshake error from 172.16.1.2:37280: remote error: tls: bad certificate so we can see the TLS issues you're reporting in the server logs. Checking the cert: $ openssl x509 -in ./rendered-assets/openshift/tls/machine-config-server.crt -noout -text | grep 'Validity\|Not Before\|Not After\|example.local' Validity Not Before: Sep 30 22:46:23 2019 GMT Not After : Sep 27 22:46:24 2029 GMT Subject: CN=api-int.openshift4poc.example.local DNS:api-int.openshift4poc.example.local So everything looks reasonable on this side. Grab the console logs from the control-plane machines? Cheers, Trevor _______________________________________________ users mailing list users@lists.openshift.redhat.com http://lists.openshift.redhat.com/openshiftmm/listinfo/users