Bug 1785194
Summary: | Don't gather pod endpoints using tokens | |||
---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Maciej Szulik <maszulik> | |
Component: | oc | Assignee: | Maciej Szulik <maszulik> | |
Status: | CLOSED ERRATA | QA Contact: | zhou ying <yinzhou> | |
Severity: | unspecified | Docs Contact: | ||
Priority: | unspecified | |||
Version: | 4.3.0 | CC: | aos-bugs, jokerman, mfojtik | |
Target Milestone: | --- | |||
Target Release: | 4.4.0 | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | No Doc Update | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1785201 (view as bug list) | Environment: | ||
Last Closed: | 2020-05-04 11:20:43 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1785201 |
Description
Maciej Szulik
2019-12-19 11:23:08 UTC
Confirmed with latest oc client, the issue has fixed: [root@dhcp-140-138 ~]# rpm -q openshift-clients openshift-clients-4.4.0-202001090623.git.1.b589d0e.el7.x86_64 When use cluster-admin, could see endpoints of healthz in the result; When use normal-user with cluster-admin role , could not see endpoints of healthz in the result, and can find logs like: [zhouying@dhcp-140-138 ~]$ cat testuser-21-runtime |grep "Skipping container endpoint" I0109 17:48:26.292427 24260 pod.go:71] Skipping container endpoint collection for pod "kube-apiserver-operator-58fbdb9548-87mc9" container "kube-apiserver-operator": Using token authentication I0109 17:48:55.351001 24260 pod.go:71] Skipping container endpoint collection for pod "kube-apiserver-ip-10-0-138-150.us-east-2.compute.internal" container "kube-apiserver-5": Using token authentication ... Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:0581 |