Uploaded image for project: 'AMQ Broker'
  1. AMQ Broker
  2. ENTMQBR-8210

Cluster-scoped AMQ Broker operator causes "WARN {qtp263495647-51} : Login failed due to: User does not exist" warnings in broker Pods

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Major Major
    • None
    • AMQ 7.11.0.GA
    • operator
    • Important

      We run AMQ Broker operator with cluster-scoped installation, so the operator watches all namespaces. If we create ActiveMQArtemis CRs in two different namespaces having the same "name" and a different "adminUser/adminPassword" the password from the other namespace is being tried by the operator to connect to the broker. This causes many login warning in the broker Pods.

      Step to reproduce:
      Install AMQ Broker operator cluster-scoped, then create an ActiveMQArtemis CR in two different namespaces. Restart operator Pod, then create ActiveMQArtemisAddress CRs.

      $ oc new-project myproject1
      $ oc new-project myproject2

      $ oc apply -f -<<EOF
      apiVersion: broker.amq.io/v1beta1
      kind: ActiveMQArtemis
      metadata:
      name: amq
      namespace: myproject1
      spec:
      deploymentPlan:
      size: 1
      persistenceEnabled: false
      requireLogin: true
      resources:
      limits:
      cpu: 1000m
      memory: 1Gi
      requests:
      cpu: 10m
      memory: 50Mi
      journalType: nio
      jolokiaAgentEnabled: false
      image: placeholder
      adminUser: admin1
      adminPassword: admin1
      EOF

      $ oc apply -f -<<EOF
      apiVersion: broker.amq.io/v1beta1
      kind: ActiveMQArtemis
      metadata:
      name: amq
      namespace: myproject2
      spec:
      deploymentPlan:
      size: 1
      persistenceEnabled: false
      requireLogin: true
      resources:
      limits:
      cpu: 1000m
      memory: 1Gi
      requests:
      cpu: 10m
      memory: 50Mi
      journalType: nio
      jolokiaAgentEnabled: false
      image: placeholder
      adminUser: admin2
      adminPassword: admin2
      EOF

      1. Restart operator
        $ oc delete pod -n openshift-operators --all

      $ oc apply -f -<<EOF
      apiVersion: broker.amq.io/v1beta1
      kind: ActiveMQArtemisAddress
      metadata:
      name: myaddress-11
      namespace: myproject1
      spec:
      addressName: myAddress11
      queueName: myQueue11
      routingType: anycast
      EOF

      $ oc apply -f -<<EOF
      apiVersion: broker.amq.io/v1beta1
      kind: ActiveMQArtemisAddress
      metadata:
      name: myaddress-21
      namespace: myproject2
      spec:
      addressName: myAddress21
      queueName: myQueue21
      routingType: anycast
      EOF

      In broker Pod we see login warnings:
      $ oc logs amq-ss-0 -n myproject1
      WARN

      {qtp263495647-51}

      : Login failed due to: User does not exist: admin2

      $ oc logs amq-ss-0 -n myproject1
      WARN

      {qtp976133979-49}

      : Login failed due to: User does not exist: admin1

      Note: One known workaround to use different "name" for ActiveMQArtemis CRs globally

              gtully@redhat.com Gary Tully
              rdorobek@redhat.com Russell Dorobek
              Roman Vais Roman Vais (Inactive)
              Votes:
              1 Vote for this issue
              Watchers:
              10 Start watching this issue

                Created:
                Updated:
                Resolved: