Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-41993

Console user settings resources misses ownerRef, removing a user results in remaining data

XMLWordPrintable

    • None
    • Yes
    • 1
    • ODC Sprint 3262, ODC Sprint 3263, ODC Sprint 3264, ODC Sprint 3265, ODC Sprint 3266, ODC Sprint 3267
    • 6
    • Rejected
    • False
    • Hide

      None

      Show
      None
    • Hide
      Cause: The resources created when a new user is created, is not removed automatically when the user is deleted.
      Consequence: clutters the cluster with config maps, roles and role-bindings of even deleted users
      Fix: Added ownerRefs to the resources so that they are cleared once the user is deleted.
      Result: The cluster is not cluttered anymore with unnecessary resources.
      Show
      Cause: The resources created when a new user is created, is not removed automatically when the user is deleted. Consequence: clutters the cluster with config maps, roles and role-bindings of even deleted users Fix: Added ownerRefs to the resources so that they are cleared once the user is deleted. Result: The cluster is not cluttered anymore with unnecessary resources.
    • Bug Fix
    • In Progress

      This is a clone of issue OCPBUGS-39601. The following is the description of the original issue:

      This is a clone of issue OCPBUGS-37560. The following is the description of the original issue:

      Description of problem:
      Console user settings are saved in a ConfigMap for each user in the namespace openshift-console-user-settings.

      The console frontend uses the k8s API to read and write that ConfigMap. The console backend creates a ConfigMap with a Role and RoleBinding for each user, giving that single user read and write access to his/her own ConfigMap.

      The number of Role and RoleBindings might decrease a cluster performance. This has happened in the past, esp. on the Developer Sandbox, where a long-living cluster creates new users that is then automatically removed after a month. Keeping the Role and RoleBinding results in performance issues.

      The resources had an ownerReference before 4.15 so that the 3 resources (1 ConfigMap, 1 Role, 1 RoleBinding) was automatically removed when the User resource was deleted. This ownerReference was removed with 4.15 to support external OIDC providers.

      The ask in this issue is to restore that ownerReference for the OpenShift auth provider.

      History:

      • User setting feature was introduced 2020 with 4.7 (ODC-4370) without a ownerReference for these resources.
      • After noticing performance issues on Dev Sandbox 2022 (BZ 2019564) we added an ownerReference in 4.11 (PR 11130) and backported this change 4.10 and 4.9.
      • The ownerReference was removed in 4.15 with CONSOLE-3829/OCPBUGS-16814/PR 13321. This is a regression.

      See also:

      Version-Release number of selected component (if applicable):
      4.15+

      How reproducible:
      Always

      Steps to Reproduce:

      1. Create a new user
      2. Login into the console
      3. Check for the user settings ConfigMap, Role and RoleBinding for that deleted user.
      4. Delete the user
      5. The resources should now be removed...

      Actual results:
      The three resources weren't deleted after the user was deleted.

      Expected results:
      The three resources should be deleted after the user is deleted.

      Additional info:

              avik6028 Avik Kundu
              openshift-crt-jira-prow OpenShift Prow Bot
              Sanket Pathak Sanket Pathak
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated: