fenar/gist:58ab59311bae109f8fe80beceea5178a

## gistfile1.txt
Error: kubelet_node_status "unable to register node with api server" err="nodes is forbidden: user \"system:anonymous\" cannot create resource \"nodes\" in api group \"\" at the cluster scope"
<br>
$ oc get csr
<br>
'''
NAME                                                    AGE    SIGNERNAME                                    REQUESTOR                                                                         REQUESTEDDURATION   CONDITION
csr-7vmxb                                               33m    kubernetes.io/kube-apiserver-client-kubelet   system:serviceaccount:openshift-machine-config-operator:node-bootstrapper         <none>              Pending
csr-c2hc8                                               8m5s   kubernetes.io/kube-apiserver-client-kubelet   system:serviceaccount:openshift-machine-config-operator:node-bootstrapper         <none>              Pending
csr-nd65q                                               23m    kubernetes.io/kube-apiserver-client-kubelet   system:serviceaccount:openshift-machine-config-operator:node-bootstrapper         <none>              Pending
csr-zvv46                                               29m    kubernetes.io/kube-apiserver-client-kubelet   system:serviceaccount:openshift-machine-config-operator:node-bootstrapper         <none>              Pending
local-cluster-9zrxz                                     2d7h   kubernetes.io/kube-apiserver-client           system:open-cluster-management:local-cluster:2dqwk                                <none>              Approved,Issued
sandbox01-6bvt6                                         34m    kubernetes.io/kube-apiserver-client           system:serviceaccount:sandbox01:sandbox01-bootstrap-sa                            <none>              Pending
system:openshift:openshift-authenticator-mnk57          2d7h   kubernetes.io/kube-apiserver-client
'''
<br>
$ oc get csr -o go-template='{{range .items}}{{if not .status}}{{.metadata.name}}{{"\n"}}{{end}}{{end}}' | xargs oc adm certificate approve
<br>
Make sure nothing is in pending still!
	Error: kubelet_node_status "unable to register node with api server" err="nodes is forbidden: user \"system:anonymous\" cannot create resource \"nodes\" in api group \"\" at the cluster scope"
	<br>
	$ oc get csr
	<br>
	'''
	NAME AGE SIGNERNAME REQUESTOR REQUESTEDDURATION CONDITION
	csr-7vmxb 33m kubernetes.io/kube-apiserver-client-kubelet system:serviceaccount:openshift-machine-config-operator:node-bootstrapper <none> Pending
	csr-c2hc8 8m5s kubernetes.io/kube-apiserver-client-kubelet system:serviceaccount:openshift-machine-config-operator:node-bootstrapper <none> Pending
	csr-nd65q 23m kubernetes.io/kube-apiserver-client-kubelet system:serviceaccount:openshift-machine-config-operator:node-bootstrapper <none> Pending
	csr-zvv46 29m kubernetes.io/kube-apiserver-client-kubelet system:serviceaccount:openshift-machine-config-operator:node-bootstrapper <none> Pending
	local-cluster-9zrxz 2d7h kubernetes.io/kube-apiserver-client system:open-cluster-management:local-cluster:2dqwk <none> Approved,Issued
	sandbox01-6bvt6 34m kubernetes.io/kube-apiserver-client system:serviceaccount:sandbox01:sandbox01-bootstrap-sa <none> Pending
	system:openshift:openshift-authenticator-mnk57 2d7h kubernetes.io/kube-apiserver-client
	'''
	<br>
	$ oc get csr -o go-template='{{range .items}}{{if not .status}}{{.metadata.name}}{{"\n"}}{{end}}{{end}}' \| xargs oc adm certificate approve
	<br>
	Make sure nothing is in pending still!