Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-32521

Recreating the KEDA controller with a new Audit Logging level won't overwrite the old settings.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Normal Normal
    • None
    • 4.15
    • Pod Autoscaler
    • None
    • Important
    • No
    • 3
    • PODAUTO - Sprint 258
    • 1
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Hide
      Previously, kedacontroller audit configuration changes would not re-reconcile the audit configuration configmap, effectively rendering the audit configuration immutable after initial deployment. This release now reconciles the configmap properly, allowing the audit configuration to be changed.
      Show
      Previously, kedacontroller audit configuration changes would not re-reconcile the audit configuration configmap, effectively rendering the audit configuration immutable after initial deployment. This release now reconciles the configmap properly, allowing the audit configuration to be changed.
    • Bug Fix
    • In Progress

      Description of problem:

          Not getting the logs written to PVC.

      Version-Release number of selected component (if applicable):

          4.15

      How reproducible:

      Install a 4.15 cluster with CMA .    

      Steps to Reproduce:

          1. create PVC
      $ oc create -f- << EOF
      apiVersion: v1
      kind: PersistentVolumeClaim
      metadata:
        name: log-out-pvc
        namespace: openshift-keda
      spec:
        accessModes:
          - ReadWriteOnce
        volumeMode: Filesystem
        resources:
          requests:
            storage: 2Gi
      EOF     
      
      2. Create a Keda Controller with the below Yaml file:
      apiVersion: keda.sh/v1alpha1
      kind: KedaController
      metadata:
        name: keda
        namespace: openshift-keda
      spec:
        metricsServer:
          logLevel: '0'
          auditConfig:
            logFormat: "json"
            logOutputVolumeClaim: "log-out-pvc"
            policy:
               rules:
               - level: Metadata
               omitStages:
                - RequestReceived
               omitManagedFields: false
            lifetime:
               maxAge: "2"
               maxBackup: "1"
               maxSize: "50"
        operator:
          logLevel: info
          logEncoder: console
        serviceAccount: {}
        watchNamespace: ''
      
      3. Check the logs written to PV:
      oc -n openshift-keda logs pod/keda-metrics-apiserver-848b78f6c4-cm748|grep -i level
           

      Actual results:

      only RequestResponse log is coming in the log. Metadata and Request is not coming.
      
      {"kind":"Event","apiVersion":"audit.k8s.io/v1","level":"RequestResponse","auditID":"2e4e0e63-9bc8-47fd-8c63-c41e59edc187","stage":"ResponseComplete","requestURI":"/readyz","verb":"get","user":{"username":"system:anonymous","groups":["system:unauthenticated"]},"sourceIPs":["10.129.2.2"],"userAgent":"kube-probe/1.28","responseStatus":{"metadata":{},"code":200},"requestReceivedTimestamp":"2024-04-22T10:11:28.243542Z","stageTimestamp":"2024-04-22T10:11:28.243649Z","annotations":{"authorization.k8s.io/decision":"allow","authorization.k8s.io/reason":""}}
      [asahay@asahay-thinkpadt14sgen2i cmasanity]$ 
        

      Expected results:

           LEVEL Metadata: {"kind":"Event","apiVersion":"audit.k8s.io/v1","level":"Metadata","auditID":"4c81d41b-3dab-4675-90ce-20b87ce24013","stage":"ResponseComplete","requestURI":"/healthz","verb":"get","user":{"username":"system:anonymous","groups":["system:unauthenticated"]},"sourceIPs":["10.131.0.1"],"userAgent":"kube-probe/1.26","responseStatus":{"metadata":{},"code":200},"requestReceivedTimestamp":"2023-02-16T13:00:03.554567Z","stageTimestamp":"2023-02-16T13:00:03.555032Z","annotations":{"authorization.k8s.io/decision":"allow","authorization. 

      Additional info:

          CMA version is 2.12.1-384 

            joelsmith.redhat Joel Smith
            asahay@redhat.com Aditi Sahay
            Aditi Sahay Aditi Sahay
            Aditi Sahay
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: