che: PKIX error and impossible to start workspaces on OCP 4.1

Description

2019-06-21 08:52:06,511[557-wjt8m-47779]  [WARN ] [unknown.jul.logger 49]               - Problem getting Pod json from Kubernetes Client[masterUrl=https://172.30.0.1:443/api/v1, headers={}, connectTimeout=5000, readTimeout=30000, operationAttempts=3, operationSleep=1000, streamProvider=org.openshift.ping.common.stream.TokenStreamProvider@3d3d5e6a] for cluster [EclipseLinkCommandChannel], namespace [che7], labels [app=che]; encountered [java.lang.Exception: 3 attempt(s) with a 1000ms sleep to execute [OpenStream] failed. Last failure was [javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target]]

And then:

2019-06-21 08:52:06,965[aceSharedPool-1]  [WARN ] [.i.k.KubernetesInternalRuntime 245]  - Failed to start Kubernetes runtime of workspace workspacef4huz4zllvbwgxom. Cause: Pod creation timeout exceeded. -id: workspacef4huz4zllvbwgxom.workspace -message: null

Reproduction Steps

  • Deploy Che 7 RC 2 on OCP 4.1
  • Create 5 workspaces
  • stop all of them
  • try to start a new workspace.

OS and version:
Che 7 RC 2 - OCP 4.1

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Comments: 18 (18 by maintainers)

Most upvoted comments

Max already send a review request https://www.eclipse.org/lists/eclipselink-dev/msg07786.html

+2
skabashnyuk on Aug 8, 2019

PR is merged, let’s wait for EL release and the switch to new version.

+1
mshaposhnik on Sep 12, 2019
Read more comments on GitHub
← che: [OCP4] Che deployment fails due to permission denied in Postgres
che: Plugin installation fails from che-theia workspace →