Uploaded image for project: 'Cloud Infrastructure Security & Compliance'
  1. Cloud Infrastructure Security & Compliance
  2. CMP-2331

ocp4-cis-api-server-api-priority-gate-enabled rule is failing even if APIPriorityAndFairness enabled

XMLWordPrintable

    • False
    • None
    • False
    • Moderate

      ISSUE: ocp4-cis-api-server-api-priority-gate-enabled rule is failing even if APIPriorityAndFairness enabled.
      Description:
      As per the first rule "ocp4-cis-api-server-api-priority-gate-enabled " it will check "APIPriorityAndFairness=true" value in kube-apiserver CR.

      1. oc get kubeapiservers.operator.openshift.io cluster -o json | jq '.spec.observedConfig.apiServerArguments["feature-gates"]'

      2. As this parameter enabled in code itself and its only reflected in logs and metrics.

      Ideally we need to modify the rule to check this parameter in metrics.

      kubernetes_feature_enabled

      {name="APIPriorityAndFairness"}

            wenshen@redhat.com Vincent Shen
            rhn-support-agawand Asmita Gawand
            Votes:
            0 Vote for this issue
            Watchers:
            12 Start watching this issue

              Created:
              Updated:
              Resolved: