Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-32521

Recreating the KEDA controller with a new Audit Logging level won't overwrite the old settings.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Normal Normal
    • None
    • 4.15
    • Pod Autoscaler
    • None
    • Important
    • No
    • 3
    • PODAUTO - Sprint 258
    • 1
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Hide
      Previously, kedacontroller audit configuration changes would not re-reconcile the audit configuration configmap, effectively rendering the audit configuration immutable after initial deployment. This release now reconciles the configmap properly, allowing the audit configuration to be changed.
      Show
      Previously, kedacontroller audit configuration changes would not re-reconcile the audit configuration configmap, effectively rendering the audit configuration immutable after initial deployment. This release now reconciles the configmap properly, allowing the audit configuration to be changed.
    • Bug Fix
    • In Progress

      Description of problem:

          Not getting the logs written to PVC.

      Version-Release number of selected component (if applicable):

          4.15

      How reproducible:

      Install a 4.15 cluster with CMA .

      Steps to Reproduce:

          1. create PVC
$ oc create -f- << EOF
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: log-out-pvc
  namespace: openshift-keda
spec:
  accessModes:
    - ReadWriteOnce
  volumeMode: Filesystem
  resources:
    requests:
      storage: 2Gi
EOF     

2. Create a Keda Controller with the below Yaml file:
apiVersion: keda.sh/v1alpha1
kind: KedaController
metadata:
  name: keda
  namespace: openshift-keda
spec:
  metricsServer:
    logLevel: '0'
    auditConfig:
      logFormat: "json"
      logOutputVolumeClaim: "log-out-pvc"
      policy:
         rules:
         - level: Metadata
         omitStages:
          - RequestReceived
         omitManagedFields: false
      lifetime:
         maxAge: "2"
         maxBackup: "1"
         maxSize: "50"
  operator:
    logLevel: info
    logEncoder: console
  serviceAccount: {}
  watchNamespace: ''

3. Check the logs written to PV:
oc -n openshift-keda logs pod/keda-metrics-apiserver-848b78f6c4-cm748|grep -i level
    

      Actual results:

      only RequestResponse log is coming in the log. Metadata and Request is not coming.

{"kind":"Event","apiVersion":"audit.k8s.io/v1","level":"RequestResponse","auditID":"2e4e0e63-9bc8-47fd-8c63-c41e59edc187","stage":"ResponseComplete","requestURI":"/readyz","verb":"get","user":{"username":"system:anonymous","groups":["system:unauthenticated"]},"sourceIPs":["10.129.2.2"],"userAgent":"kube-probe/1.28","responseStatus":{"metadata":{},"code":200},"requestReceivedTimestamp":"2024-04-22T10:11:28.243542Z","stageTimestamp":"2024-04-22T10:11:28.243649Z","annotations":{"authorization.k8s.io/decision":"allow","authorization.k8s.io/reason":""}}
[asahay@asahay-thinkpadt14sgen2i cmasanity]$ 
  

      Expected results:

           LEVEL Metadata: {"kind":"Event","apiVersion":"audit.k8s.io/v1","level":"Metadata","auditID":"4c81d41b-3dab-4675-90ce-20b87ce24013","stage":"ResponseComplete","requestURI":"/healthz","verb":"get","user":{"username":"system:anonymous","groups":["system:unauthenticated"]},"sourceIPs":["10.131.0.1"],"userAgent":"kube-probe/1.26","responseStatus":{"metadata":{},"code":200},"requestReceivedTimestamp":"2023-02-16T13:00:03.554567Z","stageTimestamp":"2023-02-16T13:00:03.555032Z","annotations":{"authorization.k8s.io/decision":"allow","authorization.

      Additional info:

          CMA version is 2.12.1-384 

              joelsmith.redhat Joel Smith
              asahay@redhat.com Aditi Sahay
              Aditi Sahay Aditi Sahay
              Aditi Sahay
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated:
                Resolved: