Bug 1794825

Summary: Operator-defined namespace that requests monitoring should fully warn user of implications of enabling [openshift-4.4]
Product: OpenShift Container Platform Reporter: Peter Kreuser <pkreuser>
Component: Management ConsoleAssignee: Jakub Hadvig <jhadvig>
Status: CLOSED ERRATA QA Contact: Yadan Pei <yapei>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 4.4CC: aos-bugs, bparees, bpeterse, hasha, jhadvig, jokerman, lcosic, surbania
Target Milestone: ---   
Target Release: 4.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Please note that installing non RedHat operators into openshift namespaces and enabling monitoring voids user support. Enabling cluster monitoring for non RedHat operators can lead to malicious metrics data overriding existing cluster metrics. See https://docs.openshift.com/container-platform/4.2/monitoring/cluster-monitoring/configuring-the-monitoring-stack.html#maintenance-and-support_configuring-monitoring for details.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-05-04 11:26:45 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1799051    
Bug Blocks:    

Description Peter Kreuser 2020-01-24 19:17:27 UTC 
Description of problem:

The operator-defined namespace story implemented in sprint 178 included the option for the admin to enable monitoring on the namespace the operator is installed in.

The text for the checkbox that enables this as implemented reads:
[  ] Enable operator recommended cluster monitoring on this namespace
Note: Enabling monitoring will allow any operator or workload running on this namespace to contribute metrics to the cluster metric set.

There was thought that this text should convey what the implications of allowing any workload to contribute metrics are. This could happen inline in the text or some linked help or KB article. 

Story:
https://github.com/openshift/console/pull/3862


Version-Release number of selected component (if applicable):
4.4

How reproducible:
Always

Steps to Reproduce:
1.Install an operator that requests monitoring be enabled on the install namespace
2.Checkbox will be presented
Comment 4 shahan 2020-02-14 03:55:42 UTC 
install operatorHub-> logging, the subscription creation form will have checkbox to allow users enable cluster monitoring in the openshift-logging namespace.
the namespace labeled with openshift.io/cluster-monitoring=true
Verified this bug
4.4.0-0.nightly-2020-02-13-212616
Comment 6 errata-xmlrpc 2020-05-04 11:26:45 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0581