Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-42413

proxyUrl is not injected to UWM prometheus CR while the remoteWrite.url is not in the noProxy list

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Duplicate
    • Icon: Normal Normal
    • None
    • 4.17.0, 4.18.0
    • Monitoring
    • None
    • Moderate
    • None
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      from OCPBUGS-38289, if the in-platform prometheus remoteWrite.url is in the noProxy list, the proxyUrl would not inject to in-platform prometheus CR, otherwise the proxyUrl would inject to in-platform prometheus CR. is the fix only fit for in-platform prometheus? checked for UWM prometheus, the rule does not work.

      https_proxy

      $ oc get proxy/cluster -oyaml
      apiVersion: config.openshift.io/v1
      kind: Proxy
      metadata:
        creationTimestamp: "2024-09-24T08:04:04Z"
        generation: 1
        name: cluster
        resourceVersion: "533"
        uid: 4e95d371-d831-4828-8f7c-768a6e3f4873
      spec:
        httpProxy: http://proxy-user2:***@***:3128
        httpsProxy: https://proxy-user2:***@***:3130
        noProxy: rhos-d.infra.prod.upshift.rdu2.redhat.com
        trustedCA:
          name: user-ca-bundle
      status:
        httpProxy: http://proxy-user2:***@***:3128
        httpsProxy: https://proxy-user2:***@***:3130
        noProxy: .cluster.local,.svc,10.128.0.0/14,127.0.0.1,169.254.169.254,172.30.0.0/16,192.168.0.0/18,api-int.***.qe.devcluster.openshift.com,localhost,rhos-d.infra.prod.upshift.rdu2.redhat.com

      1. set UWM prometheus remoteWrite.url as "http://test-remotewrite.test.svc.cluster.local:9090" which the domain is in the noProxy list

      apiVersion: v1
      data:
        config.yaml: |
          prometheus:
            remoteWrite:
              - url: http://test-remotewrite.test.svc.cluster.local:9090
      kind: ConfigMap
      metadata:
        name: user-workload-monitoring-config
        namespace: openshift-user-workload-monitoring

      proxyUrl is not injected to UWM prometheus CR, which is expected

      $ oc -n openshift-user-workload-monitoring get prometheus user-workload -o jsonpath='{.spec.remoteWrite}' | jq
      [
        {
          "url": "http://test-remotewrite.test.svc.cluster.local:9090",
          "writeRelabelConfigs": [
            {
              "action": "replace",
              "replacement": "824d2ee9-87cf-481b-b66e-30933e0dfae6",
              "targetLabel": "__tmp_openshift_cluster_id__"
            },
            {
              "action": "labeldrop",
              "regex": "__tmp_openshift_cluster_id__"
            }
          ]
        }
      ]
      

      2. set the UWM prometheus remoteWrite.url to http://remote-storage.example.com:9090/api/v1/write, which is not in the noProxy list, see configmap

      apiVersion: v1
      data:
        config.yaml: |
          prometheus:
            remoteWrite:
              - url: http://remote-storage.example.com:9090/api/v1/write
      kind: ConfigMap
      metadata:
        name: user-workload-monitoring-config
        namespace: openshift-user-workload-monitoring

      proxyUrl should be injected to UWM prometheus CR prometheus user-workload, but it did not

      $ oc -n openshift-user-workload-monitoring get prometheus user-workload -o jsonpath='{.spec.remoteWrite}' | jq
      [
        {
          "url": "http://remote-storage.example.com:9090/api/v1/write",
          "writeRelabelConfigs": [
            {
              "action": "replace",
              "replacement": "824d2ee9-87cf-481b-b66e-30933e0dfae6",
              "targetLabel": "__tmp_openshift_cluster_id__"
            },
            {
              "action": "labeldrop",
              "regex": "__tmp_openshift_cluster_id__"
            }
          ]
        }
      ]

      Version-Release number of selected component (if applicable):

      4.18.0-0.nightly-2024-09-23-182657

      How reproducible:

      always

      Steps to Reproduce:

      1. see the description
          

      Actual results:

      proxyUrl is not injected to UWM prometheus CR while the remoteWrite.url is not in the noProxy list

      Expected results:

      proxyUrl should be injected to UWM prometheus CR while the remoteWrite.url is not in the noProxy list

      Additional info:

       

              rh-ee-amrini Ayoub Mrini
              juzhao@redhat.com Junqi Zhao
              Junqi Zhao Junqi Zhao
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: