Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-23483

Silencing of Alert in Developer Console not working until OpenShift Container Platform 4.14

    XMLWordPrintable

Details

    • Important
    • No
    • Rejected
    • False
    • Hide

      None

      Show
      None

    Description

      Description of problem:

      Setting up and configure User Workload Monitoring according to https://docs.openshift.com/container-platform/4.13/monitoring/enabling-monitoring-for-user-defined-projects.html works as expected. Yet when trying to silence an alert a "Forbidden" message is being reported.
      
      $ oc get clusterversion
      NAME      VERSION                              AVAILABLE   PROGRESSING   SINCE   STATUS
      version   4.13.0-0.nightly-2023-09-23-231516   True        False         2m20s   Cluster version is 4.13.0-0.nightly-2023-09-23-231516
      
      $ oc create secret generic htpass-secret --from-file=htpasswd=htpasswd -n openshift-config
      
      $ bat aws-htpasswd-auth-provider.yaml
      apiVersion: config.openshift.io/v1
      kind: OAuth
      metadata:
        name: cluster
      spec:
        identityProviders:
        - name: my_htpasswd_provider 
          mappingMethod: claim 
          type: HTPasswd
          htpasswd:
            fileData:
              name: htpass-secret 
      
      $ oc apply -f aws-htpasswd-auth-provider.yaml
      
      $ bat /tmp/mon1.yaml
      apiVersion: v1
      kind: ConfigMap
      metadata:
        name: cluster-monitoring-config
        namespace: openshift-monitoring
      data:
        config.yaml: |
          enableUserWorkload: true
      
      $ oc apply -f /tmp/mon1.yaml
      
      $ oc policy add-role-to-user monitoring-rules-edit user1 -n project-100
      $ oc policy add-role-to-user monitoring-edit user1 -n project-100
      $ oc policy add-role-to-user alert-routing-edit user1 -n project-100
      
      $ bat /tmp/mon.yaml 
      apiVersion: v1
      kind: ConfigMap
      metadata:
        name: user-workload-monitoring-config
        namespace: openshift-user-workload-monitoring
      data:
        config.yaml: |
          alertmanager:
            enabled: true 
            enableAlertmanagerConfig: true
      
      $ oc apply -f /tmp/mon.yaml
      
      $ oc policy add-role-to-user cluster-monitoring-view user1 -n project-100
      $ oc policy add-role-to-user monitoring-rules-edit user1 -n project-100
      
      Deployment the sample from the documentation below
      - https://docs.openshift.com/container-platform/4.13/monitoring/managing-metrics.html#deploying-a-sample-service_managing-metrics
      - https://docs.openshift.com/container-platform/4.13/monitoring/managing-alerts.html#creating-alerting-rules-for-user-defined-projects_managing-alerts
      
      Shows the steps executed and in the attached Screenshot, the error reported is being shown.
      
      Doing the same with OpenShift Container Platform 4.14 it all works as expected and the user is able to silence the alert.
      
      $ oc get clusterversion
      NAME      VERSION                              AVAILABLE   PROGRESSING   SINCE   STATUS
      version   4.14.0-0.nightly-2023-09-24-044110   True        False         66s     Cluster version is 4.14.0-0.nightly-2023-09-24-044110
      
      $ oc create secret generic htpass-secret --from-file=htpasswd=htpasswd -n openshift-config
      
      $ bat aws-htpasswd-auth-provider.yaml
      apiVersion: config.openshift.io/v1
      kind: OAuth
      metadata:
        name: cluster
      spec:
        identityProviders:
        - name: my_htpasswd_provider 
          mappingMethod: claim 
          type: HTPasswd
          htpasswd:
            fileData:
              name: htpass-secret 
      
      $ oc apply -f aws-htpasswd-auth-provider.yaml
      
      $ bat /tmp/mon1.yaml
      apiVersion: v1
      kind: ConfigMap
      metadata:
        name: cluster-monitoring-config
        namespace: openshift-monitoring
      data:
        config.yaml: |
          enableUserWorkload: true
      
      $ oc apply -f /tmp/mon1.yaml
      
      $ oc policy add-role-to-user monitoring-rules-edit user1 -n project-100
      $ oc policy add-role-to-user monitoring-edit user1 -n project-100
      $ oc policy add-role-to-user alert-routing-edit user1 -n project-100
      
      $ bat /tmp/mon.yaml 
      apiVersion: v1
      kind: ConfigMap
      metadata:
        name: user-workload-monitoring-config
        namespace: openshift-user-workload-monitoring
      data:
        config.yaml: |
          alertmanager:
            enabled: true 
            enableAlertmanagerConfig: true
      
      $ oc apply -f /tmp/mon.yaml
      
      $ oc policy add-role-to-user cluster-monitoring-view user1 -n project-100
      $ oc policy add-role-to-user monitoring-rules-edit user1 -n project-100
      
      Deployment the sample from the documentation below
      - https://docs.openshift.com/container-platform/4.13/monitoring/managing-metrics.html#deploying-a-sample-service_managing-metrics
      - https://docs.openshift.com/container-platform/4.13/monitoring/managing-alerts.html#creating-alerting-rules-for-user-defined-projects_managing-alerts
      
      Attached is the Screenshot, showing that silencing was working.
      
      

      Version-Release number of selected component (if applicable):

      - OpenShift Container Platform 4.13 and 4.12
      

      How reproducible:

      - Always
      

      Steps to Reproduce:

      1. Show problem description
      

      Actual results:

      In OpenShift Container Platform 4.13, when trying to silence an alert as project administrator, Forbidden message is reported and silencing is not working.
      

      Expected results:

      Behavior expected like in OpenShift Container Platform 4.14, where the project administrator is able to silence alert with the same setup.
      

      Additional info:

      Initial thinking was, that it may be related to https://issues.redhat.com/browse/OCPBUGS-17347 but given this is a different part of the OpenShift Container Platform 4 - Dev Console it's not really possible.
      

      Attachments

        Issue Links

          Activity

            People

              viraj-1 Vikram Raj
              rhn-support-sreber Simon Reber
              Sanket Pathak Sanket Pathak
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: