Bug 1671290
Summary: | Can not login prometheus/alertmanager/grafana routes with Google IDP Authorization | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Junqi Zhao <juzhao> |
Component: | apiserver-auth | Assignee: | Erica von Buelow <evb> |
Status: | CLOSED ERRATA | QA Contact: | Chuan Yu <chuyu> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 4.1.0 | CC: | aos-bugs, juzhao, mkhan, nagrawal |
Target Milestone: | --- | Keywords: | TestBlocker |
Target Release: | 4.1.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-06-04 10:42:30 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Attachments: |
Description
Junqi Zhao
2019-01-31 10:19:01 UTC
Blocks monitoring UI test with Google IDP Created attachment 1525304 [details]
"Application is not available" in page
Can you send kubeconfig and a way to access the cluster? This will help us diagnose the issue. Junqi, looks like accessing QE cluster may be difficult for developers. Please attach kubeconfig and any relevant logs to this bug. Created attachment 1525723 [details]
"Application is not available" in page - 503 error
Created attachment 1525762 [details]
4.0.0-0.nightly-2019-01-31-184459 build, it is 500 error now
Created attachment 1525763 [details] error in prometheus-proxy container log 2019/02/01 06:59:12 oauthproxy.go:635: error redeeming code (client:10.131.0.5:57256): unable to retrieve email address for user from token: got 404 { "paths": [ "/apis", "/healthz", "/healthz/log", "/healthz/ping", "/healthz/poststarthook/oauth.openshift.io-startoauthclientsbootstrapping", "/metrics" ] } 2019/02/01 06:20:18 oauthproxy.go:635: error redeeming code (client:10.131.0.5:32912): Post https://o.apps.juzhao.qe.devcluster.openshift.com/oauth/token: x509: certificate signed by unknown authority 2019/02/01 06:20:18 oauthproxy.go:434: ErrorPage 500 Internal Error Internal Error prometheus/alertmanager/grafana routes could be accessed with $ oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.0.0-0.nightly-2019-02-12-005016 True False 1h Cluster version is 4.0.0-0.nightly-2019-02-12-005016 Images: NAME PULL SPEC cluster-monitoring-operator quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:51c040a9e285083d1f31083ac48479edce1552e53ff2bb8b3f91c62718b99fb2 grafana quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:788cb9461d4b38c4a8ef5cdac7cbdf46befea56c20f310ec4bf0c127428b908e k8s-prometheus-adapter quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:2986bc4db9ea270dc77aa1d896e3f76c98dc7bf90f1b4217e8c577a5aa6c1447 kube-rbac-proxy quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:ee82c2882ccddc2605dc92f35b3cc2b2fb5ef76e4b5a5abd9c246b9a0f988d9b kube-state-metrics quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:ed6b9bea8c80d114b4adbaf27c2dd08f1d04957d0c6aa5afb22830616a7d2642 oauth-proxy quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:59aa49bd4992ea5a792eb178a4de32743040ff12299e507f669a241b0a0f6ae4 prom-label-proxy quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:2cc3449b501b7a769cb5e60759a59bc57bcc46f03ad75875ac3efa59bb98782e prometheus quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:ab4c12ab38d078ed4c9f98a72e7ec4e20c3230d2606dbcd31f5bdf41626b7c35 prometheus-alertmanager quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:9d545f54ba476d1efe9c3209f0aec5b39c83e4098c2c8a44694301ce0d029d24 prometheus-config-reloader quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:58f065cb228dce82a21224df06062c99332972a2129ad6b40f778f840d469f84 prometheus-node-exporter quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:9fb8fbb8e955e8b3e2174e32063e40fc6762afd02c5c63b117ffcbd8cca10812 prometheus-operator quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:b3a6a9b30150beae1235ea52e45dc302883bda35213b204aeab98165216ad8f9 telemeter quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:7c736368f8135cafa3f806c8953edf6d4e33dac13a3de5ba413b37067b41af54 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0758 |