Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-5195

Need to back-port the PR https://github.com/openshift/must-gather/pull/254 to 4.9


    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • 4.9.z
    • kube-apiserver
    • Moderate
    • None
    • Rejected
    • False
    • Hide



      Description of problem:

      PR https://github.com/openshift/must-gather/pull/254, failed to cherry-pick the pr https://github.com/openshift/must-gather/pull/254 to 4.9 release. That causes incorrect output when we set the audit profile with None.One manual back-porting for the PR is required.

      Version-Release number of selected component (if applicable):

      OCP 4.9

      How reproducible:


      Steps to Reproduce:

      1. oc patch apiserver cluster -p '{"spec": {"audit": {"profile": "None"}}}' --type merge
      2. After the kube-apiserver degradation is finished.
      $ oc get pods -n openshift-kube-apiserver -l apiserver --show-labels
      $ oc adm must-gather -- /usr/bin/gather_audit_logs 

      Actual results:

      There is no similar error in output:
      [must-gather-jz6fq] POD 2021-10-21T03:17:28.472216228Z ERROR: To raise a Red Hat support request, it is required to set the top level audit policy to
      [must-gather-jz6fq] POD 2021-10-21T03:17:28.472216228Z        Default, WriteRequestBodies, or AllRequestBodies to generate audit log events that can
      [must-gather-jz6fq] POD 2021-10-21T03:17:28.472216228Z        be analyzed by support. Try 'oc edit apiservers' and set 'spec.audit.profile' back to
      [must-gather-jz6fq] POD 2021-10-21T03:17:28.472216228Z        "Default" and reproduce the issue while gathering audit logs. You can use "--force" to
      [must-gather-jz6fq] POD 2021-10-21T03:17:28.472216228Z        override this error.

      Expected results:

      Will see above similar errors.

      Additional info:





            akashem@redhat.com Abu H Kashem
            wk2019 Ke Wang
            Ke Wang Ke Wang
            0 Vote for this issue
            4 Start watching this issue