-
Bug
-
Resolution: Done
-
Undefined
-
4.19.z
-
None
Description of problem:
Cluster-autoscaler in OpenShift 4.19.17 is missing RBAC permissions ``` for volumeattachments, causing errors: failed to list *v1.VolumeAttachment: volumeattachments.storage.k8s.io is forbidden: User "system:serviceaccount:openshift-machine-api:cluster-autoscaler" cannot list resource "volumeattachments" in API group "storage.k8s.io" at the cluster scope ``` Fix was merged to main in commit eb9d8e9 (Aug 21, 2025) and included in AUTOSCALE-244 for OpenShift 4.20, but never backported to 4.19 release branch. https://github.com/openshift/cluster-autoscaler-operator/commit/eb9d8e95aea25c6235a20fd5522d77856b294552 References: - Upstream: kubernetes/autoscaler#7663 - OpenShift PR: openshift/cluster-autoscaler-operator#351 - OpenShift JIRA: AUTOSCALE-244 (4.20 only) - Commit: eb9d8e95aea25c6235a20fd5522d77856b294552 Workaround is not working as patching the clusterrole gets overwritten, so the error comes back after a while.
Version-Release number of selected component (if applicable):
How reproducible:
Steps to Reproduce:
1. Deploy OpenShift 4.19.x cluster with cluster-autoscaler enabled 2. Check cluster-autoscaler pod logs in openshift-machine-api namespace 3. Observe volumeattachment permission errors
Actual results:
Expected results:
Additional info:
- impacts account
-
AUTOSCALE-244 Release chores 4.20 for Cluster Autoscaler
-
- Closed
-
- is cloned by
-
-
- Closed
-
- is depended on by
-
-
- Closed
-
