Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-25894

Kube-apiserver operator is trying to delete prometheus rule that does not exists

XMLWordPrintable

    • No
    • False
    • Hide

      None

      Show
      None
    • Hide
      * Previously, the Kubernetes API Server Operator attempted to delete a Prometheus rule that was removed in {product-title} 4.13 to ensure it was deleted. This resulted resulted in failed deletion messages in the audit logs every few minutes. With this release, the Kubernetes API Server Operator no longer attempts to remove this nonexistent rule and there are no more failed deletion messages in the audit logs. (link:https://issues.redhat.com/browse/OCPBUGS-25894[*OCPBUGS-25894*])
      Show
      * Previously, the Kubernetes API Server Operator attempted to delete a Prometheus rule that was removed in {product-title} 4.13 to ensure it was deleted. This resulted resulted in failed deletion messages in the audit logs every few minutes. With this release, the Kubernetes API Server Operator no longer attempts to remove this nonexistent rule and there are no more failed deletion messages in the audit logs. (link: https://issues.redhat.com/browse/OCPBUGS-25894 [* OCPBUGS-25894 *])
    • Bug Fix
    • Done

      Description of problem:

      Kube-apiserver operator is trying to delete prometheus rule that does not exists leading to huge amount of unwanted audit logs, 

With the introduction of the change as a part of BUG-2004585 kube-apiserver SLO rulesare split into 2 groups kube-apiserver-slos-basic and kube-apiserver-slos-extended kube-apiserver-operator is trying to delete /apis/monitoring.coreos.com/v1/namespaces/openshift-kube-apiserver/prometheusrules/kube-apiserver-slos which no longer exist in the cluster

      Version-Release number of selected component (if applicable):

      4.12
4.13
4.14

      How reproducible:

          Its easy to reproduce

      Steps to Reproduce:

          1. install a cluster with 4.12
    2. enable cluster logging 
    3. forward the audit log to internal or external logstore using below config

apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: instance
  namespace: openshift-logging
spec:
  pipelines: 
  - name: all-to-default
    inputRefs:
    - infrastructure
    - application
    - audit
    outputRefs:
    - default     

    4. Check the audit logs in kibana, it will show the logs like below image

      Actual results:

          Kube-apiserver-operator is trying to delete prometheus rule that does not exists in the cluster

      Expected results:

      if the rule is not there in the cluster it should not be searched for deletion

      Additional info:

        1. Screenshot 2023-12-28 at 15.59.40.png
          Screenshot 2023-12-28 at 15.59.40.png
          323 kB

            vrutkovs@redhat.com Vadim Rutkovsky
            rhn-support-ssonigra Sonigra Saurab
            Rahul Gangwar Rahul Gangwar
            Votes:
            0 Vote for this issue
            Watchers:
            9 Start watching this issue

              Created:
              Updated:
              Resolved: