Bug 1836836
Summary: | "bad response status 403 Forbidden" in prometheus container logs | ||||||
---|---|---|---|---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Junqi Zhao <juzhao> | ||||
Component: | Monitoring | Assignee: | Simon Pasquier <spasquie> | ||||
Status: | CLOSED DUPLICATE | QA Contact: | Junqi Zhao <juzhao> | ||||
Severity: | low | Docs Contact: | |||||
Priority: | low | ||||||
Version: | 4.5 | CC: | alegrand, anpicker, erooth, kakkoyun, lcosic, mloibl, pkrupa, spasquie, surbania | ||||
Target Milestone: | --- | Keywords: | Regression | ||||
Target Release: | 4.5.0 | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | If docs needed, set a value | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2020-05-20 15:46:02 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Junqi Zhao
2020-05-18 09:52:17 UTC
Created attachment 1689566 [details]
monitoring dump file, see logs here
From alertmanager-main-0-alertmanager-proxy.log: 2020/05/17 23:37:26 http.go:107: HTTPS: listening on [::]:9095 2020/05/18 02:52:45 provider.go:394: authorizer reason: 2020/05/18 02:52:51 provider.go:394: authorizer reason: 2020/05/18 02:52:59 provider.go:394: authorizer reason: E0518 03:18:48.415073 1 webhook.go:197] Failed to make webhook authorizer request: subjectaccessreviews.authorization.k8s.io is forbidden: User "system:serviceaccount:openshift-monitoring:alertmanager-main" cannot create resource "subjectaccessreviews" in API group "authorization.k8s.io" at the cluster scope 2020/05/18 03:18:48 oauthproxy.go:782: requestauth: 10.128.0.47:38884 subjectaccessreviews.authorization.k8s.io is forbidden: User "system:serviceaccount:openshift-monitoring:alertmanager-main" cannot create resource "subjectaccessreviews" in API group "authorization.k8s.io" at the cluster scope 2020/05/18 06:00:09 provider.go:394: authorizer reason: 2020/05/18 06:00:18 provider.go:394: authorizer reason: Closing as a duplicate because this is exactly the same error than returned by the Kubernetes API in bug 1832825. *** This bug has been marked as a duplicate of bug 1832825 *** |