Uploaded image for project: 'Red Hat OpenShift Data Science'
  1. Red Hat OpenShift Data Science
  2. RHODS-5420

Cluster admin does not get RHODS Admin access if it's the only user in the cluster

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • RHODS_1.19.0_GA
    • RHODS_1.17.0_GA
    • UI
    • False
    • None
    • False
      • cluster admin always get RHODS Admin access
      • dashboard does not report any error about fetching rolebinding
    • Release Notes
    • No
    • 1.19.0-14
    • No
    • Hide
      == Cluster admin did not get administrator access if it was the only user present in the cluster.
      Previously, when the cluster admin was the only user present in the cluster, it did not get Red Hat OpenShift administrator access automatically.
      Administrator access is now correctly applied to the cluster admin user.
      Show
      == Cluster admin did not get administrator access if it was the only user present in the cluster. Previously, when the cluster admin was the only user present in the cluster, it did not get Red Hat OpenShift administrator access automatically. Administrator access is now correctly applied to the cluster admin user.
    • Known Issue
    • No
    • Yes
    • None
    • RHODS 1.19
    • High

      Description of problem:

      It looks like when the cluster admin is the only user present in the cluster, it doesn't get the RHODS Admin access automatically. 

      The dashboard pod reports these lines of error about rolebindings:

      {"level":50,"time":1664785629417,"pid":108,"hostname":"rhods-dashboard-59bb5c9d89-6kb2f","msg":"Failed
       to list rolebindings for user, Failed to list groups filtered by 
      username."}{"level":50,"time":1664785629436,"pid":108,"hostname":"rhods-dashboard-59bb5c9d89-6kb2f","msg":"Failed
       to list rolebindings for user, Failed to list groups filtered by 
      username."}
      ...

      As soon as we created more users, it got the permissions and the logs stopped to show those errors about role binding.

       

      Pull Request:

      https://github.com/opendatahub-io/odh-dashboard/pull/725

       

      Steps to Reproduce

      1. Create a cluster (reproduced on OSD)
      2. Create only one user with cluster admin permissions (no other users in the cluster)
      3. Log in RHODS Dashboard using the cluster admin
      4. Check if the user can access the "Settings" section of RHODS
      5. create new users
      6. Check point 4) once again

      Actual results:

      • Cluster admin doesn't get RHODS Admin access if it is the only user present in the cluster
      • dashboard logs keep reporting an error about fetching role bindings

      Expected results:

      • cluster admin always get RHODS Admin access
      • dashboard does not report any error about fetching rolebinding

      Reproducibility (Always/Intermittent/Only Once):

      Tested once on a fresh OSD cluster for now. 

      Build Details:

      RHODS v1.17.0-9

      Workaround:

      • create more users
      • (To be Verified) granting cluster admin permissions to the single user instead of group (RHODS-5100). This is not verified 

      Additional info:

       

            lferrnan@redhat.com Lucas Fernandez Aragon
            rhn-support-bdattoma Berto D'Attoma
            Berto D'Attoma Berto D'Attoma
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated:
              Resolved: