Uploaded image for project: 'OpenShift Console'
  1. OpenShift Console
  2. CONSOLE-4632

Impact statement request for OCPBUGS-56148 TargetDown Alert and TOKEN_REVIEW: 'GET /metrics' unauthorized, invalid user token in console pod logs

XMLWordPrintable

    • Icon: Spike Spike
    • Resolution: Done
    • Icon: Critical Critical
    • None
    • None
    • None
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • None
    • None
    • OCP Console - Sprint 273

      +underlined text+Impact statement for the OCPBUGS-56148 series:

      Which 4.y.z to 4.y'.z' updates increase vulnerability?

      Any updates to the following versions:

      • 4.19.0
      • 4.18.12 / 4.18.13 / 4.18.14 / 4.18.15 / 4.18.16 / 4.18.17
      • 4.17.29 / 4.17.30 / 4.17.31 / 4.17.32 / 4.17.33 / 4.17.34

      Which types of clusters?

      All clusters with the Console capability enabled.

      What is the impact? Is it serious enough to warrant removing update recommendations?

      • The requests from Prometheus of OpenShift monitoring are denied with a 401 response. This triggers a TargetDown alert for the console metrics endpoint. 
        It is advised to skip the upgrade to any affected versions.

      How involved is remediation?

      Updating the cluster to the version including the fix:

      • 4.19: upgrade to 4.19.1+
      • 4.18: upgrade to 4.18.18+
      • 4.17: upgrade to 4.17.35+

      Is this a regression?

      Yes.

              rh-ee-jonjacks Jon Jackson
              hongkliu Hongkai Liu
              None
              None
              None
              None
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: